SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Episodes
Mentioned books
Sep 1, 2023 • 6min
ISC StormCast for Friday, September 1st, 2023
The podcast discusses the low cost of cybercrime, GitHub Action vulnerabilities, exploitation of Cisco ASA SSL VPNs, Splunk vulnerabilities, and issues with top-level domains. They also talk about simple phishing attacks, the effectiveness of disguised HTML pages, and challenges in supply chain security. Additionally, they mention a recent VPN attack, misconfigurations in top-level domains, and an event announcement.
Aug 31, 2023 • 6min
ISC StormCast for Thursday, August 31st, 2023
The hosts discuss hurricane preparedness for home offices and small businesses. They also cover a remote code execution vulnerability in Notepad++. In addition, they talk about recent security vulnerabilities in Winrar and Seven-SIP. Lastly, they touch on the issues with BGP error processing.
Aug 30, 2023 • 6min
ISC StormCast for Wednesday, August 30th, 2023
Topics discussed include survival time for web sites, PDF/ActiveMime Polyglot Maldocs, RocketMQ vulnerability exploitation, and ManageEngine vulnerability. The podcast also explores the concept of certificate transparency and its implications, as well as a new technique of embedding Word documents in PDFs.
Aug 29, 2023 • 7min
ISC StormCast for Tuesday, August 29th, 2023
The podcast discusses the WinRAR vulnerability, Juniper's out of cycle fix for OS vulnerabilities, and Microsoft's extended protection for Exchange servers. It also covers the presence of malicious packages in Rust and announces upcoming travel plans to London and a community evening event.
Aug 28, 2023 • 7min
ISC StormCast for Monday, August 28th, 2023
Topics discussed include malware using Postgres for covert communication, tips for identifying network connections, limitations of CVEs and CVSS scoring system, certificate authority revocation, and malicious NPM package.
Aug 25, 2023 • 6min
ISC StormCast for Friday, August 25th, 2023
The podcast covers topics such as creating a 'QWERTY' keyboard walk password generator with ChatGPT, the FBI's warning about persistent barracuda backdoors, and an authentication bypass vulnerability in Ivanti Sentry. It also discusses the dropping of Whiffy Recon WiFi scanning and geolocation malware by Smoke Loader.
Aug 24, 2023 • 5min
ISC StormCast for Thursday, August 24th, 2023
Topics discussed include exotic Excel files dropping AgentTesla, WinRAR vulnerability being exploited, Aruba vulnerabilities, new attacks targeting Excel users, Winrar vulnerability exploitation, malware attacks on stock traders, and network vulnerabilities
Aug 23, 2023 • 6min
ISC StormCast for Wednesday, August 23rd, 2023
Exploring Fernet encryption in malware and the introduction of Xavier's malware analysis tool, along with analyzing malware files through hash values and VirusTotal lookup. Plus, the significance of updating software to fix exploited vulnerabilities in Adobe's ColdFusion and open fire chat software, and the latest version of XLoader, a Mac malware that spreads via software update tricks.
Aug 22, 2023 • 6min
ISC StormCast for Tuesday, August 22nd, 2023
Discussion on the increase in scans for open proxies and exploitation of VANTE Sentry vulnerability. Issues with logging in and vulnerability in mutual TLS implementation are also explored.
Aug 21, 2023 • 6min
ISC StormCast for Monday, August 21st, 2023
Topics discussed include a Zalando phishing incident leading to a remote access tool, a vulnerability in WinRAR, Hotmail SPF errors causing spam false positives, DLL hijacking in the Asian gambling sector, and Google Chrome's new security feature for malicious extensions.
