SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Episodes
Mentioned books
Oct 20, 2022 • 6min
ISC StormCast for Thursday, October 20th, 2022
Are Internet Scanning Services Good or Bad for You?
https://isc.sans.edu/forums/diary/Are+Internet+Scanning+Services+Good+or+Bad+for+You/29164
FBI Warns of Student Loan Foregiveness Scams
https://www.ic3.gov/Media/Y2022/PSA221018
Fully Undetectable Powershell Backdoor
https://www.safebreach.com/resources/blog/safebreach-labs-researchers-uncover-new-fully-undetectable-powershell-backdoor/
Oct 19, 2022 • 5min
ISC StormCast for Wednesday, October 19th, 2022
Python Obfuscation for Dummies
https://isc.sans.edu/forums/diary/Python%20Obfuscation%20for%20Dummies/29160/
Oracle October 2022 Critical Patch Update
https://www.oracle.com/security-alerts/cpuoct2022.html
Weak Encryption in Microsoft Office 365
https://labs.withsecure.com/advisories/microsoft-office-365-message-encryption-insecure-mode-of-operation
Tesla 3 Hack
https://www.synacktiv.com/sites/default/files/2022-10/tesla_hexacon.pdf
Oct 18, 2022 • 6min
ISC StormCast for Tuesday, October 18th, 2022
Fileless Powershell Dropper
https://isc.sans.edu/forums/diary/Fileless%20Powershell%20Dropper/29156/
Apache Commons Text Vulnerablity
https://www.openwall.com/lists/oss-security/2022/10/13/4
How a Microsoft Blunder Opened Millions of PCs to Potent Malware Attacks
https://arstechnica.com/information-technology/2022/10/how-a-microsoft-blunder-opened-millions-of-pcs-to-potent-malware-attacks/
Oct 17, 2022 • 6min
ISC StormCast for Monday, October 17th, 2022
Horizon3 Publishes FortiOS Vulnerablity Details and Exploit
https://www.horizon3.ai/fortios-fortiproxy-and-fortiswitchmanager-authentication-bypass-technical-deep-dive-cve-2022-40684/
More Exchange Vulnerability Workaround Bypasses
https://twitter.com/wdormann/status/1576922677675102208
Analysis of a Malicious HTML File and QBot
https://isc.sans.edu/forums/diary/Analysis+of+a+Malicious+HTML+File+QBot/29146
End of Life VMWare ESXi Versions
https://www.lansweeper.com/eol/vmware-esxi-end-of-life/
Oct 14, 2022 • 6min
ISC StormCast for Friday, October 14th, 2022
Alchimist Offensive Framework
https://blog.talosintelligence.com/2022/10/alchimist-offensive-framework.html#more
VM2 Sandbox Vulnerability
https://www.oxeye.io/blog/vm2-sandbreak-vulnerability-cve-2022-36067
private npm package disclosure
https://blog.aquasec.com/private-packages-disclosed-via-timing-attack-on-npm
Zimbra Updates
https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P27#Security_Fixes
Oct 13, 2022 • 5min
ISC StormCast for Thursday, October 13th, 2022
Adobe October Patch Tuesday
https://helpx.adobe.com/sa_en/security/security-bulletin.html
Fortinet Guidance
https://www.horizon3.ai/fortinet-iocs-cve-2022-40684/
https://isc.sans.edu/forums/diary/Scans+for+old+Fortigate+Vulnerability+Building+Target+Lists/29142
Android VPN Issues
https://mullvad.net/en/blog/2022/10/10/android-leaks-connectivity-check-traffic/
iOS VPN Issues
https://9to5mac.com/2022/10/12/ios-vpn-apps-2/
Aruba Patches
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-015.txt
Oct 12, 2022 • 6min
ISC StormCast for Wednesday, October 12th, 2022
Microsoft October 2022 Patches
https://isc.sans.edu/forums/diary/October%202022%20Microsoft%20Patch%20Tuesday/29138/
SAP Patchday
https://dam.sap.com/mac/app/e/pdf/preview/embed/ucQrx6G?ltr=a&rc=10
Top CVEs Actively Exploited By People s Republic of China State-Sponsored Cyber Actors
https://www.cisa.gov/uscert/ncas/alerts/aa22-279a
Oct 11, 2022 • 6min
ISC StormCast for Tuesday, October 11th, 2022
Wireshark Display Filter Update
https://isc.sans.edu/forums/diary/Wireshark+Specifying+a+Protocol+Stack+Layer+in+Display+Filters/29130
Fortinet Vulnerablity Update
https://twitter.com/Horizon3Attack/status/1579285863108087810
BazarCall Social Engineering Tactics
https://www.trellix.com/en-us/about/newsroom/stories/research/evolution-of-bazarcall-social-engineering-tactics.html
RPKI Rate Limiting
https://www.usenix.org/system/files/sec22-hlavacek.pdf
Oct 10, 2022 • 6min
ISC StormCast for Monday, October 10th, 2022
Fortinet Update
https://docs.fortinet.com/document/fortigate/7.2.2/fortios-release-notes/760203/introduction-and-supported-models
Zimbra Vulnerability
https://twitter.com/iagox86/status/1578084484720734209
https://attackerkb.com/topics/1DDTvUNFzH/cve-2022-41352/rapid7-analysis?referrer=activityFeed
Microsoft Exchange Workaround Improved Again
https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/
Ikea Smart Bulb Exploit
https://www.synopsys.com/blogs/software-security/cyrc-advisory-ikea-tradfri-smart-lighting/
Oct 7, 2022 • 6min
ISC StormCast for Friday, October 7th, 2022
Infosec Calendar
https://isc.sans.edu/forums/diary/What+is+in+your+Infosec+Calendar/29118
OnionPoison: infected Tor Browser installer distributed through popular YouTube channel
https://securelist.com/onionpoison-infected-tor-browser-installer-youtube/107627/
MacOS Architve Utility Vulnerability Details
https://www.jamf.com/blog/jamf-threat-labs-macos-archive-utility-vulnerability/
