SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Episodes

Mentioned books

Aug 26, 2022 • 7min

ISC StormCast for Friday, August 26th, 2022

Taking Apart URL Shorteners https://isc.sans.edu/diary/Taking+Apart+URL+Shorteners/28980 Python Developers Phished for PyPi Credentials https://twitter.com/pypi/status/1562442188285308929 Group IB Connects Twilio and Cloudflare Phishing attacks to others https://www.helpnetsecurity.com/2022/08/25/0ktapus-twilio-cloudflare-phishers-targets/ Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus https://www.trendmicro.com/en_us/research/22/h/ransomware-actor-abuses-genshin-impact-anti-cheat-driver-to-kill-antivirus.html LastPass Security Incident https://blog.lastpass.com/2022/08/notice-of-recent-security-incident/ Bitbucket Vulnerability https://securityonline.info/cve-2022-36804-bitbucket-server-and-data-center-command-injection-vulnerability/

Aug 25, 2022 • 6min

ISC StormCast for Thursday, August 25th, 2022

Monster Libra -> IcedID -> Cobalt Strike and DarkVNC https://isc.sans.edu/forums/diary/VNC/28974/ Is Tox the New C&C Method for Coinminers? https://www.uptycs.com/blog/is-tox-the-new-cc-method-for-coinminers Carbon Black Blue Screens https://community.carbonblack.com/t5/Knowledge-Base/Endpoint-Standard-Sudden-Blue-Screens-on-Windows-Devices-23rd/ta-p/114369 Gitlab Vulnerability https://about.gitlab.com/releases/2022/08/22/critical-security-release-gitlab-15-3-1-released/#Remote%20Command%20Execution%20via%20Github%20import

Aug 24, 2022 • 7min

ISC StormCast for Wednesday, August 24th, 2022

Who's Looking at Your security.txt File https://isc.sans.edu/diary/Who%27s+Looking+at+Your+security.txt+File%3F/28972 Assessing Python Malware Detectors with a Benchmark Dataset https://blog.chainguard.dev/taming-python-malware-scanners/ New Iranian APT Data Extraction Tool https://blog.google/threat-analysis-group/new-iranian-apt-data-extraction-tool/ Firefox Update https://www.mozilla.org/en-US/security/advisories/mfsa2022-33/ IBM MQ Update https://www.ibm.com/support/pages/node/6613021

Aug 23, 2022 • 7min

ISC StormCast for Tuesday, August 23rd, 2022

32 or 64 Bits Malware https://isc.sans.edu/diary/32+or+64+bits+Malware%3F/28968 Proxies and Configurations Used for Credential Stuffing Attacks https://www.ic3.gov/Media/News/2022/220818.pdf DirtyCred Linux Privilege Escalation Vulnerablity https://www.blackhat.com/us-22/briefings/schedule/#cautious-a-new-exploitation-method-no-pipe-but-as-nasty-as-dirty-pipe-27169 Fake DDos Pages on WordPress Sites Lead to Drive-By-Downloads https://blog.sucuri.net/2022/08/fake-ddos-pages-on-wordpress-lead-to-drive-by-downloads.html

Aug 22, 2022 • 6min

ISC StormCast for Monday, August 22nd, 2022

Brazil malspam pushes Astaroth (Guildma) malware https://isc.sans.edu/diary/Brazil+malspam+pushes+Astaroth+%28Guildma%29+malware/28962 Android Ring App XSS https://checkmarx.com/blog/amazon-quickly-fixed-a-vulnerability-in-ring-android-app-that-could-expose-users-camera-recordings/ iOS in App Browser Security Issues https://krausefx.com/blog/announcing-inappbrowsercom-see-what-javascript-commands-get-executed-in-an-in-app-browser iOS in-App Browser Issues https://krausefx.com/blog/ios-privacy-instagram-and-facebook-can-track-anything-you-do-on-any-website-in-their-in-app-browser https://krausefx.com/blog/announcing-inappbrowsercom-see-what-javascript-commands-get-executed-in-an-in-app-browser

Aug 19, 2022 • 6min

ISC StormCast for Friday, August 19th, 2022

Honeypot Attack Summaries with Python https://isc.sans.edu/diary/Honeypot+Attack+Summaries+with+Python/28956 TP-Link Vulnerability https://blog.viettelcybersecurity.com/1day-to-0day-on-tl-link-tl-wr841n/ Safari Update https://support.apple.com/en-us/HT213414 iOS VPN Leaks https://www.michaelhorowitz.com/VPNs.on.iOS.are.scam.php Janet Jackson Hard Drive DDoS https://devblogs.microsoft.com/oldnewthing/20220816-00/?p=106994

Aug 18, 2022 • 6min

ISC StormCast for Thursday, August 18th, 2022

A Quick VoIP Experiment https://isc.sans.edu/diary/A+Quick+VoIP+Experiment/28950 Apple Patches Two Exploited Vulnerabilities https://isc.sans.edu/diary/Apple+Patches+Two+Exploited+Vulnerabilities/28952 Google Chrome Update https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html Cisco staystaystay exploit tool https://www.youtube.com/watch?v=ySgbHClk9HE

Aug 17, 2022 • 6min

ISC StormCast for Wednesday, August 17th, 2022

VBA Maldoc and UTF7 (APT-C-35) https://isc.sans.edu/diary/VBA+Maldoc+%26+UTF7+%28APT-C-35%29/28946 Disrupting SEABORGIUM's Ongoing Phishing Operations https://www.microsoft.com/security/blog/2022/08/15/disrupting-seaborgiums-ongoing-phishing-operations/ UWB Real Time Location Systems: How Secure Radio Communcations May Fail in Practice.

Aug 16, 2022 • 7min

ISC StormCast for Tuesday, August 16th, 2022

Realtek CVE-2022-27255 Followup (snort signature and presentation) https://isc.sans.edu/diary/Realtek+SDK+SIP+ALG+Vulnerability%3A+A+Big+Deal%2C+but+not+much+you+can+do+about+it.+CVE+2022-27255/28940 MacOS Privilege Escalation https://sector7.computest.nl/post/2022-08-process-injection-breaking-all-macos-security-layers-with-a-single-vulnerability/ Zoom Update https://explore.zoom.us/en/trust/security/security-bulletin/ Microsoft Block Vulnerable Bootloaders https://eclypsium.com/2022/08/11/vulnerable-bootloaders-2022/ HPE Integrated Lights Out 5 Vulnerablities https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=emr_na-hpesbhf04333en_us

Aug 15, 2022 • 12min

ISC StormCast for Monday, August 15th, 2022

Realtek eCOS SDK SIP ALG Vulnerability https://isc.sans.edu/diary/Realtek+SDK+SIP+ALG+Vulnerability%3A+A+Big+Deal%2C+but+not+much+you+can+do+about+it.+CVE+2022-27255/28940 Phishing HTML Attachment as Voicemail Audio Transcription https://isc.sans.edu/diary/Phishing+HTML+Attachment+as+Voicemail+Audio+Transcription/28938 CVE-2022-0028 PAN-OS: Reflected Amplification Denial-of-Service Vulnerability https://security.paloaltonetworks.com/CVE-2022-0028

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

App store banner

Play store banner