SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich
undefined
Oct 12, 2023 • 5min

ISC StormCast for Thursday, October 12th, 2023

CVE-2023-22515 Activately Exploited https://confluence.atlassian.com/security/cve-2023-22515-privilege-escalation-vulnerability-in-confluence-data-center-and-server-1295682276.html curl SOCKS5 oversized hostname vulnerability CVe-2023-38545 https://isc.sans.edu/diary/CVE-2023-38545%3A%20curl%20SOCKS5%20oversized%20hostname%20vulnerability.%20How%20bad%20is%20it%3F/30304 Adobe Acrobat Vulnerablity Actively Exploited CVE-2023-21608 https://www.cisa.gov/news-events/alerts/2023/10/10/cisa-adds-five-known-vulnerabilities-catalog Google Makes Passkey the Default https://blog.google/technology/safety-security/passkeys-default-google-accounts/ VBScript Deprecated from Windows https://learn.microsoft.com/en-us/windows/whats-new/deprecated-features
undefined
Oct 11, 2023 • 8min

ISC StormCast for Wednesday, October 11th, 2023

http2 rapid reset https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ microsoft patch tuesday https://isc.sans.edu/diary/October%202023%20Microsoft%20Patch%20Tuesday%20Summary/30300
undefined
Oct 10, 2023 • 5min

ISC StormCast for Tuesday, October 10th, 2023

SIP file format and Mhcard attacks, obfuscation techniques in firewalls, and vulnerabilities in Sophos and WatchGuard
undefined
Oct 9, 2023 • 6min

ISC StormCast for Monday, October 9th, 2023

Binary IPv6 Address Conversion https://isc.sans.edu/diary/Binary%20IPv6%20Addresses/30290 Wireshark Updates https://www.wireshark.org/ Improved GitHub Secret Scanning https://github.blog/2023-10-04-introducing-secret-scanning-validity-checks-for-major-cloud-services/ Prerooted Android Devices https://arstechnica.com/security/2023/10/thousands-of-android-devices-come-with-unkillable-backdoor-preinstalled/ curl update https://github.com/curl/curl/discussions/12026
undefined
Oct 6, 2023 • 5min

ISC StormCast for Friday, October 6th, 2023

Topics discussed include the decoding of IP addresses, Cisco vulnerability, malicious Python packages, obfuscation techniques in packages, and Super Micro vulnerabilities.
undefined
Oct 5, 2023 • 6min

ISC StormCast for Thursday, October 5th, 2023

This podcast discusses the importance of detecting anomalies in TCP and UDP sessions, and highlights an Apple update addressing security vulnerabilities. It also covers WebRTC vulnerabilities, Glib C library flaws, and emphasizes the significance of timely patching.
undefined
Oct 4, 2023 • 6min

ISC StormCast for Wednesday, October 4th, 2023

The podcast discusses the limitations and risks of using large language models, including leaked data and inappropriate sharing. They also talk about creating personalized language models and a critical vulnerability in TorchSurf. Additionally, they explore how machine learning can solve CAPTCHAs better than humans and discuss a phishing attack that exploits an open redirect to steal online credentials.
undefined
Oct 3, 2023 • 6min

ISC StormCast for Tuesday, October 3rd, 2023

Discussion on SIP file encryption, XM mail server vulnerabilities, and ARM Mali GPU driver vulnerabilities. Malicious ads in Bing's chatbot and unauthorized content in AI training.
undefined
Oct 2, 2023 • 5min

ISC StormCast for Monday, October 2nd, 2023

This podcast discusses the analysis of MIME files, infostealers searching for password files, a simple netcat backdoor, the response to the ZDI release by EXIM, and an exploit for a WS_FTP vulnerability. The chapters cover a netcat backdoor, a password-hunting backdoor, EML dump for malware analysis, the XM WONA Belize vulnerability update, NTLM authentication risks, and the importance of updating WSFTP servers.
undefined
Sep 29, 2023 • 5min

ISC StormCast for Friday, September 29th, 2023

This podcast covers topics such as IP address representation, a Chrome update fixing a 0-day vulnerability, unpatched EXIM vulnerabilities, and WSFTP vulnerabilities.

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!
App store bannerPlay store banner
Get the app