

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Episodes
Mentioned books

Oct 12, 2023 • 5min
ISC StormCast for Thursday, October 12th, 2023
CVE-2023-22515 Activately Exploited
https://confluence.atlassian.com/security/cve-2023-22515-privilege-escalation-vulnerability-in-confluence-data-center-and-server-1295682276.html
curl SOCKS5 oversized hostname vulnerability CVe-2023-38545
https://isc.sans.edu/diary/CVE-2023-38545%3A%20curl%20SOCKS5%20oversized%20hostname%20vulnerability.%20How%20bad%20is%20it%3F/30304
Adobe Acrobat Vulnerablity Actively Exploited CVE-2023-21608
https://www.cisa.gov/news-events/alerts/2023/10/10/cisa-adds-five-known-vulnerabilities-catalog
Google Makes Passkey the Default
https://blog.google/technology/safety-security/passkeys-default-google-accounts/
VBScript Deprecated from Windows
https://learn.microsoft.com/en-us/windows/whats-new/deprecated-features

Oct 11, 2023 • 8min
ISC StormCast for Wednesday, October 11th, 2023
http2 rapid reset
https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
microsoft patch tuesday
https://isc.sans.edu/diary/October%202023%20Microsoft%20Patch%20Tuesday%20Summary/30300

Oct 10, 2023 • 5min
ISC StormCast for Tuesday, October 10th, 2023
SIP file format and Mhcard attacks, obfuscation techniques in firewalls, and vulnerabilities in Sophos and WatchGuard

Oct 9, 2023 • 6min
ISC StormCast for Monday, October 9th, 2023
Binary IPv6 Address Conversion
https://isc.sans.edu/diary/Binary%20IPv6%20Addresses/30290
Wireshark Updates
https://www.wireshark.org/
Improved GitHub Secret Scanning
https://github.blog/2023-10-04-introducing-secret-scanning-validity-checks-for-major-cloud-services/
Prerooted Android Devices
https://arstechnica.com/security/2023/10/thousands-of-android-devices-come-with-unkillable-backdoor-preinstalled/
curl update
https://github.com/curl/curl/discussions/12026

Oct 6, 2023 • 5min
ISC StormCast for Friday, October 6th, 2023
Topics discussed include the decoding of IP addresses, Cisco vulnerability, malicious Python packages, obfuscation techniques in packages, and Super Micro vulnerabilities.

Oct 5, 2023 • 6min
ISC StormCast for Thursday, October 5th, 2023
This podcast discusses the importance of detecting anomalies in TCP and UDP sessions, and highlights an Apple update addressing security vulnerabilities. It also covers WebRTC vulnerabilities, Glib C library flaws, and emphasizes the significance of timely patching.

Oct 4, 2023 • 6min
ISC StormCast for Wednesday, October 4th, 2023
The podcast discusses the limitations and risks of using large language models, including leaked data and inappropriate sharing. They also talk about creating personalized language models and a critical vulnerability in TorchSurf. Additionally, they explore how machine learning can solve CAPTCHAs better than humans and discuss a phishing attack that exploits an open redirect to steal online credentials.

Oct 3, 2023 • 6min
ISC StormCast for Tuesday, October 3rd, 2023
Discussion on SIP file encryption, XM mail server vulnerabilities, and ARM Mali GPU driver vulnerabilities. Malicious ads in Bing's chatbot and unauthorized content in AI training.

Oct 2, 2023 • 5min
ISC StormCast for Monday, October 2nd, 2023
This podcast discusses the analysis of MIME files, infostealers searching for password files, a simple netcat backdoor, the response to the ZDI release by EXIM, and an exploit for a WS_FTP vulnerability. The chapters cover a netcat backdoor, a password-hunting backdoor, EML dump for malware analysis, the XM WONA Belize vulnerability update, NTLM authentication risks, and the importance of updating WSFTP servers.

Sep 29, 2023 • 5min
ISC StormCast for Friday, September 29th, 2023
This podcast covers topics such as IP address representation, a Chrome update fixing a 0-day vulnerability, unpatched EXIM vulnerabilities, and WSFTP vulnerabilities.