SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Episodes

Mentioned books

Jul 9, 2019 • 5min

ISC StormCast for Tuesday, July 9th 2019

Canonical Github Hack https://news.ycombinator.com/item?id=20373009 New Wave of Magecart Attacks https://gist.github.com/gwillem/5d936f5a84837d5c1dcb488ce256294a Facebook's Libra Crpto Currency Already Impersonated https://www.digitalshadows.com/blog-and-research/facebooks-libra-cryptocurrency-cybercriminals-tipping-the-scales-in-their-favor/

Jul 8, 2019 • 6min

ISC StormCast for Monday, July 8th 2019

Does "Godlua" Use DNS over HTTPS or Not? https://www.golem.de/news/verschluesseltes-dns-falschmeldung-in-propagandaschlacht-um-dns-ueber-https-1907-142358.html https://blog.netlab.360.com/an-analysis-of-godlua-backdoor-en/ Exploit for Cisco Authentication Bypass and RCE https://raw.githubusercontent.com/pedrib/PoC/master/advisories/cisco-dcnm-rce.txt Magento RCE Exploit https://blog.ripstech.com/2019/magento-rce-via-xss/ Malicous XSL Files https://isc.sans.edu/forums/diary/Malicious+XSL+Files/25098/

Jul 3, 2019 • 6min

ISC StormCast for Wednesday, July 3rd 2019

Zipato SmartHub Vulnerabilities https://blackmarble.sh/zipato-smart-hub/ Blocking DNS over HTTPS https://github.com/bambenek/block-doh Cloudflare Outage https://www.cloudflarestatus.com/incidents/tx4pgxs6zxdr Android Update https://source.android.com/security/bulletin/2019-07-01 Powershell Kill Switch Commands https://isc.sans.edu/forums/diary/Using+Powershell+in+Basic+Incident+Response+A+Domain+Wide+KillSwitch/25088/

Jul 2, 2019 • 5min

ISC StormCast for Tuesday, July 2nd 2019

Maldoc Payloads in User Forms https://isc.sans.edu/forums/diary/Maldoc+Payloads+in+User+Forms/25084/ Zyxel Vulnerabilities https://www.zyxel.com/support/vulnerabilities-related-to-the-Free-Time-feature.shtml AMD SEV DH Key Recovery https://seclists.org/fulldisclosure/2019/Jun/46 Card Enrollment Service Fraud https://www.advanced-intel.com/post/card-enrollment-services-highly-effective-fraud-methodology-offered-in-russian-underground

Jun 30, 2019 • 7min

ISC StormCast for Sunday, June 30th 2019

Collecting Hashes of Running Processes and verifying them with Virustotal Domain wide https://isc.sans.edu/forums/diary/Verifying+Running+Processes+against+VirusTotal+DomainWide/25078/ Mozilla Server Side TLS Guide Updates https://wiki.mozilla.org/Security/Server_Side_TLS SKS Keyserver DoS Attack https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f QR Code Phishing https://cofense.com/radar-phishing-using-qr-codes-evade-url-analysis/

Jun 27, 2019 • 17min

ISC StormCast for Friday, June 28th 2019

New Brickerbot (Silex) Sightings https://twitter.com/_larry0/status/1143532888538984448 Supply Chain Attacks Against Telco Providers https://www.cybereason.com/blog/operation-soft-cell-a-worldwide-campaign-against-telecommunications-providers GreenFlash Sundown Malwaretising Campaign https://blog.malwarebytes.com/threat-analysis/2019/06/greenflash-sundown-exploit-kit-expands-via-large-malvertising-campaign/ TrackThis Demonstrates How Advertisers Track You https://trackthis.link Geoff Parker: Automating Phsh Reporting Resposne http://www.sans.org/reading-room/whitepapers/email/automating-response-phish-reporting-39000

Jun 25, 2019 • 6min

ISC StormCast for Wednesday, June 26th 2019

Rig Exploit Kit Installs Pitou.B. Trojan https://isc.sans.edu/forums/diary/Rig+Exploit+Kit+sends+PitouB+Trojan/25068/ AWS VPC Traffic Mirroring https://aws.amazon.com/blogs/aws/new-vpc-traffic-mirroring Elastic SIEM App https://www.elastic.co/blog/introducing-elastic-siem National Emergency Alerts Potentially Vulnerable to Attack https://www.colorado.edu/today/2019/06/11/emergency-alerts

Jun 24, 2019 • 7min

ISC StormCast for Tuesday, June 25th 2019

Cloudflare Outage https://blog.cloudflare.com/how-verizon-and-a-bgp-optimizer-knocked-large-parts-of-the-internet-offline-today/ https://isc.sans.edu/forums/diary/Extensive+BGP+Issues+Affecting+Cloudflare+and+possibly+others/25064/ WeTransfer Misdirects Files https://betanews.com/2019/06/21/wetransfer-fail/ Jenkins Pillage https://dolosgroup.io/blog/2019/6/20/pillaging-the-jenkins-treasure-chest

Jun 23, 2019 • 6min

ISC StormCast for Monday, June 24th 2019

SSH Will Start Encrypting Secret Keys in Memory https://marc.info/?l=openbsd-cvs&m=156109087822676&w=2 Bluekeep Patchrate at 83.4% https://twitter.com/RavivTamir/status/1141788586922119168 Android ADB/SSH Botnet https://www.bleepingcomputer.com/news/security/botnet-uses-ssh-and-adb-to-create-android-cryptomining-army/

Jun 21, 2019 • 15min

ISC StormCast for Friday, June 21st 2019

Updates for Dell Support Assistant https://www.dell.com/support/article/us/en/04/sln317291/dsa-2019-084-dell-supportassist-for-business-pcs-and-dell-supportassist-for-home-pcs-security-update-for-pc-doctor-vulnerability?lang=en Critical Cisco Vulnerablity https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex LoudMiner Comes with VM https://www.welivesecurity.com/2019/06/20/loudminer-mining-cracked-vst-software/ STI Student Dave Todd: Overcoming the Comliance Challenges in Biometrics https://www.sans.org/reading-room/whitepapers/legal/paper/38970

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

App store banner

Play store banner