SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Episodes

Mentioned books

Feb 26, 2019 • 7min

ISC StormCast for Tuesday, February 26th 2019

WinRAR ACE Vulnerabilty used in Malspam https://twitter.com/360TIC/status/1099987939818299392 Sextortion Email With QR Code https://isc.sans.edu/forums/diary/Sextortion+Email+Variant+With+QR+Code/24686/ ICANN Pushes DNSSEC to Defend Against DNS Zone Manipulation https://www.icann.org/news/announcement-2019-02-22-en Android FIDO2 Certification https://fidoalliance.org/android-now-fido2-certified-accelerating-global-migration-beyond-passwords/

Feb 25, 2019 • 5min

ISC StormCast for Monday, February 25th 2019

B0ront0k Linux Server Ransomware https://www.bleepingcomputer.com/news/security/b0r0nt0k-ransomware-wants-75-000-ransom-infects-linux-servers/ Cr1pt0r Ransomware Targets DLink NAS Devices https://www.bleepingcomputer.com/forums/t/691852/cr1ptt0r-ransomware-files-encrypted-readmetxt-support-topic/page-3 LinkedIn Messages Used to Push Fake Job Offers https://www.proofpoint.com/us/threat-insight/post/fake-jobs-campaigns-delivering-moreeggs-backdoor-fake-job-offers

Feb 22, 2019 • 7min

ISC StormCast for Friday, February 22nd 2019

Adobe Re-Patches Reader/Acrobat Data Leakage Bug https://helpx.adobe.com/security/products/acrobat/apsb19-13.html Microsoft Releases Fix for DoS Vulnerability in IIS https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190005 Drupal Fixes Remote Code Execution Vulnerability https://www.drupal.org/sa-core-2019-003 Linux Kernel Code Execution Vulnerablity https://nvd.nist.gov/vuln/detail/CVE-2019-8912 MikroTik Unauthenticated Proxy https://medium.com/tenable-techblog/mikrotik-firewall-nat-bypass-b8d46398bf24

Feb 21, 2019 • 6min

ISC StormCast for Thursday, February 21st 2019

Microsoft Edge Whitelists Facebook to Run Flash https://bugs.chromium.org/p/project-zero/issues/detail?id=1722 Chinese Android Banking App Stores Screenshots of Other Apps https://jqknews.com/news/141073-Jingdong_Finance_denied_stealing_user_information_saying_that_the_image_cache_was_only_local.html Password Manager Vulnerabilities https://www.securityevaluators.com/casestudies/password-manager-hacking/

Feb 20, 2019 • 6min

ISC StormCast for Wednesday, February 20th 2019

Russian Malspam Pushing Shade/Troldesh Ransomware https://isc.sans.edu/forums/diary/More+Russian+language+malspam+pushing+Shade+Troldesh+ransomware/24668/ Bitdefender Releases GandCrab Decrypter https://labs.bitdefender.com/2019/02/new-gandcrab-v5-1-decryptor-available-now/ Bank Infrastructure Used in Phishing Attacks (russian) https://www.group-ib.ru/blog/incident SHA-2 Patch For Windows 7 / 2008 R2 SP1 https://support.microsoft.com/en-us/help/4472027/2019-sha-2-code-signing-support-requirement-for-windows-and-wsus

Feb 19, 2019 • 5min

ISC StormCast for Tuesday, February 19th 2019

Know What You Are Logging https://isc.sans.edu/forums/diary/Know+What+You+Are+Logging/24656/ Spectre Software Mitigation Insufficient https://arxiv.org/pdf/1902.05178.pdf VMWare Releases Update To Address runc Vulnerability https://www.vmware.com/security/advisories/VMSA-2019-0001.html Swedish Healthcare Breach Leaks Phone call Recordings https://computersweden.idg.se/2.2683/1.714787/inspelade-samtal-1177-vardguiden-oskyddade-internet

Feb 18, 2019 • 5min

ISC StormCast for Monday, February 18th 2019

Snap Patches Available https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SnapSocketParsing Finding Property Values in Office Documents https://isc.sans.edu/forums/diary/Finding+Property+Values+in+Office+Documents/24652/ Bro-Sysmon https://engineering.salesforce.com/test-out-bro-sysmon-a6fad1c8bb88 Cryptojacking Apps in Microsoft App Store https://www.symantec.com/blogs/threat-intelligence/cryptojacking-apps-microsoft-store

Feb 15, 2019 • 6min

ISC StormCast for Friday, February 15th 2019

PDF includes SMB Link https://isc.sans.edu/forums/diary/Suspicious+PDF+Connecting+to+a+Remote+SMB+Share/24646/ QNAP Malware https://www.qnap.com/en/security-advisory/nas-201902-13 Bomb Threat Spammers Arrested https://www.justice.gov/usao-cdca/pr/members-hacker-collective-face-federal-charges-attacking-computer-systems-emailing-mass Managed Service Providers Targeted By Ransomware https://www.bleepingcomputer.com/news/security/ransomware-attacks-target-msps-to-mass-infect-customers/

Feb 14, 2019 • 6min

ISC StormCast for Thursday, February 14th 2019

Fake Updates Campaign Still Active in 2019 https://isc.sans.edu/forums/diary/Fake+Updates+campaign+still+active+in+2019/24640/ macOS Malware (Shlayer) Disables Gatekeeper https://www.carbonblack.com/2019/02/12/tau-threat-intelligence-notification-new-macos-malware-variant-of-shlayer-osx-discovered/ Microsoft Exchange Server Patch (Errata for yesterday's podcast) https://support.microsoft.com/en-ca/help/4490060/exchange-web-services-push-notifications-can-provide-unauthorized-acce Cisco Network Assurance Engine Password Synchronization Issue https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190212-nae-dos VFEMail Backup Failure https://www.vfemail.net/

Feb 13, 2019 • 5min

ISC StormCast for Wednesday, February 13th 2019

Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+February+2019+Patch+Tuesday/24638/ Adobe Updates https://helpx.adobe.com/security.html Ubuntu Linux snapd "dirty_sock" exploit https://shenaniganslabs.io/2019/02/13/Dirty-Sock.html

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

App store banner

Play store banner