SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Episodes
Mentioned books
May 28, 2020 • 7min
ISC StormCast for Thursday, May 28th 2020
Phishing With Google Cloud
https://isc.sans.edu/forums/diary/Frankensteins+phishing+using+Google+Cloud+Storage/26174/
Trend Micro AntiVirus Blocked by Microsoft
https://billdemirkapi.me/How-to-use-Trend-Micro-Rootkit-Remover-to-Install-a-Rootkit/
Netgear Nighthawk Firmware Update Vulnerability
https://iot-lab-fh-ooe.github.io/netgear_update_vulnerability/
May 27, 2020 • 6min
ISC StormCast for Wednesday, May 27th 2020
Where is SHA3
https://isc.sans.edu/forums/diary/Seriously+SHA3+where+art+thou/26170/
Apple Updates
https://support.apple.com/en-us/HT201222
Google ZDI Releases Details Regarding Unpatched Windows Vulnerabilities
https://www.zerodayinitiative.com/advisories/ZDI-20-666/
https://www.zerodayinitiative.com/advisories/ZDI-20-665/
https://www.zerodayinitiative.com/advisories/ZDI-20-663/
https://www.zerodayinitiative.com/advisories/ZDI-20-662/
https://www.zerodayinitiative.com/advisories/ZDI-20-664/
Research into Phish Detection
https://medium.com/@curtbraz/these-arent-the-phish-you-re-looking-for-7374c3986af5
May 26, 2020 • 7min
ISC StormCast for Tuesday, May 26th 2020
Malicious PowerPoint Add-Ins Deliver Malware
https://isc.sans.edu/forums/diary/AgentTesla+Delivered+via+a+Malicious+PowerPoint+AddIn/26162/
Virtual Machine Delivers Malware
https://news.sophos.com/en-us/2020/05/21/ragnar-locker-ransomware-deploys-virtual-machine-to-dodge-security/
iOS Patch Analysis
https://blog.zecops.com/vulnerabilities/hidden-demons-maildemon-patch-analysis-ios-13-4-5-beta-vs-ios-13-5/
eBay Port Scanning
https://www.ghacks.net/2020/05/25/ebay-is-port-scanning-your-system-when-you-load-the-webpage/
iPhone Jailbreak
https://thehackernews.com/2020/05/iphone-ios-jailbreak-tools.html
SANSFIRE
https://isc.sans.edu/sansfire
May 22, 2020 • 6min
ISC StormCast for Friday, May 22nd 2020
Malware Triage with FLOSS: API Calls Based Behavior
https://isc.sans.edu/forums/diary/Malware+Triage+with+FLOSS+API+Calls+Based+Behavior/26156/
Verizon Breach Report
https://enterprise.verizon.com/resources/reports/dbir/
Apple Updates
https://support.apple.com/en-us/HT201222
Sophos Firewall Vulnerability Exploit
https://news.sophos.com/en-us/2020/05/21/asnarok2/
May 21, 2020 • 6min
ISC StormCast for Thursday, May 21st 2020
IceID Malware Update
https://isc.sans.edu/forums/diary/Microsoft+Word+document+with+malicious+macro+pushes+IcedID+Bokbot/26146/
NXNSAttack DNS Amplification
https://www.nxnsattack.com/
https://en.blog.nic.cz/2020/05/19/nxnsattack-upgrade-resolvers-to-stop-new-kind-of-random-subdomain-attack/
Adobe Updates
https://helpx.adobe.com/security.html
May 20, 2020 • 7min
ISC StormCast for Wednesday, May 20th 2020
Spike of Scans for Port 62234
https://isc.sans.edu/forums/diary/What+is+up+on+Port+62234/26144/
Cisco Patches
https://tools.cisco.com/security/center/publicationListing.x
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-info-disclose-9eJtycMB
Google Chrome 83 Released
https://chromereleases.googleblog.com/
QNAP Vulnerability Details Released
https://medium.com/bugbountywriteup/qnap-pre-auth-root-rce-affecting-450k-devices-on-the-internet-d55488d28a05
ISC YouTube Channel
https://www.youtube.com/channel/UCfbOsqPmWg1H_34hTjKEW2A
May 19, 2020 • 6min
ISC StormCast for Tuesday, May 19th 2020
Antivirus & Multiple Detections
https://isc.sans.edu/forums/diary/Antivirus+Multiple+Detections/26134/
Office 365 Returning Search Results from Other Organizations
https://www.theregister.co.uk/2020/05/18/microsoft_office_365_internal_search_mixup/
MagicPairing Vulnerabilities
https://arxiv.org/pdf/2005.07255.pdf
BIAS: Bluetooth Impersonation AttackS
https://francozappa.github.io/about-bias/
May 18, 2020 • 6min
ISC StormCast for Monday, May 18th 2020
OWA Scans
https://isc.sans.edu/forums/diary/Scanning+for+Outlook+Web+Access+OWA+Microsoft+Exchange+Control+Panel+ECP/26132/
Edison iOS E-Mail Client Leaks Data
https://www.theverge.com/2020/5/16/21260967/edison-mail-update-ios-security-bug
COMpfun Malware Uses Status Codes to Communicate
https://securelist.com/compfun-http-status-based-trojan/96874/
PAN OS Patches
https://securityaffairs.co/wordpress/103265/security/palo-alto-networks-pan-os-flaws.html
May 15, 2020 • 6min
ISC StormCast for Friday, May 15th 2020
Rethinking Severity
https://isc.sans.edu/forums/diary/Patch+Tuesday+Revisited+CVE20201048+isnt+as+Medium+as+MS+Would+Have+You+Believe/26124/
Top Exploited Vulnerabilities
https://www.us-cert.gov/ncas/alerts/aa20-133a
Zerodium Drops Payouts For iOS/Safari Exploits
https://twitter.com/Zerodium/status/1260541578747064326?s=20
BigIP Edge Client Vulenrability
https://support.f5.com/csp/article/K20346072
May 14, 2020 • 6min
ISC StormCast for Thursday, May 14th 2020
Malspam with Links to ZIP Archives Pushes Dridex Malware
https://isc.sans.edu/forums/diary/Malspam+with+links+to+zip+archives+pushes+Dridex+malware/26116/
Ramsay Cyber Espionage Toolkit
https://www.welivesecurity.com/2020/05/13/ramsay-cyberespionage-toolkit-airgapped-networks/
Windows DNS over HTTPS Preview
https://techcommunity.microsoft.com/t5/networking-blog/windows-insiders-can-now-test-dns-over-https/ba-p/1381282#
ISC Handler Series (SANSFIRE)
https://www.sans.org/event/sansfire-2020/bonus-sessions/
