SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Episodes

Mentioned books

Jun 6, 2019 • 5min

ISC StormCast for Thursday, June 6th 2019

Android Monthly Update https://source.android.com/security/bulletin/2019-06-01 Google Chrome Updates https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html MacOS Malware Injects Bing Ads https://www.airoav.com/mitm-proxy-a-new-search-hijack-method-on-mojave/ Kubernetes Vulnerability https://github.com/kubernetes/kubernetes/issues/78308 Vulnerabilities in Phihsing Kits https://blogs.akamai.com/sitr/2019/06/identifying-vulnerabilities-in-phishing-kits.html

Jun 5, 2019 • 6min

ISC StormCast for Wednesday, June 5th 2019

Vulnerability in Notepad https://threatpost.com/researcher-exploits-microsofts-notepad-to-pop-a-shell/145242/ Vulnerability in vim/neovim https://github.com/numirias/security/blob/master/doc/2019-06-04_ace-vim-neovim.md RDP Session Hijack Vulnerability https://kb.cert.org/vuls/id/576688/

Jun 4, 2019 • 5min

ISC StormCast for Tuesday, June 4th 2019

Bypassing macOS Synthetic Click Protection https://www.wired.com/story/apple-macos-bug-synthetic-clicks/ Intel Microcode Updates for Older Windows 10 Versions https://support.microsoft.com/en-us/help/4494454/kb4494454-intel-microcode-updates Fake AntiVirus Adds in Microsoft Games https://answers.microsoft.com/en-us/windows/forum/all/malvertising-attack-on-microsoft-games/ced7ab87-7e0e-422b-97b7-fbfaed2b68a0 GandGrab Shutting Down https://www.zdnet.com/article/gandcrab-ransomware-operation-says-its-shutting-down/

Jun 3, 2019 • 6min

ISC StormCast for Monday, June 3rd 2019

Google Outage https://status.cloud.google.com/incident/compute/19003 Major Vulnerability in Siemens LOGO Controllers https://cert-portal.siemens.com/productcert/pdf/ssa-542701.pdf Exposing TOR Users Via Cache Poisoning https://blog.duszynski.eu/tor-ip-disclosure-through-http-301-cache-poisoning/ nginx njs Vulnerability https://github.com/nginx/njs/issues/131

May 31, 2019 • 7min

ISC StormCast for Friday, May 31st 2019

Analysing Shell Code with scdbg https://isc.sans.edu/forums/diary/Analyzing+First+Stage+Shellcode/24984/ GitHub Automating Security Patches https://help.github.com/en/articles/configuring-automated-security-fixes Exposed Docker Containers Uses for Cryptocoin Mining https://blog.trendmicro.com/trendlabs-security-intelligence/infected-cryptocurrency-mining-containers-target-docker-hosts-with-exposed-apis-use-shodan-to-find-additional-victims/ Mozilla Objecting To Web Packaging https://docs.google.com/document/d/1ha00dSGKmjoEh2mRiG8FIA5sJ1KihTuZe-AXX1r8P-8/preview#

May 30, 2019 • 6min

ISC StormCast for Thursday, May 30th 2019

Behavioural Malware Analysis With Microsoft Attack Surface Analyzer https://isc.sans.edu/forums/diary/Behavioural+Malware+Analysis+with+Microsoft+ASA/24980/ Docker Symlink Race Attack https://seclists.org/oss-sec/2019/q2/131 Nanshu Campaign Using Signed Rootkit https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/

May 29, 2019 • 6min

ISC StormCast for Wednesday, May 29th 2019

Office Document And Base64 Encoded PowerShell Script https://isc.sans.edu/forums/diary/Office+Document+BASE64+PowerShell/24976/ https://0xdf.gitlab.io/2019/05/21/malware-analysis-unnamed-emotet-doc.html Enumeration of BlueKeep Vulnerable Hosts https://blog.erratasec.com/2019/05/almost-one-million-vulnerable-to.html DHCP Client Vulnerablity Analysis https://sensepost.com/blog/2019/analysis-of-a-1day-cve-2019-0547-and-discovery-of-a-forgotten-condition-in-the-patch-cve-2019-0726-part-1-of-2/ Office File Deleting Phishing Emails https://www.bleepingcomputer.com/news/security/phishing-emails-pretend-to-be-office-365-file-deletion-alerts/

May 28, 2019 • 6min

ISC StormCast for Tuesday, May 28th 2019

MacOS GateKeeper Bypass https://www.fcvl.net/vulnerabilities/macosx-gatekeeper-bypass Fortinet FortiOS SSL VPN Vulnerabilities https://fortiguard.com/psirt Customizing NMAP Service Detection https://isc.sans.edu/forums/diary/Video+nmap+Service+Detection+Customization/24970/

May 24, 2019 • 6min

ISC StormCast for Friday, May 24th 2019

Dangers of Custom URL Schemes https://zeropwn.github.io/2019-05-22-fun-with-uri-handlers/ Update on Phyiscal Skimmer Market https://www.advanced-intel.com/blog/skimming-threat-landscape-technology-advances-lower-barriers-of-entry-for-novice-skimming-operators Apple Supplemental Update For masOS 10.14.5 https://support.apple.com/kb/DL2005?locale=en_US Microsoft Releases Advanced Threat Protection for MacOS https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Microsoft-Defender-ATP-for-Mac-now-in-open-public-preview/ba-p/634603

May 22, 2019 • 6min

ISC StormCast for Thursday, May 23rd 2019

An Update on the Microsoft Windows RDP BlueKeep Vulnerablity https://isc.sans.edu/forums/diary/An+Update+on+the+Microsoft+Windows+RDP+Bluekeep+Vulnerability+CVE20190708+now+with+pcaps/24960/ New Zero Day Exploits by SandboxEscaper https://github.com/SandboxEscaper/polarbearrepo Signed Exploit Code https://medium.com/@chroniclesec/abusing-code-signing-for-profit-ef80a37b50f4

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

App store banner

Play store banner