SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Episodes

Mentioned books

Sep 4, 2020 • 6min

ISC StormCast for Friday, September 4th 2020

Sandbox Evasion Using NTP https://isc.sans.edu/forums/diary/Sandbox+Evasion+Using+NTP/26534/ Android DNS over HTTPS https://blog.chromium.org/2020/09/a-safer-and-more-private-browsing.html Cisco Jabber Vulnerability Fullowup https://watchcom.no/nyheter/nyhetsarkiv/uncovers-cisco-jabber-vulnerabilities/

Sep 3, 2020 • 6min

ISC StormCast for Thursday, September 3rd 2020

Python and Risky Windows API Calls https://isc.sans.edu/forums/diary/Python+and+Risky+Windows+API+Calls/26530/ QNAP Updates https://www.qnap.com/en/release-notes/qts/4.3.6.1411/20200825 https://www.qnap.com/en/release-notes/qts/4.4.3.1400/20200817 iOS 13.7 Update https://support.apple.com/en-us/HT201222 Cisco Jabber Update https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-jabber-UyTKCPGg MoFi Router Vulnerabilities https://www.criticalstart.com/critical-vulnerabilities-discovered-in-mofi-routers/

Sep 2, 2020 • 7min

ISC StormCast for Wednesday, September 2nd 2020

Exposed Domain Controllers Used in DDoS Attacks https://isc.sans.edu/forums/diary/Exposed+Windows+Domain+Controllers+Used+in+CLDAP+DDoS+Attacks/26526/ Microsoft Reviving SHA-1 https://techcommunity.microsoft.com/t5/microsoft-security-baselines/security-baseline-for-microsoft-edge-version-85/ba-p/1618585 Trend Micro Updating Anti Malware Products https://success.trendmicro.com/solution/000263632 Public Voter Data Sold as "Breach" https://www.cyberscoop.com/russia-hack-michigan-voter-data-kommersant/

Sep 1, 2020 • 5min

ISC StormCast for Tuesday, September 1st 2020

Finding The Original Maldoc https://isc.sans.edu/forums/diary/Finding+The+Original+Maldoc/26520/ Slack Remote Code Execution https://hackerone.com/reports/783877 Apple Approved Malware https://objective-see.com/blog/blog_0x4E.html Cisco IOS XR Bug Exploited https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz

Aug 31, 2020 • 7min

ISC StormCast for Monday, August 31st 2020

CenturyLink Outage https://blog.cloudflare.com/analysis-of-todays-centurylink-level-3-outage/ New Zealand Stock Market Denial of Service Attack https://www.theregister.com/2020/08/27/nzx_ddos_third_day/ Pulse Connect Secure RCE Patch https://www.gosecure.net/blog/2020/08/26/forget-your-perimeter-rce-in-pulse-connect-secure/

Aug 28, 2020 • 7min

ISC StormCast for Friday, August 28th 2020

A Reminder about Security.txt https://isc.sans.edu/forums/diary/Securitytxt+one+small+file+for+an+admin+one+giant+help+to+a+security+researcher/26510/ DNS Queries to Root Name Servers https://blog.apnic.net/2020/08/21/chromiums-impact-on-root-dns-traffic/ https://www.zdnet.com/article/chromium-dns-hijacking-detection-accused-of-being-around-half-of-all-root-queries/ Microsoft Extends Windows 10 1803 Deadline https://support.microsoft.com/en-us/help/13853/windows-lifecycle-fact-sheet LemonDuck Adding New Tricks https://news.sophos.com/en-us/2020/08/25/lemon_duck-cryptominer-targets-cloud-apps-linux/

Aug 27, 2020 • 6min

ISC StormCast for Thursday, August 27th 2020

Malicious Excel Sheet with a NULL VT Score https://isc.sans.edu/forums/diary/Malicious+Excel+Sheet+with+a+NULL+VT+Score/26506/ APT Attack Uses Autodesk Plugin https://www.bitdefender.com/files/News/CaseStudies/study/365/Bitdefender-PR-Whitepaper-APTHackers-creat4740-en-EN-GenericUse.pdf Firefox Update https://www.mozilla.org/en-US/security/advisories/mfsa2020-36/ Arrest in Insider Attack https://www.justice.gov/opa/press-release/file/1308766/download

Aug 26, 2020 • 5min

ISC StormCast for Wednesday, August 26th 2020

Keep an Eye on LOLBins https://isc.sans.edu/forums/diary/Keep+An+Eye+on+LOLBins/26502/ Malicious iOS Adnetwork SDK https://snyk.io/research/sour-mint-malicious-sdk/ Apache Update https://httpd.apache.org/security/vulnerabilities_24.html Google Chrome User-Agent Client Hints https://web.dev/user-agent-client-hints/

Aug 25, 2020 • 6min

ISC StormCast for Tuesday, August 25th 2020

Tracking a Malware Campaign Through VT https://isc.sans.edu/forums/diary/Tracking+A+Malware+Campaign+Through+VT/26498/ Zoom Outage https://www.cnn.com/2020/08/24/us/zoom-outage-worldwide-trnd/index.html RDP Remains a Top Target https://www.group-ib.com/media/iran-cybercriminals/?utm_source=bleeping_computer&utm_medium=article&utm_campaign=referral Microsoft Introduces Application Guard https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/install-app-guard?view=o365-worldwide Safari File Sharing Bug https://blog.redteam.pl/2020/08/stealing-local-files-using-safari-web.html

Aug 24, 2020 • 7min

ISC StormCast for Monday, August 24th 2020

A Word of Caution: Helping Cyber Stalking Victims https://isc.sans.edu/forums/diary/A+Word+of+Caution+Helping+Out+People+Being+Stalked+Online/26422/ RDP and Telnet Scans https://isc.sans.edu/forums/diary/Remote+Desktop+TCP3389+and+Telnet+TCP23+What+might+they+have+in+Common/26492/ Thales Cinterion Input Validation Vulnerability https://www.thalesgroup.com/en/markets/digital-identity-and-security/iot/resources/security-updates-cinterion-iot-modules Google Drive File Extension Spoofing https://thehackernews.com/2020/08/google-drive-file-versions.html

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

App store banner

Play store banner