SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Episodes
Mentioned books
Jun 20, 2019 • 6min
ISC StormCast for Thursday, June 20th 2019
Critical Patch For WebLogic
https://isc.sans.edu/forums/diary/Critical+Actively+Exploited+WebLogic+Flaw+Patched+CVE20192729/25050/
Exim Exploits Against Other Mail Servers
https://isc.sans.edu/forums/diary/Quick+Detect+Exim+Return+of+the+Wizard+Attack/25052/
SANS Fire Presentations (to be published soon)
https://isc.sans.edu/presentations
Jun 19, 2019 • 5min
ISC StormCast for Wednesday, June 19th 2019
Critical Firefox Update
https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/#CVE-2019-11707
Bitdefender Releases GandCrap Decryptor
https://labs.bitdefender.com/2019/06/good-riddance-gandcrab-were-still-fixing-the-mess-you-left-behind/
Google Launches New Deceptive Site Protections in Chrome
https://blog.chromium.org/2019/06/new-chrome-protections-from-deception.html
Jun 18, 2019 • 6min
ISC StormCast for Tuesday, June 18th 2019
TCP SACK Panic DoS in Linux
https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md
https://tools.ietf.org/html/rfc879
Logitech Pointer Recall
https://www.heise.de/security/meldung/Angreifbare-Logitech-Presenter-Hersteller-tauscht-gefaehrliche-USB-Empfaenger-aus-4423627.html
An Infection from the Rig Exploit Kit
https://isc.sans.edu/forums/diary/An+infection+from+Rig+exploit+kit/25040/
Jun 17, 2019 • 6min
ISC StormCast for Monday, June 17th 2019
Whats App Phishing
https://www.heise.de/newsticker/meldung/Phishing-Mails-gaukeln-Ende-von-WhatsApp-Abonnement-vor-4447165.html
Encrypted EMail Phishing
https://www.bleepingcomputer.com/news/security/phishing-scam-asks-you-to-login-to-read-encrypted-message/
Android Apps Link to Fake Sites
https://news.drweb.com/show/?i=13313&lng=en&c=5
Precomputed Hash Tables
https://a.ndronic.us/pre-computed-hash-table-v-1-0/
Jun 14, 2019 • 15min
ISC StormCast for Friday, June 14th 2019
Exim Flaw Exploited
https://www.cybereason.com/blog/new-pervasive-worm-exploiting-linux-exim-server-vulnerability
Yubico Recalling FIPS Certified Yubikeys
https://www.yubico.com/support/security-advisories/ysa-2019-02/
Vulnerable Infusion Pumps
https://www.bd.com/en-us/support/product-security-and-privacy/product-security-bulletins/alaris-gateway-workstation-unauthorized-firmware
Telegram DDoS Attack
https://twitter.com/telegram/status/1138768124914929664
Ghidra Tips for IDA Users: Function Call Graphs
https://isc.sans.edu/forums/diary/A+few+Ghidra+tips+for+IDA+users+part+4+function+call+graphs/25032/
Joel Chapman: Security Consideration for Voice over Wifi (VoWifi) Systems
https://www.sans.org/reading-room/whitepapers/telephone/paper/38945
Jun 13, 2019 • 5min
ISC StormCast for Thursday, June 13th 2019
Sandbox Escaper Publishes Additional CVE-2019-0841 Bypass
http://archive.is/3toQY
http://sandboxescaper.blogspot.com/p/disclosures_8.html
Bypassing NTLM Message Signing (CVE-2019-1040)
https://blog.preempt.com/drop-the-mic
Details About macOS Keysteal Vulnerability
https://www.pinauten.de/resources/KeySteal_OBTS_2019.pdf
Jun 12, 2019 • 6min
ISC StormCast for Wednesday, June 12th 2019
Microsoft Patches
https://isc.sans.edu/forums/diary/MSFT+June+2019+Patch+Tuesday/25024/
Adobe Patches
https://helpx.adobe.com/security.html
SAP Security Notes
https://www.onapsis.com/blog/sap-patch-notes-june-2019
Intel Updates
https://www.us-cert.gov/ncas/current-activity/2019/06/11/Intel-Releases-Security-Updates-Mitigations-Multiple-Products
Microsoft Certificate DoS
https://bugs.chromium.org/p/project-zero/issues/detail?id=1804
GPS Receiver Woes
https://www.flightglobal.com/news/articles/collins-gps-outage-grounds-regional-flights-458819/
RAMBleed Attack
https://www.documentcloud.org/documents/6150180-RamBleed-attack-CVE-2019-0174.html
Jun 11, 2019 • 6min
ISC StormCast for Tuesday, June 11th 2019
Interesting JavaScript Obfuscation Example
https://isc.sans.edu/forums/diary/Interesting+JavaScript+Obfuscation+Example/25020/
Spam Taking Advantage of DNS over HTTPS
https://myonlinesecurity.co.uk/it-looks-like-another-dns-compromise-hack-happening/
European Mobile Operator Traffic Leaked to China
https://arstechnica.com/information-technology/2019/06/bgp-mishap-sends-european-mobile-traffic-through-china-telecom-for-2-hours/?comments=1
VLC Update Patches Various Security Flaws
http://www.jbkempf.com/blog/post/2019/VLC-3.0.7-and-security
Jun 10, 2019 • 8min
ISC StormCast for Monday, June 10th 2019
Keep An Eye On Your WMI Logs
https://isc.sans.edu/forums/diary/Keep+an+Eye+on+Your+WMI+Logs/25012/
Sysmon DNS Query Logging
https://isc.sans.edu/forums/diary/Tip+Sysmon+Will+Log+DNS+Queries/25016/
Komodo Agama Vulnerability and Breach
https://komodoplatform.com/update-agama-vulnerability/
Lessons Learned From Microsoft SOC
https://www.microsoft.com/security/blog/2019/06/06/lessons-learned-from-the-microsoft-soc-part-2b-career-paths-and-readiness/
Jun 6, 2019 • 7min
ISC StormCast for Friday, June 7th 2019
GoldBrute Botnet Brute Forcing RDP
https://isc.sans.edu/forums/diary/GoldBrute+Botnet+Brute+Forcing+15+Million+RDP+Servers/25002/
Exim Vulnerability
https://isc.sans.edu/forums/diary/Time+is+partially+on+our+side+the+new+Exim+vulnerability/25008/
iOS App Developers Disabling TLS
https://www.wandera.com/mobile-security/ios-app-developer-security-shortcuts/
