SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Episodes

Mentioned books

Oct 5, 2020 • 6min

ISC StormCast for Monday, October 5th 2020

Analysis of a Phishing Kit https://isc.sans.edu/forums/diary/Analysis+of+a+Phishing+Kit/26634/ Hoaxcalls Botnet Scanning for Huawei Home Gateway https://isc.sans.edu/forums/diary/Scanning+for+SOHO+Routers/26638/ SQL Server Cumulative Update 8 https://support.microsoft.com/en-us/help/4577194/cumulative-update-8-for-sql-server-2019 Telstra Accidentially Reroutes Proton Mail Traffic https://protonmail.com/blog/bgp-hijacking-september-2020/ "Raccine" Ransomware Vaccine https://github.com/Neo23x0/Raccine

Oct 2, 2020 • 5min

ISC StormCast for Friday, October 2nd 2020

Making Sensor of Azure AD Activity Logs https://isc.sans.edu/forums/diary/Making+sense+of+Azure+AD+AAD+activity+logs/26626/ IOCs Turning into IOOIs https://isc.sans.edu/forums/diary/IOCs+turning+into+IOOIs/26624/ Apple Security Patch Pulled https://mrmacintosh.com/mojave-2020-005-security-update-causing-major-problems-updated Have I Been EMOTET Service https://www.haveibeenemotet.com/

Oct 1, 2020 • 6min

ISC StormCast for Thursday, October 1st 2020

Scans for FPURL.xml: Reconnaissance or Not? https://isc.sans.edu/forums/diary/Scans+for+FPURLxml+Reconnaissance+or+Not/26622/ HP Device Manager Backdoor https://support.hp.com/us-en/document/c06921908 https://www.theregister.com/2020/09/30/hp_device_manager_backdoor_database_account/ KensingtonWorks RCE https://robertheaton.com/another-rce-in-kensingtonworks/

Sep 30, 2020 • 5min

ISC StormCast for Wednesday, September 30th 2020

Managing Remote Access for Contractors and Partners https://isc.sans.edu/forums/diary/Managing+Remote+Access+for+Partners+Contractors/26614/#comments Updated Windows ZeroLogon Advisory https://support.microsoft.com/en-us/help/4557222/how-to-manage-the-changes-in-netlogon-secure-channel-connections-assoc Cisco Patching Exploited DoS Vulnerabilities https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz FoxIT PDF Reader Update https://www.foxitsoftware.com/support/security-bulletins.html

Sep 29, 2020 • 6min

ISC StormCast for Tuesday, September 29th 2020

Some Tyler Technologies Customers Targeted after Breach https://isc.sans.edu/forums/diary/Some+Tyler+Technologies+Customers+Targeted+with+The+Installation+of+a+Bomgar+Client/26610/ Obfuscated PowerShell Backdoor https://isc.sans.edu/forums/diary/PowerShell+Backdoor+Launched+from+a+ShellCode/26602/ QNAP Fixes AgeLocker Vulnerability in Photo Station https://www.qnap.com/de-de/security-advisory/qsa-20-06 TrendMicro Apex One Vulnerablity https://success.trendmicro.com/product-support/apex-one

Sep 28, 2020 • 6min

ISC StormCast for Monday, September 28th 2020

Securing Exchange Online https://isc.sans.edu/forums/diary/Securing+Exchange+Online+Guest+Diary/26600/ Decoding Corrupt BASE64 https://isc.sans.edu/forums/diary/Decoding+Corrupt+BASE64+Strings/26606/ Fortinet VPN Default Setting Problem https://securingsam.com/breaching-the-fort/ Single Use Credit Cards Numbers https://www.helpnetsecurity.com/2020/09/25/privacy-cards/

Sep 25, 2020 • 6min

ISC StormCast for Friday, September 25th 2020

Party in Ibiza with PowerShell https://isc.sans.edu/forums/diary/Party+in+Ibiza+with+PowerShell/26594/ Microsoft Tracking Zerologon Exploits https://twitter.com/MsftSecIntel/status/1308941504707063808 Apple Patches https://support.apple.com/en-us/HT201222 Instagram for Android Vulnerability https://blog.checkpoint.com/2020/09/24/instahack-how-researchers-were-able-to-take-over-the-instagram-app-using-a-malicious-image/

Sep 24, 2020 • 6min

ISC StormCast for Thursday, September 24th 2020

Dynamic Malicious Word Document https://isc.sans.edu/forums/diary/Malicious+Word+Document+with+Dynamic+Content/26590/ Old Versions of SAMBA Affected by ZeroLogon Vulnerability https://www.samba.org/samba/security/CVE-2020-1472.html Google Chrome Update https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop_21.html QNAP Devices hit by AgeLocker Ransomware https://www.bleepingcomputer.com/news/security/agelocker-ransomware-targets-qnap-nas-devices-steals-data/

Sep 23, 2020 • 6min

ISC StormCast for Wednesday, September 23rd 2020

Citrix ADC Udpates https://support.citrix.com/article/CTX281474 Firefox Version 81 Released https://www.mozilla.org/en-US/firefox/81.0/releasenotes/ Simple Scan Drops Ransomware Risk https://www.accesswire.com/607018/Corvus-Updates-Scan-Technology-with-RDP-Detection-Slashes-Ransomware-Claims-by-65 iOS 14 Jailbreak https://checkra.in/news/2020/09/iOS-14-announcement

Sep 22, 2020 • 6min

ISC StormCast for Tuesday, September 22nd 2020

Slightly Broken Overlay Phishing https://isc.sans.edu/forums/diary/Slightly+broken+overlay+phishing/26586/ MacOS Code Injection via Third Party Frameworks https://www.trustedsec.com/blog/macos-injection-via-third-party-frameworks Snort/ClamAV Cobalt Strike Detection https://blog.talosintelligence.com/2020/09/coverage-strikes-back-cobalt-strike-paper.html#more

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

App store banner

Play store banner