SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Episodes
Mentioned books
Jul 25, 2018 • 5min
ISC StormCast for Wednesday, July 25th 2018
Emotet Update
https://isc.sans.edu/forums/diary/Recent+Emotet+activity/23908/
Clear Text Phone Tracking
https://isc.sans.edu/forums/diary/Cell+Phone+Monitoring+Who+is+Watching+the+Watchers/23910/
Bluetooth Bug
https://www.kb.cert.org/vuls/id/304725
Apache OpenWhisk Vulnerability
https://www.puresec.io/blog/Apache_OpenWhisk_Mutability_Weakness?hs_preview=EpJUmSoY-5972289702
Jul 24, 2018 • 6min
ISC StormCast for Tuesday, July 24th 2018
More Spectre
https://arxiv.org/pdf/1807.07940.pdf
July IE Patch Fixed older Remote Code Exec. Bug
http://blogs.360.cn/blog/from-a-patched-itw-0day-to-remote-code-execution-part-i-from-patch-to-new-0day/
Google Chrome 68 Released Today. HTTP sites marked as "insecure"
https://support.google.com/chrome/a/answer/7679408?hl=en
DNS Rebinding Vulnerablity Common in IoT
https://www.armis.com/dns-rebinding-exposes-half-a-billion-iot-devices-in-the-enterprise/
Jul 23, 2018 • 5min
ISC StormCast for Monday, July 23rd 2018
New WebLogic Vulnerability Already Exploited
https://isc.sans.edu/forums/diary/Weblogic+Exploit+Code+Made+Public+CVE20182893/23896/
Microsoft Edge Turns off XSS Protection
https://portswigger.net/daily-swig/xss-protection-disappears-from-microsoft-edge
Intel Management Engine Vulnerabilities
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00112.html
User Tracking With TLS 1.2 Certificates
http://tma.ifip.org/wordpress/wp-content/uploads/2017/06/tma2017_paper2.pdf
Jul 20, 2018 • 5min
ISC StormCast for Friday, July 20th 2018
Cisco Patches
https://tools.cisco.com/security/center/publicationListing.x
Diqee Smart Vacuum Vulnerabilities
http://en.diqee.com/goods/1994.html
Instagram About To Release 2FA Update
https://techcrunch.com/2018/07/17/instagram-2-factor/
Reporting Malicious Websites
https://isc.sans.edu/forums/diary/Reporting+Malicious+Websites+in+2018/23892/
Jul 19, 2018 • 5min
ISC StormCast for Thursday, July 19th 2018
Increase in scans for port 15454
https://isc.sans.edu/forums/diary/Request+for+Packets+Port+15454/23888/
Oracle Quarterly Critical Patch Update
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
Venmo Public Transaction API
https://publicbydefault.fyi
Credential Stuffing Responsible for Majority of Login Attempts
http://info.shapesecurity.com/2018-Credential-Spill-Report-by-Shape-Security
Jul 18, 2018 • 5min
ISC StormCast for Wednesday, July 18th 2018
Searching for Geographically Improbably Login Attempts
https://isc.sans.edu/forums/diary/Searching+for+Geographically+Improbable+Login+Attempts/23882/
Typo3 CMS Update
https://typo3.org/article/typo3-931-8717-and-7630-security-releases-published/
GitHub Expands Security Scanner to Python
https://blog.github.com/2018-07-12-security-vulnerability-alerts-for-python/
Money Laundry Scheme Exposed by Open Mongo database.
https://kromtech.com/blog/security-center/digital-laundry
Jul 17, 2018 • 8min
ISC StormCast for Tuesday, July 17th 2018
Encrypted SNI in TLS 1.3
https://tools.ietf.org/html/draft-rescorla-tls-esni-00
Microsoft to Retire "Delta Updates"
https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-quality-updates-explained-amp-the-end-of-delta/ba-p/214426
Practical GPS Spoofing of Navigation Devices
https://www.microsoft.com/en-us/research/uploads/prod/2018/06/security18gps.pdf
Jul 16, 2018 • 7min
ISC StormCast for Monday, July 16th 2018
Processing JSON
https://isc.sans.edu/forums/diary/Video+Retrieving+and+processing+JSON+data+BTC+example/23874/
Cryptocoin Mining Javascript (yet again)
https://isc.sans.edu/forums/diary/Cryptominer+Delivered+Though+Compromized+JavaScript+File/23870/
Dahua Passwords Leaked/Cached by Search Engine
https://www.bleepingcomputer.com/news/security/passwords-for-tens-of-thousands-of-dahua-devices-cached-in-iot-search-engine/
MDM Used in Targeted Attack Against iPhone Users
https://blog.talosintelligence.com/2018/07/Mobile-Malware-Campaign-uses-Malicious-MDM.html
Jul 13, 2018 • 6min
ISC StormCast for Friday, July 13th 2018
Extortion Claims Include Leaked Passwords to Appear more Plausiable
https://isc.sans.edu/forums/diary/New+Extortion+Tricks+Now+Including+Your+Password/23866/
npm Package Compromised and Used To Steal Credentials
https://github.com/eslint/eslint-scope/issues/39#issuecomment-404533026
CIRCL IMAP Proxy
https://github.com/CIRCL/IMAP-Proxy
Checkpoint Names "Dorkbot" As A Top Threat (Signup required)
https://research.checkpoint.com/cyber-attack-trends-2018-mid-year-report/
Jul 12, 2018 • 6min
ISC StormCast for Thursday, July 12th 2018
Hello Peppa Followup
https://isc.sans.edu/forums/diary/Well+Hello+Again+Peppa/23860/
Spectre 1.1 and 1.2
https://people.csail.mit.edu/vlk/spectre11.pdf
Internet Exchanges Band Together against BGP Hijacking
https://dyn.com/blog/shutting-down-the-bgp-hijack-factory/
Google Enabled Site Isolation in Chrome
https://www.bleepingcomputer.com/news/security/google-enables-site-isolation-feature-for-99-percent-of-chrome-desktop-users/
