SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Episodes
Mentioned books
Oct 7, 2019 • 5min
ISC StormCast for Monday, October 7th 2019
visNetwork for Network Data
https://isc.sans.edu/forums/diary/visNetwork+for+Network+Data/25390/
Android Priv. Escalation Vulnerability Exploited in the Wild
https://bugs.chromium.org/p/project-zero/issues/detail?id=1942
Signal Evesdropping Vulnerability
https://bugs.chromium.org/p/project-zero/issues/detail?id=1943
Oct 4, 2019 • 15min
ISC StormCast for Friday, October 4th 2019
Last Files Ransomware is Back With New Ruse
https://isc.sans.edu/forums/diary/LostFiles+Ransomware/25382/
tcpdump vulnerabilities
https://www.tcpdump.org/tcpdump-changes.txt
TLS Manipulating Malware
https://securelist.com/compfun-successor-reductor/93633/
Luasz Cyra: Pass the Hash in Windows 10
https://www.sans.org/reading-room/whitepapers/testing/paper/39170
Oct 3, 2019 • 5min
ISC StormCast for Thursday, October 3rd 2019
Latest Emotet News
https://isc.sans.edu/forums/diary/A+recent+example+of+Emotet+malspam/25378/
SANS Ouch! Newsletter
https://www.sans.org/security-awareness-training/resources/four-simple-steps-staying-secure
XPdf and Foxit Updates
https://www.foxitsoftware.com/support/security-bulletins.php
https://forum.xpdfreader.com/viewtopic.php?f=3&t=41885
eFax Malspam
https://www.heise.de/security/meldung/Achtung-Angebliches-eFax-birgt-Trojaner-4544386.html
Office 365 Idle Timeout
https://docs.microsoft.com/en-us/sharepoint/sign-out-inactive-users
https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=55183
Oct 2, 2019 • 6min
ISC StormCast for Wednesday, October 2nd 2019
PDF Encryption Flaw
https://web-in-security.blogspot.com/2019/09/pdfex-major-security-flaws-in-pdf.html
Windows 7 Security Updates Beyond 2020
https://www.microsoft.com/en-us/microsoft-365/blog/2019/10/01/windows-small-midsize-businesses-stay-secure-current/
ODT Documents Used to Distribute Malware
https://blog.talosintelligence.com/2019/09/odt-malware-twist.html
Oct 1, 2019 • 5min
ISC StormCast for Tuesday, October 1st 2019
Maldoc, PowerShell and BITS
https://isc.sans.edu/forums/diary/Maldoc+PowerShell+BITS/25372/
Yet Another Critical Exim Flaw
https://nvd.nist.gov/vuln/detail/CVE-2019-16928
CISCO Introduces Semianual Patch Day
https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-72547
Windows 2019 to make it easier to disable legacy TLS Versions
https://www.microsoft.com/security/blog/2019/09/30/tls-version-enforcement-capabilities-now-available-certificate-binding-windows-server-2019
Sep 30, 2019 • 6min
ISC StormCast for Monday, September 30th 2019
Polycom Scans
https://isc.sans.edu/forums/diary/New+Scans+for+Polycom+Autoconfiguration+Files/25366/
Apple Security Details
https://support.apple.com/en-us/HT201222
iOS Jailbreak
https://github.com/axi0mX/ipwndfu
Sep 27, 2019 • 6min
ISC StormCast for Friday, September 27th 2019
vBulletin Botnet
https://twitter.com/bad_packets/status/1177256656322695168
Cisco Industrial Router Security Bulletin
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ios-gos-auth
Sniffle Bluetooth Sniffer
https://github.com/nccgroup/sniffle
Outlook on the web blocking more extensions
https://techcommunity.microsoft.com/t5/Exchange-Team-Blog/Changes-to-File-Types-Blocked-in-Outlook-on-the-web/ba-p/874451
Sep 26, 2019 • 5min
ISC StormCast for Thursday, September 26th 2019
Malspam Pushing Quasar RAT
https://isc.sans.edu/forums/diary/Malspam+pushing+Quasar+RAT/25354/
vBulletin 0-Day Exploit Update
https://www.bleepingcomputer.com/news/security/vbulletin-zero-day-exploited-for-years-gets-unofficial-patch/
Fake Veteran Employment Site
https://blog.talosintelligence.com/2019/09/tortoiseshell-fake-veterans.html
Sep 25, 2019 • 5min
ISC StormCast for Wednesday, September 25th 2019
Remotewebaccess.com Domain in Certificate Transparency Logs
https://isc.sans.edu/forums/diary/Huge+Amount+of+remotewebaccesscom+Sites+Found+in+Certificate+Transparency+Logs/25352/
Adobe Releases Emergency ColdFusion Patch
https://blogs.adobe.com/psirt/?p=1789
Apple Releases Additional Updates for iOS/iPadOS
https://support.apple.com/en-us/HT201222
vBulletin Vulnerability 0-Day Exploit Released
https://seclists.org/fulldisclosure/2019/Sep/31
Sep 24, 2019 • 6min
ISC StormCast for Tuesday, September 24th 2019
Microsoft Releases Special Patch for Exploited Vulnerability in Internet Explorer
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1367
Cloudflare Adding "Bot Fight" option
https://blog.cloudflare.com/cleaning-up-bad-bots/
iOS Bluetooth Access Feature
https://www.theverge.com/2019/9/19/20867286/ios-13-bluetooth-permission-privacy-feature-apps
Forcepoint VPN Update
https://support.forcepoint.com/KBArticle?id=000017525
