SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Episodes

Mentioned books

Oct 12, 2022 • 6min

ISC StormCast for Wednesday, October 12th, 2022

Microsoft October 2022 Patches https://isc.sans.edu/forums/diary/October%202022%20Microsoft%20Patch%20Tuesday/29138/ SAP Patchday https://dam.sap.com/mac/app/e/pdf/preview/embed/ucQrx6G?ltr=a&rc=10 Top CVEs Actively Exploited By People s Republic of China State-Sponsored Cyber Actors https://www.cisa.gov/uscert/ncas/alerts/aa22-279a

Oct 11, 2022 • 6min

ISC StormCast for Tuesday, October 11th, 2022

Wireshark Display Filter Update https://isc.sans.edu/forums/diary/Wireshark+Specifying+a+Protocol+Stack+Layer+in+Display+Filters/29130 Fortinet Vulnerablity Update https://twitter.com/Horizon3Attack/status/1579285863108087810 BazarCall Social Engineering Tactics https://www.trellix.com/en-us/about/newsroom/stories/research/evolution-of-bazarcall-social-engineering-tactics.html RPKI Rate Limiting https://www.usenix.org/system/files/sec22-hlavacek.pdf

Oct 10, 2022 • 6min

ISC StormCast for Monday, October 10th, 2022

Fortinet Update https://docs.fortinet.com/document/fortigate/7.2.2/fortios-release-notes/760203/introduction-and-supported-models Zimbra Vulnerability https://twitter.com/iagox86/status/1578084484720734209 https://attackerkb.com/topics/1DDTvUNFzH/cve-2022-41352/rapid7-analysis?referrer=activityFeed Microsoft Exchange Workaround Improved Again https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/ Ikea Smart Bulb Exploit https://www.synopsys.com/blogs/software-security/cyrc-advisory-ikea-tradfri-smart-lighting/

Oct 7, 2022 • 6min

ISC StormCast for Friday, October 7th, 2022

Infosec Calendar https://isc.sans.edu/forums/diary/What+is+in+your+Infosec+Calendar/29118 OnionPoison: infected Tor Browser installer distributed through popular YouTube channel https://securelist.com/onionpoison-infected-tor-browser-installer-youtube/107627/ MacOS Architve Utility Vulnerability Details https://www.jamf.com/blog/jamf-threat-labs-macos-archive-utility-vulnerability/

Oct 5, 2022 • 5min

ISC StormCast for Wednesday, October 5th, 2022

Credential Harvesting with Telegram https://isc.sans.edu/forums/diary/Credential%20Harvesting%20with%20Telegram%20API/29112/ Updated Microsoft Exchange Fix https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/ Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization https://www.cisa.gov/uscert/ncas/alerts/aa22-277a A New Supply Chain Attack on PHP https://blog.sonarsource.com/securing-developer-tools-a-new-supply-chain-attack-on-php/

Oct 4, 2022 • 5min

ISC StormCast for Tuesday, October 4th, 2022

Microsoft Exchange Vulnerability Fix Bypassed https://twitter.com/testanull/status/1576774007826718720 Schneider Electric UMAS Patch Bypass https://securelist.com/the-secrets-of-schneider-electrics-umas-protocol/107435/ Supply Chain Attack via Trojanized Comm100 Chat Installer https://www.crowdstrike.com/blog/new-supply-chain-attack-leverages-comm100-chat-installer/

Oct 3, 2022 • 5min

ISC StormCast for Monday, October 3rd, 2022

Microsoft Exchange 0-Day Update https://isc.sans.edu/forums/diary/Exchange+Server+0Day+Actively+Exploited/29106 https://microsoft.github.io/CSS-Exchange/Security/EOMTv2/ CISA Adds Atlasian Bitbucket Vulnerability to Exploited List https://www.cisa.gov/uscert/ncas/current-activity/2022/09/30/cisa-adds-three-known-exploited-vulnerabilities-catalog Every unsandboxed app has Full Disk Access if Terminal Does https://lapcatsoftware.com/articles/FullDiskAccess.html

Sep 30, 2022 • 6min

ISC StormCast for Friday, September 30th, 2022

PNG Analysis with pngdump.py https://isc.sans.edu/forums/diary/PNG%20Analysis/29100/ Possible Exchange Server 0-Day Vulnerability https://www.gteltsc.vn/blog/warning-new-attack-campaign-utilized-a-new-0day-rce-vulnerability-on-microsoft-exchange-server-12715.html https://success.trendmicro.com/dcx/s/solution/000291651?language=en_US Bad VIB(E)s Part One: Investigating Novel Malware Persistence Within ESXi Hypervisors https://www.mandiant.com/resources/blog/esxi-hypervisors-malware-persistence

Sep 29, 2022 • 7min

ISC StormCast for Thursday, September 29th, 2022

10 Years Later: Attacker re-discovering old VTiger CRM Vulnerability https://isc.sans.edu/forums/diary/10+Years+Later+Attacker+rediscovering+old+VTiger+CRM+Vulnerability/29098 IRS Reports Significant Increase in Texting Scams https://www.irs.gov/newsroom/irs-reports-significant-increase-in-texting-scams-warns-taxpayers-to-remain-vigilant Cloudflare Releases Turnsitle, a user-friendly, privacy-preserving CAPTCHA alternative https://blog.cloudflare.com/turnstile-private-captcha-alternative/ Cisco Patches https://kb.cert.org/vuls/id/855201 Chrome 106 Release https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html?m=1

Sep 28, 2022 • 7min

ISC StormCast for Wednesday, September 28th, 2022

DNS Option 15 and Debugging DNSSEC Errors https://isc.sans.edu/forums/diary/DNS+Option+15+Debugging+DNSSEC+Errors/29094 Yari: A New Era of Yara Debugging https://engineering.avast.io/yari-a-new-era-of-yara-debugging/ HTTP Archive Almanac https://almanac.httparchive.org/en/2022/security

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

App store banner

Play store banner