SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Episodes
Mentioned books
Feb 12, 2019 • 5min
ISC StormCast for Tuesday, February 12th 2019
Severe Docker runc Vulnerability
https://seclists.org/oss-sec/2019/q1/119
MacOS Mojave Privacy Flaw
https://lapcatsoftware.com/articles/mojave-privacy3.html
Android Malware Steals Crypto Addresses from Clipboard
https://www.welivesecurity.com/2019/02/08/first-clipper-malware-google-play/
Not An E-Mail Virus, Just Intersting Malware
https://isc.sans.edu/forums/diary/Have+You+Seen+an+Email+Virus+Recently/24634/
Feb 11, 2019 • 7min
ISC StormCast for Monday, February 11th 2019
Phishing Kit with JavaScript Keylogger
https://isc.sans.edu/forums/diary/Phishing+Kit+with+JavaScript+Keylogger/24622/
Phishing Via Google Translate
https://blogs.akamai.com/sitr/2019/02/phishing-attacks-against-facebook-google-via-google-translate.html
iPhone Apps Record Screens
https://techcrunch.com/2019/02/06/iphone-session-replay-screenshots/
Packet Challenge
https://johannes.homepc.org/packet10.txt
Feb 8, 2019 • 5min
ISC StormCast for Friday, February 8th 2019
Value of UAC
https://isc.sans.edu/forums/diary/UAC+is+not+all+that+bad+really/24620/
Apple Releases Facetime Patch
https://support.apple.com/en-us/HT201222
Skype Video Now Allows For Blurred Background
https://blogs.skype.com/news/2019/02/06/introducing-background-blur-in-skype/
Microsoft Exchange Server Advisory
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/adv190007
Feb 6, 2019 • 6min
ISC StormCast for Thursday, February 7th 2019
Android Monthly Security Update
https://source.android.com/security/bulletin/2019-02-01.html
Skia Graphics Library Vulnerability
https://googleprojectzero.blogspot.com/2019/02/the-curious-case-of-convexity-confusion.html
Google Chrome Password Check
https://chrome.google.com/webstore/detail/password-checkup/pncabnpcffmalkkjpajodfhijclecjno/related
Hancitor HelloFax Malspam
https://isc.sans.edu/forums/diary/Hancitor+malspam+and+infection+traffic+from+Tuesday+20190205/24616/
Feb 6, 2019 • 7min
ISC StormCast for Wednesday, February 6th 2019
Mitigations against Mimikatz Style Attacks
https://isc.sans.edu/forums/diary/Mitigations+against+Mimikatz+Style+Attacks/24612/
LibreOffice Macro Vulnerability
https://insert-script.blogspot.com/2019/02/libreoffice-cve-2018-16858-remote-code.html
Firefox 65 Breaks HTTPS AV Scanning
https://bugzilla.mozilla.org/show_bug.cgi?id=1523701
RDP Client Vulnerabilities
https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/
DNS "Lookingglass"
https://isc.sans.edu/tools/dnslookup.html
Feb 5, 2019 • 5min
ISC StormCast for Tuesday, February 5th 2019
Exploiting Struts in vCenter
https://isc.sans.edu/forums/diary/Struts+Vulnerability+CVE20175638+on+VMware+vCenter+the+Gift+that+Keeps+on+Giving/24606/
Wikipedia Tech Support Scam
https://isc.sans.edu/forums/diary/Wikipedia+Articles+as+part+of+Tech+Support+Scamming+Campaigns/24608/
Stealing MacOS Keychain
https://www.youtube.com/watch?v=nYTBZ9iPqsU
Beauty Camera Ads for Android include Adware
https://blog.trendmicro.com/trendlabs-security-intelligence/various-google-play-beauty-camera-apps-sends-users-pornographic-content-redirects-them-to-phishing-websites-and-collects-their-pictures/
Feb 4, 2019 • 8min
ISC StormCast for Monday, February 4th 2019
Sextortion EMail Update
https://isc.sans.edu/forums/diary/Sextortion+Follow+the+Money+Part+3+The+cashout+begins/24592/
Ubiquity Devices Used in DDoS Attack
https://blog.rapid7.com/2019/02/01/ubiquiti-discovery-service-exposures/?fbclid=IwAR0OUPQIfSV7YsBLvkjoC2WIbe_E4p9WGAM4LCTsL9TKr30I7aQ2Qwqoins
Google Chrome Experimenting with Typo Domain Detection
https://www.usenix.org/conference/enigma2019/presentation/stark
YouTube Copyright Extortion
https://www.youtube.com/watch?v=Q0i-sLESXqo
Feb 1, 2019 • 6min
ISC StormCast for Friday, February 1st 2019
Tracking DNS Changes
https://isc.sans.edu/forums/diary/Tracking+Unexpected+DNS+Changes/24596/
SystemD/JournalD PoC Exploit
https://capsule8.com/blog/exploiting-systemd-journald-part-1/
Windows Defender Boot Issues
https://support.microsoft.com/en-us/help/4052623/update-for-windows-defender-antimalware-platform
Mac Malware Steals Crytocurrency Exchange Cookies
https://unit42.paloaltonetworks.com/mac-malware-steals-cryptocurrency-exchanges-cookies/
Jan 31, 2019 • 6min
ISC StormCast for Thursday, January 31st 2019
Chrome Update
https://www.zdnet.com/article/google-chrome-72-removes-hpkp-deprecates-tls-1-0-and-tls-1-1/
Firefox Update
https://techdows.com/2019/01/firefox-to-disable-extensions-in-private-browsing-mode-by-default.html
Facebook (and Google) Research VPN
https://techcrunch.com/2019/01/29/facebook-project-atlas/
https://www.macrumors.com/2019/01/30/google-exploiting-apple-enterprise-certificate/
RCE In Samsung Store via "evilgrade"
https://www.adyta.pt/en/2019/01/29/writeup-samsung-app-store-rce-via-mitm-2/
Jan 30, 2019 • 6min
ISC StormCast for Wednesday, January 30th 2019
Phishing Not Ready for IPv6
https://isc.sans.edu/forums/diary/A+Not+So+Well+Done+Phish+Why+Attackers+need+to+Implement+IPv6+Now/24582/
Apple Disables Facetime Group Messages
https://www.apple.com/support/systemstatus/
Outlook 365 Safe Link Errors
https://twitter.com/Swiss_Jay/status/1090271197193940992
