SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Episodes
Mentioned books
Jun 12, 2018 • 5min
ISC StormCast for Tuesday, June 12th 2018
More Malspam Pushing Lokibot
https://isc.sans.edu/forums/diary/More+malspam+pushing+Lokibot/23754/
Ethereum JSON RPC Theft
https://twitter.com/360Netlab/status/1006065566728085504
CryptoCurrency Miner Plays hide-and-seek
https://www.bleepingcomputer.com/news/security/cryptocurrency-miner-plays-hide-and-seek-with-popular-games-and-tools/
Apple Outlaws Crypto Currency Miners in App Store
https://developer.apple.com/app-store/review/guidelines/#hardware-compatibility
FBI Arrests Suspect in BEC Investigation
https://www.fbi.gov/news/stories/international-bec-takedown-061118
Jun 11, 2018 • 6min
ISC StormCast for Monday, June 11th 2018
The Seven Properties of Highly Secure Devices
https://www.microsoft.com/en-us/research/wp-content/uploads/2017/03/SevenPropertiesofHighlySecureDevices.pdf
Finding Deserialisation Issues With Burp
https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/june/finding-deserialisation-issues-has-never-been-easier-freddy-the-serialisation-killer/
FTC Starts Looking Into Cryptojacking
https://www.consumer.ftc.gov/blog/2018/06/protecting-your-devices-cryptojacking
Drupal Disputes Number of Vulnerable Sites
https://groups.drupal.org/node/520149
Jun 8, 2018 • 6min
ISC StormCast for Friday, June 8th 2018
Critical Adobe Flash Update
https://helpx.adobe.com/security/products/flash-player/apsb18-19.html
SuperMicro Firmware Vulnerability
https://blog.eclypsium.com/2018/06/07/firmware-vulnerabilities-in-supermicro-systems/
FOSCAM Video Camera Vulnerabilities
https://blog.vdoo.com/2018/06/06/vdoo-has-found-major-vulnerabilities-in-foscam-cameras/
Sofacy Update
https://researchcenter.paloaltonetworks.com/2018/06/unit42-sofacy-groups-parallel-attacks/
Automated Twitter Loot Collection
https://isc.sans.edu/forums/diary/Automated+twitter+loot+collection/23743/
Jun 7, 2018 • 5min
ISC StormCast for Thursday, June 7th 2018
VPNFilter Update
https://blog.talosintelligence.com/2018/06/vpnfilter-update.html
Prowli Botnet
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/
Cisco Security Bulletins
https://tools.cisco.com/security/center/publicationListing.x
F-Secure RAR Vulnerability
https://www.f-secure.com/en/web/labs_global/fsc-2018-2
PCAP to Weblogs
https://isc.sans.edu/forums/diary/Converting+PCAP+Web+Traffic+to+Apache+Log/23739/
Jun 6, 2018 • 6min
ISC StormCast for Wednesday, June 6th 2018
Analysis of a Post Exploit Script
Malicious Post-Exploitation Batch File
Zip Slip Vulnerability
https://snyk.io/research/zip-slip-vulnerability
Redis Exploits
https://www.incapsula.com/blog/report-75-of-open-redis-servers-are-infected.html
Drupalgeddon 2 Update
https://badpackets.net/over-100000-drupal-websites-vulnerable-to-drupalgeddon-2-cve-2018-7600/
Jun 5, 2018 • 6min
ISC StormCast for Tuesday, June 5th 2018
Running Only Signed Code. Does it work in Windows 10?
https://isc.sans.edu/forums/diary/Digging+into+Authenticode+Certificates/23731/
Misconfigured G-Suite Mailing Lists
https://www.kennasecurity.com/widespread-google-groups-misconfiguration-exposes-sensitive-information/
Microsoft Releases Open Source Post Quantum VPN
https://github.com/Microsoft/PQCrypto-VPN
Jun 4, 2018 • 5min
ISC StormCast for Monday, June 4th 2018
Apple Patches Everything
https://isc.sans.edu/forums/diary/Apple+Security+Updates/23727/
VPNFilter Makes a Comeback
https://jask.com/from-russia-with-love/
Reverse Analysis with Radare2
https://isc.sans.edu/forums/diary/Binary+analysis+with+Radare2/23723/
Pet Location Tracker Vulnerabilities
https://threatpost.com/pet-trackers-open-to-mitm-attacks-interception/132291/
Jun 1, 2018 • 6min
ISC StormCast for Friday, June 1st 2018
Safely Resetting Routers
https://isc.sans.edu/forums/diary/Resetting+Your+Router+the+Paranoid+Right+Way/23719/
CSS mix-blend-mode Side Channel Attack
https://www.evonide.com/side-channel-attacking-browsers-through-css3-features/
New ActiveX Exploit Seen in the Wild
https://www.krcert.or.kr/data/secNoticeView.do?bulletin_writing_sequence=27263
Apple iMessage Security
https://support.apple.com/en-us/HT202303
10 Year Old Vulnerability in Steam Discovered
https://www.contextis.com/blog/frag-grenade-a-remote-code-execution-vulnerability-in-the-steam-client
May 31, 2018 • 5min
ISC StormCast for Thursday, May 31st 2018
Windows JScript Vulnerability
https://www.zerodayinitiative.com/advisories/ZDI-18-534/
Two Git Vulnerabilities Patched
https://marc.info/?l=git&m=152761328506724&w=2
https://blogs.msdn.microsoft.com/devops/2018/05/29/announcing-the-may-2018-git-security-vulnerability/
SpamCannibal Blacklist Temporarily Marks All IPs as "Spam"
https://twitter.com/GossiTheDog/status/1001778042400854016
QRadar Remote Code Execution
https://blogs.securiteam.com/index.php/archives/3689
May 29, 2018 • 6min
ISC StormCast for Wednesday, May 30th 2018
New DNS Features
https://isc.sans.edu/forums/diary/DNS+is+Changing+Are+you+Ready/23711/
Apple Updates
https://support.apple.com/en-us/HT201222
Scans For Misconfigured EOS Blockchain Nodes
https://www.bleepingcomputer.com/news/security/misconfigured-eos-blockchain-nodes-under-attack/
NPM Bug Causes Update Failures / Application Crashes
https://github.com/npm/npm/issues/20791#issuecomment-392648459
MnuBot Exfiltrates Data Via MSSQL
https://securityintelligence.com/new-banking-trojan-mnubot-discovered-by-ibm-x-force-research/
