SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Episodes

Mentioned books

Jan 23, 2020 • 6min

ISC StormCast for Thursday, January 23rd 2020

German Malspam Pushing Ursnif https://isc.sans.edu/forums/diary/German+language+malspam+pushes+Ursnif/25732/ Tracking Users Using Safari's Intelligent Tracking Prevention https://arxiv.org/pdf/2001.07421.pdf Muhstik Botnet Targeting Tomato Routers https://unit42.paloaltonetworks.com/muhstik-botnet-attacks-tomato-routers-to-harvest-new-iot-devices/ Cisco Firepower Management Center LDAP Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-fmc-auth

Jan 22, 2020 • 6min

ISC StormCast for Wednesday, January 22nd 2020

DeepBlueCLI https://isc.sans.edu/forums/diary/DeepBlueCLI+Powershell+Threat+Hunting/25730/ https://github.com/sans-blue-team/DeepBlueCLI EFS Ransomware https://safebreach.com/Post/EFS-Ransomware Fake Leak Compensation https://www.kaspersky.com/blog/data-leak-compensation-scam/32057/ Criminals Use Fake Job Sites to Defraud Victims https://www.ic3.gov/media/2020/200121.aspx

Jan 21, 2020 • 6min

ISC StormCast for Tuesday, January 21st 2020

Twist on Sextortion https://www.dailymail.co.uk/sciencetech/article-7886055/Sextortion-campaign-targets-users-Google-Nest-smart-camera.html Emotet Uses Extortion to Infect Systems https://www.bleepingcomputer.com/news/security/emotet-malware-dabbles-in-extortion-with-new-spam-template/ Lastpass Outage https://www.theregister.co.uk/2020/01/20/lastpass_outage/ Netgear Signed TLS Cert Private Key Disclosure https://gist.github.com/nstarke/a611a19aab433555e91c656fe1f030a9

Jan 20, 2020 • 6min

ISC StormCast for Monday, January 20th 2020

Microsoft Scripting Engine Memory Corruption Vulnerability https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV200001 CVE-2020-0601 Update https://isc.sans.edu/forums/diary/Summing+up+CVE20200601+or+the+Lets+Decrypt+vulnerability/25720/ Curveball Update https://www.citrix.com/blogs/2020/01/19/vulnerability-update-first-permanent-fixes-available-timeline-accelerated/ https://isc.sans.edu/diary//25724

Jan 17, 2020 • 14min

ISC StormCast for Friday, January 17th 2020

CVE-2020-0601 Update ("Curveball" , "Letsdecrypt") https://isc.sans.edu/forums/diary/Summing+up+CVE20200601+or+the+Lets+Decrypt+vulnerability/25720/ https://curveballtest.com Certain Netscaler Devices Do Not Support Mitigation (article in dutch) https://www.ncsc.nl/actueel/nieuws/2020/januari/16/door-citrix-geadviseerde-mitigerende-maatregelen-niet-altijd-effectief Cable Haunt Vulnerability https://cablehaunt.com/ STI Student Interview: Jon Michael Lacek https://www.sans.org/reading-room/whitepapers/securecode/changing-devops-culture-security-scan-time-39125

Jan 16, 2020 • 6min

ISC StormCast for Thursday, January 16th 2020

CVE-2020-0601 Followup https://isc.sans.edu/forums/diary/CVE20200601+Followup/25714/ Oracle Patches https://www.oracle.com/security-alerts/cpujan2020.html

Jan 15, 2020 • 10min

ISC StormCast for Wednesday, January 15th 2020

Microsoft January 2020 Patch Tuesday and #CryptoAPI Flaw Webcast: https://sans.org/cryptoapi-isc Diary: https://isc.sans.edu/forums/diary/Microsoft+Patch+Tuesday+for+January+2020/25710/ NSA Release: https://media.defense.gov/2020/Jan/14/2002234275/-1/-1/0/CSA-WINDOWS-10-CRYPT-LIB-20190114.PDF

Jan 14, 2020 • 7min

ISC StormCast for Tuesday, January 14th 2020

Upcoming Critical MSFT Patch https://krebsonsecurity.com/2020/01/cryptic-rumblings-ahead-of-first-2020-patch-tuesday/ SIM Swapping is Easy https://www.issms2fasecure.com/assets/sim_swaps-01-10-2020.pdf Google Open Sources wombat dressing room npm publication proxy https://opensource.googleblog.com/2020/01/wombat-dressing-room-npm-publication_10.html

Jan 13, 2020 • 8min

ISC StormCast for Monday, January 13th 2020

Citrix ADC Vulnerability Actively Exploited. Assume vulnerable systems are compromised. Updated Citrix Advisory: https://support.citrix.com/article/CTX267027 Exploit Activity Summary: https://isc.sans.edu/forums/diary/Citrix+ADC+Exploits+are+Public+and+Heavily+Used+Attempts+to+Install+Backdoor/25700/ Vulnerablity Scanner: https://github.com/trustedsec/cve-2019-19781/ Special Webcast: https://i5c.us/citrix YouTube Walk Through of the vulnerability: https://youtu.be/msslpqyf98c

Jan 10, 2020 • 11min

ISC StormCast for Friday, January 10th 2020

Another Malicious Word Document https://isc.sans.edu/forums/diary/Quick+Analyzis+of+another+Maldoc/25694/ SHA1 Update https://sha-mbles.github.io/ Cisco Updates https://tools.cisco.com/security/center/publicationListing.x Mandy Galante: Girls Go Cyberstart (register now. Play Jan 13th-31st) https://www.girlsgocyberstart.org/

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

App store banner

Play store banner