SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Episodes
Mentioned books
Dec 27, 2021 • 6min
ISC StormCast for Monday, December 27th, 2021
Log4j/Log4Shell and Cloud Internal Meta Data Services
https://isc.sans.edu/forums/diary/log4shell+and+cloud+provider+internal+meta+data+services+IMDS/28168/
https://isc.sans.edu/forums/diary/Defending+Cloud+IMDS+Against+log4shell+and+more/28170/
Log4j/Log4Shell Pushing Crypto Miner
https://isc.sans.edu/forums/diary/Example+of+how+attackers+are+trying+to+push+crypto+miners+via+Log4Shell/28172/
Microsoft Vulnerable and Malicious Driver Reporting Center
https://www.microsoft.com/security/blog/2021/12/08/improve-kernel-security-with-the-new-microsoft-vulnerable-and-malicious-driver-reporting-center/
Azure Source Code Leak
https://blog.wiz.io/azure-app-service-source-code-leak/
Dec 23, 2021 • 4min
ISC StormCast for Thursday, December 23rd, 2021
Forensics Challenge Solution
https://isc.sans.edu/forums/diary/December+2021+Forensic+Contest+Answers+and+Analysis/28160/
CAB-less 40444
https://news.sophos.com/en-us/2021/12/21/attackers-test-cab-less-40444-exploit-in-a-dry-run/
Ellume COVID Home Test Weakness
https://github.com/FSecureLABS/Ellume-COVID-Test_Research-Files
Dec 22, 2021 • 5min
ISC StormCast for Wednesday, December 22nd, 2021
More Undetected PowerShell Droppers
https://isc.sans.edu/forums/diary/More+Undetected+PowerShell+Dropper/28158/
Apache Patches
https://httpd.apache.org/security/vulnerabilities_24.html
Auerswald COMpact Multiple Backdoors
https://www.redteam-pentesting.de/en/advisories/rt-sa-2021-007/-auerswald-compact-multiple-backdoors
Vulnerabilities in Garrett Metal Detectors
https://blog.talosintelligence.com/2021/12/vuln-spotlight-garrett-metal-detector.html#more
Dec 21, 2021 • 6min
ISC StormCast for Tuesday, December 21st, 2021
PowerPoint Atachments: Agent Tesla and Code Reuse in Malware
https://isc.sans.edu/forums/diary/PowerPoint+attachments+Agent+Tesla+and+code+reuse+in+malware/28154/
VMWare Workspace ONE Patch / log4j status
https://www.vmware.com/security/advisories.html
Attacks Against Building Automation
https://limessecurity.com/en/knxlock/
Dec 20, 2021 • 7min
ISC StormCast for Monday, December 20th, 2021
Disaster Recovery Automation Using Public DNS APIs
https://isc.sans.edu/forums/diary/DR+Automation+Using+Public+DNS+APIs/28146/
Office 2021: VBA Project Version
https://isc.sans.edu/forums/diary/Office+2021+VBA+Project+Version/28150/
Log4j Updates
https://www.blumira.com/analysis-log4shell-local-trigger/
https://logging.apache.org/log4j/2.x/security.html
Dec 17, 2021 • 8min
ISC StormCast for Friday, December 17th, 2021
How the "Contact Forms" Campaign Tricks People
https://isc.sans.edu/forums/diary/How+the+Contact+Forms+campaign+tricks+people/28142/
Bluetooth Used to Extract WiFi Secrets
https://arxiv.org/pdf/2112.05719.pdf
Lenovo Privilege Escalation Vulnerability
https://support.lenovo.com/cy/en/product_security/len-75210
https://research.nccgroup.com/2021/12/15/technical-advisory-lenovo-imcontroller-local-privilege-escalation-cve-2021-3922-cve-2021-3969/
Log4j Updates
https://github.com/cisagov/log4j-affected-db
https://wiki.scn.sap.com/wiki/display/PSR/SAP+Security+Patch+Day+-+December+2021
https://twitter.com/sans_isc/status/1471611522694717445
Dec 16, 2021 • 6min
ISC StormCast for Thursday, December 16th, 2021
Undetected Powershell Backdoor
https://isc.sans.edu/forums/diary/Simple+but+Undetected+PowerShell+Backdoor/28138/
Adobe Security Updates
https://helpx.adobe.com/security.html
Remote Deserialization Bug in Microsoft RDP Client Through Smart Card Extension
https://thalium.github.io/blog/posts/deserialization-bug-through-rdp-smart-card-extension/
Webkit Bug Exploitable in PS4
https://arstechnica.com/gaming/2021/12/new-ps4-homebrew-exploit-points-to-similar-ps5-hacks-to-come/
Dec 15, 2021 • 5min
ISC StormCast for Wednesday, December 15th, 2021
Microsoft Patches
https://isc.sans.edu/forums/diary/Microsoft+December+2021+Patch+Tuesday/28132/
Log4j Updates
https://isc.sans.edu/forums/diary/Log4j+2150+and+previously+suggested+mitigations+may+not+be+enough/28134/
Log4j Scanner
https://github.com/dtact/divd-2021-00038--log4j-scanner
Apple Updates
https://support.apple.com/en-us/HT201222
Dec 14, 2021 • 5min
ISC StormCast for Tuesday, December 14th, 2021
Log4Shell Becoming Part of the Day to Day Grind
https://isc.sans.edu/forums/diary/Log4Shell+exploited+to+implant+coin+miners/28124/
https://www.youtube.com/watch?v=oC2PZB5D3Ys
Google Chrome Update
https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop_13.html
Malicious PyPi Packages
https://medium.com/ochrona/3-new-malicious-packages-found-on-pypi-a6bbb14b5e2
Dec 13, 2021 • 8min
ISC StormCast for Monday, December 13th, 2021
Remote Code Execution in log4j2
https://isc.sans.edu/forums/diary/RCE+in+log4j+Log4Shell+or+how+things+can+get+bad+quickly/28120/
Log4j Zero Day
https://www.lunasec.io/docs/blog/log4j-zero-day/
Log4j2/Log4Shell Followup: What we see and how to defend and how to access our data
https://isc.sans.edu/forums/diary/Log4j+Log4Shell+Followup+What+we+see+and+how+to+defend+and+how+to+access+our+data/28122/
Log4Shell Vendor Bulletins
https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592
