SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Episodes

Mentioned books

May 29, 2018 • 6min

ISC StormCast for Tuesday, May 29th 2018

Ultrasound Mobile Location Tracking https://isc.sans.edu/forums/diary/Do+you+hear+Laurel+or+Yanny+or+is+it+OnOff+Keying/23707/ Analyzing Malware Created with NSIS https://isc.sans.edu/forums/diary/Quick+analysis+of+malware+created+with+NSIS/23703/ Obfuscated Word Macro https://isc.sans.edu/forums/diary/Antivirus+Evasion+Easy+as+123/23701/ Z-Wave Attacks https://www.pentestpartners.com/security-blog/z-shave-exploiting-z-wave-downgrade-attacks/ https://www.silabs.com/community/blog.entry.html/2018/05/23/tl_dr_your_door_is-g1zC Electron Framework Protocol Handler Patch Bypass https://blog.doyensec.com/2018/05/24/electron-win-protocol-handler-bug-bypass.html

May 25, 2018 • 5min

ISC StormCast for Friday, May 25th 2018

GDPR Going Into Effect May 25th https://en.wikipedia.org/wiki/General_Data_Protection_Regulation Bitcoin Gold Double Spent Attack https://forum.bitcoingold.org/t/double-spend-attack-on-exchanges/1362 Amazon Alexa Forwards Random Conversations https://www.kiro7.com/news/local/woman-says-her-amazon-device-recorded-private-conversation-sent-it-out-to-random-contact/755507974 Verge Crypto Coin Attacked Again https://www.bleepingcomputer.com/news/security/verge-cryptocurrency-network-falls-victim-to-same-attack-even-after-hard-fork/

May 24, 2018 • 6min

ISC StormCast for Thursday, May 24th 2018

VPNFilter Malware Affecting Cisco Routers https://blog.talosintelligence.com/2018/05/VPNFilter.html DLink Vulnerabilities https://securelist.com/backdoors-in-d-links-backyard/85530/ Firefox Disabling "Spy APIs" and enabling 2FA https://www.fxsitecompat.com/en-CA/docs/2018/ambient-light-and-proximity-sensor-apis-have-been-disabled/

May 23, 2018 • 5min

ISC StormCast for Wednesday, May 23rd 2018

Malicious SYLK Files Used to Execute Code in Excel https://isc.sans.edu/forums/diary/Malware+Distributed+via+slk+Files/23687/ BMW Releases Patches for Several Cars https://keenlab.tencent.com/en/Experimental_Security_Assessment_of_BMW_Cars_by_KeenLab.pdf Mac Crypto Miners https://blog.malwarebytes.com/threat-analysis/mac-threat-analysis/2018/05/new-mac-cryptominer-uses-xmrig/ VMWare Spectre Updates https://www.vmware.com/security/advisories/VMSA-2018-0012.html

May 22, 2018 • 5min

ISC StormCast for Tuesday, May 22nd 2018

Spectre NG Patches https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012 https://newsroom.intel.com/editorials/addressing-new-research-for-side-channel-analysis/ https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012 https://bugs.chromium.org/p/project-zero/issues/detail?id=1528 New "Moon" Variant http://blog.netlab.360.com/gpon-exploit-in-the-wild-iv-themoon-botnet-join-in-with-a-0day/ https://isc.sans.edu/forums/diary/Something+Wicked+this+way+comes/23681/ Extracting Keys From Windows ssh-agent https://blog.ropnop.com/extracting-ssh-private-keys-from-windows-10-ssh-agent/

May 21, 2018 • 6min

ISC StormCast for Monday, May 21st 2018

Redis Cryptocoin Mining Worm https://isc.sans.edu/forums/diary/Anatomy+of+a+Redis+mining+worm/23673/ Evolving Chrome's Security Indicator https://blog.chromium.org/2018/05/evolving-chromes-security-indicators.html DrayTek CSRF 0-Day Exploited to Change DNS Servers https://www.draytek.co.uk/support/security-advisories/kb-advisory-csrf-and-dns-dhcp-web-attacks Rowhammer Remote Exploit https://www.cs.vu.nl/~herbertb/download/papers/throwhammer_atc18.pdf https://arxiv.org/abs/1805.04956

May 18, 2018 • 6min

ISC StormCast for Friday, May 18th 2018

Claymore Miner Attack https://isc.sans.edu/diary/Insecure+Claymore+Miner+Management+API+Exploited+in+the+Wild/23665/ PCI DSS Version 3.2.1. Released https://isc.sans.edu/forums/diary/PCI+DSS+version+321+is+out/23667/ Keeper Releases Update https://keepersecurity.com/blog/2018/05/15/response-may-15-seclists-report/ Cisco Security Update https://tools.cisco.com/security/center/publicationListing.x

May 16, 2018 • 6min

ISC StormCast for Thursday, May 17th 2018

Critical DHCP Client Vulnerability in RedHat Enterprise Server 6/7 https://access.redhat.com/security/vulnerabilities/3442151 UPnP Misconfiguration DDoS Attack https://www.theregister.co.uk/2018/05/16/upnp_amplifies_ddos_attacks/ Ubuntu Snap Store Miner Incident Followup https://blog.ubuntu.com/2018/05/15/trust-and-security-in-the-snap-store iOS / Android "Zipper Down" Vulnerability https://zipperdown.org/

May 16, 2018 • 7min

ISC StormCast for Wednesday, May 16th 2018

PDF Exploit (and Windows Priv. Escalation) Leaked https://www.welivesecurity.com/2018/05/15/tale-two-zero-days/ Possible Vulnerability in Keeper Password Manager http://seclists.org/fulldisclosure/2018/May/41 MyEtherWallet Phishing https://isc.sans.edu/forums/diary/Phishing+emails+for+fake+MyEtherWallet+login+page/23655/

May 15, 2018 • 7min

ISC StormCast for Tuesday, May 15th 2018

PGP/SMIME efail Vulnerability https://efail.de Adobe PDF Reader / Acrobat Bulletins https://helpx.adobe.com/security/products/acrobat/apsb18-09.html

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

App store banner

Play store banner