SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Episodes

Mentioned books

Nov 4, 2019 • 6min

ISC StormCast for Monday, November 4th 2019

Critical Google Chrome Update Fixes Exploited Vulnerability https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_31.html Blue Keep Vulnerability Mass Exploited to Install Crypto Coin Miner https://www.kryptoslogic.com/blog/2019/11/bluekeep-cve-2019-0708-exploitation-spotted-in-the-wild/ rConfig Vulnerabilities https://shells.systems/rconfig-v3-9-2-authenticated-and-unauthenticated-rce-cve-2019-16663-and-cve-2019-16662/

Nov 1, 2019 • 6min

ISC StormCast for Friday, November 1st 2019

Phishing Made Easy With EML Files and Outlook 365 https://isc.sans.edu/forums/diary/EML+attachments+in+O365+a+recipe+for+phishing/25474/ Microsoft TLS Security Enhancements Lead to Timeouts https://support.microsoft.com/en-us/help/4528489/transport-layer-security-tls-connections-might-intermittently-fail-or MESSAGETAP: Who's Reading Your Text Messages https://www.fireeye.com/blog/threat-research/2019/10/messagetap-who-is-reading-your-text-messages.html Amazon Authentication Failure for 3rd Party Devices https://old.reddit.com/r/sysadmin/comments/dpbt3t/the_perils_of_security_and_how_i_finally_resolved/

Oct 31, 2019 • 7min

ISC StormCast for Thursday, October 31st 2019

Apple Security Updates Details Released https://support.apple.com/en-us/HT201222 Untitled Goose Deserialization https://pulsesecurity.co.nz/advisories/untitled-goose-game-deserialization Insecure Pagers Leak Medical Data https://techcrunch.com/2019/10/30/nhs-pagers-medical-health-data/ Kibana Vulnerablity https://research.securitum.com/prototype-pollution-rce-kibana-cve-2019-7609/

Oct 30, 2019 • 6min

ISC StormCast for Wednesday, October 30th 2019

xHelper Android Malware https://www.symantec.com/blogs/threat-intelligence/xhelper-android-malware Counterstrike Game Keys Used for Money Laundry https://blog.counter-strike.net/index.php/2019/10/26113/ Greating PCAP Files From YAML https://isc.sans.edu/forums/diary/Generating+PCAP+Files+from+YAML/25464/

Oct 29, 2019 • 5min

ISC StormCast for Tuesday, October 29th 2019

PHP 7 Remote Code Execution Vulnerability Exploited https://lab.wallarm.com/php-remote-code-execution-0-day-discovered-in-real-world-ctf-exercise/ https://github.com/neex/phuip-fpizdam Finding Shellcode with scdbg https://isc.sans.edu/forums/diary/Using+scdbg+to+Find+Shellcode/25460/ Apple iOS / tvOS / Safari Updates https://support.apple.com/en-us/HT201222 Sextortion Attempts Are Targeting Blogs https://www.bleepingcomputer.com/news/security/blogger-and-wordpress-sites-hacked-to-show-sextortion-scams/

Oct 28, 2019 • 6min

ISC StormCast for Monday, October 28th 2019

Odd Double Base64 Endoded "BS_REAL_IP" Header https://isc.sans.edu/forums/diary/Unusual+Activity+with+Double+Base64+Encoding/25458/ DNS Archeology With PowerShell https://isc.sans.edu/forums/diary/More+on+DNS+Archeology+with+PowerShell/25452/ iOS Appstore Malware https://www.wandera.com/mobile-security/ios-trojan-malware/ British Law Enforcement Misses Malware Reports Due to Anti-Malware https://www.theregister.co.uk/2019/10/24/hmicfrs_report_cyber_crime/

Oct 25, 2019 • 7min

ISC StormCast for Friday, October 25th 2019

XML External Entity Vuln in LSP4XML Affects Various Developer Tools https://www.shielder.it/blog/dont-open-that-xml-xxe-to-rce-in-xml-plugins-for-vs-code-eclipse-theia/?preview=true Google Chrome Will Make "SameSite" Default https://blog.chromium.org/2019/10/developers-get-ready-for-new.html Leftover Gigamon Configurations https://isc.sans.edu/forums/diary/Your+Supply+Chain+Doesnt+End+At+Receiving+How+Do+You+Decommission+Network+Equipment/25448/

Oct 24, 2019 • 5min

ISC StormCast for Thursday, October 24th 2019

FTC Issues SIM Swapping Guidance https://www.consumer.ftc.gov/blog/2019/10/sim-swap-scams-how-protect-yourself Discord Used as Info Stealer Backdoor https://www.bleepingcomputer.com/news/security/discord-turned-into-an-info-stealing-backdoor-by-new-malware/ Cisco Exploit Code https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-iosxe-rest-auth-bypass Tails 4.0 Released https://tails.boum.org/news/version_4.0/index.en.html

Oct 23, 2019 • 7min

ISC StormCast for Wednesday, October 23rd 2019

Testing TLS 1.3 And Supported Ciphers https://isc.sans.edu/forums/diary/Testing+TLSv13+and+supported+ciphers/25442/ Google Chrome 78 Released https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html Firefox 70 Released https://www.mozilla.org/en-US/firefox/70.0/releasenotes/ Cache Poisoning DoS https://cpdos.org/

Oct 22, 2019 • 6min

ISC StormCast for Tuesday, October 22nd 2019

DNS over TLS Scans https://isc.sans.edu/forums/diary/Whats+up+with+TCP+853+DNS+over+TLS/25438/ NordVPN and Others Compromised https://techcrunch.com/2019/10/21/nordvpn-confirms-it-was-hacked/ https://twitter.com/hexdefined/status/1186106695073726466 Trend Micro Bypass http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-ANTI-THREAT-TOOLKIT-(ATTK)-REMOTE-CODE-EXECUTION.txt Realtek Linux Wifi Driver Buffer Overflow https://twitter.com/nicowaisman/status/1184864519316758535

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

App store banner

Play store banner