SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Episodes

Mentioned books

Jul 23, 2019 • 5min

ISC StormCast for Tuesday, July 23rd 2019

Analyzing Compressed PowerShell Scripts https://isc.sans.edu/forums/diary/Analyzing+Compressed+PowerShell+Scripts/25158/ PaloAlto GlobalProtect PreAuth RCE http://blog.orange.tw/2019/07/attacking-ssl-vpn-part-1-preauth-rce-on-palo-alto.html Fortinet Vulnerability https://fortiguard.com/psirt/FG-IR-19-144 ProFTPd Permission Bypass Vulnerability https://tbspace.de/cve201912815proftpd.html

Jul 22, 2019 • 6min

ISC StormCast for Monday, July 22nd 2019

PHP Malware https://isc.sans.edu/forums/diary/Malicious+PHP+Script+Back+on+Stage/25148/ Drupal Vulnerabilities https://www.drupal.org/sa-core-2019-008 iNSYNQ Breach https://www.insynq.com/support/#status

Jul 19, 2019 • 7min

ISC StormCast for Friday, July 19th 2019

802.1x Tips https://isc.sans.edu/forums/diary/The+Other+Side+of+Critical+Control+1+8021x+Wired+Network+Access+Controls/25146/ Kazachstan TLS Interception https://groups.google.com/forum/#!msg/mozilla.dev.security.policy/wnuKAhACo3E/cpsvHgcuDwAJ BEC Trends https://www.fincen.gov/sites/default/files/shared/FinCEN_Financial_Trend_Analysis_FINAL_508.pdf Cyclance Weakness https://skylightcyber.com/2019/07/18/cylance-i-kill-you/

Jul 18, 2019 • 6min

ISC StormCast for Thursday, July 18th 2019

Analysis of DNS TXT Records https://isc.sans.edu/forums/diary/Analyzis+of+DNS+TXT+Records/25142/ Evil Gnome Linux Malware https://www.intezer.com/blog-evilgnome-rare-malware-spying-on-linux-desktop-users/ New American Express Phishing Attacks https://cofense.com/phishing-attacker-takes-american-express-victims-credentials/

Jul 17, 2019 • 6min

ISC StormCast for Wednesday, July 17th 2019

Zoom/Apple Patches Additional Software https://www.theverge.com/2019/7/16/20696529/apple-mac-silent-update-zoom-ringcentral-zhumu-vulnerabilty-patched Lenovo/IOMega NAS API Vulnerability https://www.theregister.co.uk/2019/07/16/iomega_nas_boxes/ Amadeus Vulnerability Allows Access to Boarding Passes https://www.7elements.co.uk/resources/technical-advisories/insecure-direct-object-reference-within-amadeus-check-in-application/ FBI Releases GandGrab Master Keys https://www.documentcloud.org/documents/6199678-GandCrab-Master-Decryption-Keys-FLASH.html Android Media File Jacking https://www.symantec.com/blogs/expert-perspectives/symantec-mobile-threat-defense-attackers-can-manipulate-your-whatsapp-and-telegram-media

Jul 16, 2019 • 7min

ISC StormCast for Tuesday, July 16th 2019

isodump.py and malicious ISO files https://isc.sans.edu/forums/diary/isodumppy+and+Malicious+ISO+Files/25134/ Atlassian Crowd Vulnerability Details https://www.corben.io/atlassian-crowd-rce/ Scrapy Vulnerabilities https://medium.com/alertot/web-scraping-considered-dangerous-leaking-files-from-the-spiders-host-bd508f81d498 iOS URL Scheme Susceptible to Hijacking https://blog.trendmicro.com/trendlabs-security-intelligence/ios-url-scheme-susceptible-to-hijacking/

Jul 15, 2019 • 6min

ISC StormCast for Monday, July 15th 2019

Magecart Targets S3 Buckets https://www.riskiq.com/blog/labs/magecart-amazon-s3-buckets/ Atlassian Jira Vulnerability https://confluence.atlassian.com/jira/jira-security-advisory-2019-07-10-973486595.html Microsoft to Detect Phishing in Forms https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=52927 Tracking Anonymized Bluetooth Devices https://petsymposium.org/2019/files/papers/issue3/popets-2019-0036.pdf

Jul 12, 2019 • 13min

ISC StormCast for Friday, July 12th 2019

Analysis of a Recent AZORult Sample https://isc.sans.edu/forums/diary/Recent+AZORult+activity/25120/ Apple Delete Zoom Web Server https://www.macrumors.com/2019/07/10/apple-update-remove-zoom-server/ Apple Disables Walkie Talkie App https://techcrunch.com/2019/07/10/apple-disables-walkie-talkie-app-due-to-vulnerability-that-could-allow-iphone-eavesdropping/ Windows PXE Devices May Fail to Boot After Recent Update https://support.microsoft.com/en-in/help/4512816/devices-that-start-up-using-preboot-execution-environment-pxe-images-f Sean Goodwin: Attackers Inside the WAlls: Detecting Malicious Activity https://www.sans.org/reading-room/whitepapers/detection/paper/39055

Jul 11, 2019 • 5min

ISC StormCast for Thursday, July 11th 2019

Samba Project Disabling SMBv1 By Default https://isc.sans.edu/forums/diary/Samba+Project+tells+us+Whats+New+SMBv1+Disabled+by+Default+finally/25116/ GnuPG Will No Longer Import Signatures From Keyservers https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000439.html eChOraix Ransomware https://www.anomali.com/blog/the-ech0raix-ransomware

Jul 10, 2019 • 6min

ISC StormCast for Wednesday, July 10th 2019

MSFT Patch Tuesday https://isc.sans.edu/forums/diary/MSFT+July+2019+Patch+Tuesday/25110/ Adobe Updates https://helpx.adobe.com/security.html Zoom Vulnerability https://medium.com/bugbountywriteup/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

App store banner

Play store banner