SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Episodes
Mentioned books
Jun 11, 2020 • 6min
ISC StormCast for Thursday, June 11th 2020
Job Application Themed Malspam Pushes ZLoader
https://isc.sans.edu/forums/diary/Job+applicationthemed+malspam+pushes+ZLoader/26222/
More Expiring Root CAs
https://scotthelme.co.uk/impending-doom-root-ca-expiring-legacy-clients/
Black Lives Matter Themed Malware
https://www.bleepingcomputer.com/news/security/fake-black-lives-matter-voting-campaign-spreads-trickbot-malware/
Jun 10, 2020 • 6min
ISC StormCast for Wednesday, June 10th 2020
Microsoft Patch Day
https://isc.sans.edu/forums/diary/Microsoft+June+2020+Patch+Tuesday/26220/
SMBleed
https://github.com/ZecOps/CVE-2020-1206-POC
Adobe Patches
https://helpx.adobe.com/security.html
Intel Patch Day
https://blogs.intel.com/technology/2020/06/ipas-security-advisories-for-june-2020/?linkId=100000012832617
Jun 9, 2020 • 7min
ISC StormCast for Tuesday, June 9th 2020
Translating BASE64 Obfuscated Scripts
https://isc.sans.edu/forums/diary/Translating+BASE64+Obfuscated+Scripts/26214/
Fake Ransomware Decryptor
https://www.bleepingcomputer.com/news/security/fake-ransomware-decryptor-double-encrypts-desperate-victims-files/
GNUTLS TLS 1.3 Machine in the Middle
https://gitlab.com/gnutls/gnutls/-/issues/1011
CallStranger UPNP Vulnerability
https://callstranger.com/
Shellcode Analysis 101
https://www.sans.org/webcasts/sansatmic-shellcode-analysis-101-114160
Jun 8, 2020 • 6min
ISC StormCast for Monday, June 8th 2020
PHP FastCGI Attacks
https://isc.sans.edu/forums/diary/Not+so+FastCGI/26208/
Protest Cybersecurity
https://isc.sans.edu/forums/diary/Cyber+Security+for+Protests/26210/
uBlock Origin Blocks Portscans
https://www.bleepingcomputer.com/news/security/ublock-origin-ad-blocker-now-blocks-port-scans-on-most-sites/
QNAP Vulnerability
https://www.qnap.com/en/security-advisory/qsa-20-01
Jun 5, 2020 • 13min
ISC StormCast for Friday, June 5th 2020
Anti-Debugging Technique Based on Memory Protection
https://isc.sans.edu/forums/diary/AntiDebugging+Technique+based+on+Memory+Protection/26200/
Suspending Suspicious Domain Feed/Update to Researcher IP Feed
https://isc.sans.edu/forums/diary/Suspending+Suspicious+Domain+Feed+Update+to+Researcher+IP+Feed/26204/
Bank Transaction Comments Used for Abusive Messages
https://www.theregister.com/2020/06/04/commonwealth_bank_bans_indecent_transaction_descriptions/
Android Security Bulletin
https://source.android.com/security/bulletin/2020-06-01
Android Wallpaper Crash
https://www.androidauthority.com/android-wallpaper-crash-1124577/
STI Research Paper: Janusz Pazgier; Efficacy of UNIX HIDS
https://www.sans.org/reading-room/whitepapers/detection/efficacy-unix-hids-39565
Jun 4, 2020 • 6min
ISC StormCast for Thursday, June 4th 2020
Polish Malspam Pushes ZLoader Malware
https://isc.sans.edu/forums/diary/Polish+malspam+pushes+ZLoader+malware/26196/
Cisco Patches IP-in-IP Flaw
https://securityaffairs.co/wordpress/104192/security/ip-in-ip-flaw-cisco.html
Zoom Fixes Two Critical Flaws
https://blog.talosintelligence.com/2020/06/vuln-spotlight-zoom-code-execution-june-2020.html
Firefox Disables Automatic DNS over HTTPS Selection to Prevent DDoS
https://www.mozilla.org/en-US/firefox/77.0.1/releasenotes/
Jun 3, 2020 • 6min
ISC StormCast for Wednesday, June 3rd 2020
Type 2 Strackstrings
https://isc.sans.edu/forums/diary/Stackstrings+type+2/26192/
More Details About AddTrust External CA Root Expiration
https://www.agwa.name/blog/post/fixing_the_addtrust_root_expiration
VMWare Cloud Director Vulnerability and Exploit
https://citadelo.com/en/blog/full-infrastructure-takeover-of-vmware-cloud-director-CVE-2020-3956/
Jun 2, 2020 • 7min
ISC StormCast for Tuesday, June 2nd 2020
Apple Patches Unc0ver
https://support.apple.com/en-us/HT201222
Office 365 Adds Details About Malicious E-Mail Attachments
https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=64570
Impact of Research on Our Data
https://isc.sans.edu/forums/diary/The+Impact+of+Researchers+on+Our+Data/26182/
Jun 1, 2020 • 6min
ISC StormCast for Monday, June 1st 2020
Sectigo AddTrust CA Expired
https://support.sectigo.com/articles/Knowledge/Sectigo-AddTrust-External-CA-Root-Expiring-May-30-2020
Critical Sign In With Apple Flaw
https://bhavukjain.com/blog/2020/05/30/zeroday-signin-with-apple/
DABANGG: Refined Flush Based Cache Attacks
https://www.cse.iitk.ac.in/users/biswap/DABANGG.pdf
New Website Explaining FIDO
https://loginwithfido.com/
May 29, 2020 • 19min
ISC StormCast for Friday, May 29th 2020
USBFuzz Finds Numerous USB Flaws
https://www.nebelwelt.net/files/20SEC3.pdf
Cisco Products Vulnerable to Saltstack Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-salt-2vx545AG
Another Nail in the Coffin for SHA-1
https://eprint.iacr.org/2020/014.pdf
STI Student: Andy Piazza; Qualifying Threat Actor Assessments
https://www.sans.org/reading-room/whitepapers/threatintelligence/paper/39585
