Internet Storm Centre Podcast

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

  • ISC StormCast for Thursday, July 16th 2020
    by Johannes B. Ullrich, Ph.D. on July 16, 2020 at 2:00 am

    MSFT DNS Server Vulnerabilityhttps://isc.sans.edu/forums/diary/PATCH+NOW+SIGRed+CVE20201350+Microsoft+DNS+Server+Vulnerability/26356/https://www.sans.org/webcasts/about-windows-dns-vulnerability-cve-2020-1350-116120 Outlook Crashes After Patch Tuesday Updateshttps://www.reddit.com/r/sysadmin/comments/hrq0mn/outlook_immediately_crashing_on_open_after/fy5nnx2/ Oracle Quarterly Critical Patch Updatehttps://www.oracle.com/security-alerts/cpujul2020.html Cisco Backdoorshttps://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir&limit=100#~Vulnerabilities

  • ISC StormCast for Wednesday, July 15th 2020
    by Johannes B. Ullrich, Ph.D. on July 15, 2020 at 2:00 am

    MSFT Patch Tuesdayhttps://isc.sans.edu/forums/diary/Microsoft+July+2020+Patch+Tuesday+Patch+Now/26350/ Adobe Patcheshttps://helpx.adobe.com/security.html

  • ISC StormCast for Tuesday, July 14th 2020
    by Johannes B. Ullrich, Ph.D. on July 14, 2020 at 2:00 am

    Purged VBA Codehttps://isc.sans.edu/forums/diary/Maldoc+VBA+Purging+Example/26342/ Password protected VBA Codehttps://isc.sans.edu/forums/diary/VBA+Project+Passwords/26346/ MacOS mount_apfs TCC Bypasshttps://theevilbit.github.io/posts/cve_2020_9771/

  • ISC StormCast for Monday, July 13th 2020
    by Johannes B. Ullrich, Ph.D. on July 13, 2020 at 2:00 am

    Excel Spreadsheet Macro Kicks Off Formbook Infectionhttps://isc.sans.edu/forums/diary/Excel+spreasheet+macro+kicks+off+Formbook+infection/26332/ Zoom Update Fixing Zoom on Windows 7 Vulnerabilityhttps://support.zoom.us/hc/en-us/articles/360046081271-New-updates-for-July-10-2020 DigiCert Replaces 50,000 EV Certificateshttps://knowledge.digicert.com/alerts/DigiCert-ICA-Replacement Microsoft Warns of OAUTH consent Phishinghttps://www.microsoft.com/security/blog/2020/07/08/protecting-remote-workforce-application-attacks-consent-phishing/

  • ISC StormCast for Friday, July 10th 2020
    by Johannes B. Ullrich, Ph.D. on July 10, 2020 at 2:00 am

    Citrix Scanninghttps://isc.sans.edu/forums/diary/Active+Exploit+Attempts+Targeting+Recent+Citrix+ADC+Vulnerabilities+CTX276688/26330/https://www.youtube.com/watch?time_continue=6&v=1_D4_9BKHSc&feature=emb_logo Juniper Patcheshttps://kb.juniper.net/InfoCenter/index?page=content&channel=SECURITY_ADVISORIES Google Releases Tsunami Security Scannerhttps://github.com/google/tsunami-security-scanner SANS.edu Student Billy Wilson: Security Supercomputers with BPF Probeshttps://www.sans.org/reading-room/whitepapers/detection/securing-soft-underbelly-supercomputer-bpf-probes-39635#__utma=56421037.1361558334.1422039453.1445264258.1445266863.510&__utmb=56421037.17.9.1445268558432&__utmc=56421037&__utmx=-&__utmz=56421037.1444729543.493.57.utmcsr=admin.sans.org|utmccn=%28referral%29|utmcmd=referral|utmcct=/account/madmin/account_manage

  • ISC StormCast for Thursday, July 9th 2020
    by Johannes B. Ullrich, Ph.D. on July 9, 2020 at 2:00 am

    Obfuscated Malwarehttps://isc.sans.edu/forums/diary/If+You+Want+Something+Done+Right+You+Have+To+Do+It+Yourself+Malware+Too/26320/ PaloAlto Networks PAN-OS CVE-2020-2034https://security.paloaltonetworks.com/CVE-2020-2034 Citrix Vulnerability Details (CVE-2020-8194)https://dmaasland.github.io/posts/citrix.html Mozilla Suspending Send Servicehttps://www.zdnet.com/article/mozilla-suspends-firefox-send-service-while-it-addresses-malware-abuse/

  • ISC StormCast for Wednesday, July 8th 2020
    by Johannes B. Ullrich, Ph.D. on July 8, 2020 at 2:00 am

    F5 Big IP Wrapuphttps://twitter.com/NCCGroupInfosec/status/1280593966879125504https://www.sans.org/webcasts/116065 Citrix ADC / Citrix Gateway Patcheshttps://www.citrix.com/blogs/2020/07/07/citrix-provides-context-on-security-bulletin-ctx276688/ Microsoft Releases Free Memory Analysis Servicehttps://www.microsoft.com/en-us/research/blog/toward-trusted-sensing-for-the-cloud-introducing-project-freta/

  • ISC StormCast for Tuesday, July 7th 2020
    by Johannes B. Ullrich, Ph.D. on July 7, 2020 at 2:00 am

    More BigIP Exploitshttps://isc.sans.edu/forums/diary/Summary+of+CVE20205902+F5+BIGIP+RCE+Vulnerability+Exploits/26316/ Special F5 BigIP Webcasthttps://www.sans.org/webcasts/116065 Microsoft ATP Web Content Filteringhttps://techcommunity.microsoft.com/t5/microsoft-defender-atp/an-update-on-web-content-filtering/ba-p/1505445 Ouch Newsletter: Ransomwarehttps://www.sans.org/security-awareness-training/resources/ransomware Extended Research Feed: Added Net Systems Researchhttps://isc.sans.edu/api/threatcategory/research

  • ISC StormCast for Monday, July 6th 2020
    by Johannes B. Ullrich, Ph.D. on July 6, 2020 at 2:00 am

    F5 BigIP Critical RCEhttps://support.f5.com/csp/article/K52145254https://isc.sans.edu/forums/diary/CVE20205902+F5+BIGIP+Exploitation+Attempt/26310/https://github.com/rapid7/metasploit-framework/pull/13807/commits/0417e88ff24bf05b8874c953bd91600f10186ba4https://www.ptsecurity.com/ww-en/about/news/f5-fixes-critical-vulnerability-discovered-by-positive-technologies-in-big-ip-application-delivery-controller Guacamole RDP Gateway Vulnerabilityhttps://blog.checkpoint.com/2020/07/02/hole-y-guacamole-fixing-critical-vulnerabilities-in-apaches-popular-remote-desktop-gateway/ Barclays Caught Serving Code from Wayback Machinehttps://www.theregister.com/2020/07/03/barclays_bank_javascript_wayback_machine/

  • ISC StormCast for Thursday, July 2nd 2020
    by Johannes B. Ullrich, Ph.D. on July 2, 2020 at 2:00 am

    Alina PoS Malware Exfiltrating Data via DNShttps://blog.centurylink.com/alina-point-of-sale-malware-still-lurking-in-dns/ Evil Quest “Ransomware” Updatehttps://objective-see.com/blog/blog_0x59.html IBM Cyber Resilient Organziation Reporthttps://www.ibm.com/account/reg/us-en/signup?formid=urx-45839

  • ISC StormCast for Wednesday, July 1st 2020
    by Johannes B. Ullrich, Ph.D. on July 1, 2020 at 2:00 am

    Window 10 / 2019 Server Out of Order Patchhttps://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1425https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1457 MacOS Ransomare Arrives as Fake Little Snitch Softwarehttps://blog.malwarebytes.com/mac/2020/06/new-mac-ransomware-spreading-through-piracy/ VPN Privilege Escalationhttps://0xsha.io/posts/zombievpn-breaking-that-internet-security DNSSEC Phishing Scamhttps://nakedsecurity.sophos.com/2020/06/29/beware-secure-dns-scam-targeting-website-owners-and-bloggers/

  • ISC StormCast for Tuesday, June 30th 2020
    by Johannes B. Ullrich, Ph.D. on June 30, 2020 at 2:00 am

    Sysmon 11.10 and ADS Logginghttps://isc.sans.edu/forums/diary/Sysmon+and+Alternate+Data+Streams/26292/ Paloalto PAN-OS SAML Vulnerabilityhttps://security.paloaltonetworks.com/CVE-2020-2021 Cisco Telnet Vulnerabilityhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-telnetd-EFJrEzPxhttps://appgateresearch.blogspot.com/2020/02/bravestarr-fedora-31-netkit-telnetd_28.html

  • ISC StormCast for Monday, June 29th 2020
    by Johannes B. Ullrich, Ph.D. on June 29, 2020 at 1:12 am

    MacOS 11 Security Changeshttps://www.sentinelone.com/blog/macos-big-sur-9-big-surprises-for-enterprise-security/ Certificate Lifetime Limited to 1 Year Starting Septemberhttps://chromium.googlesource.com/chromium/src/+/ae4d6809912f8171b23f6aa43c6a4e8e627de784https://support.apple.com/en-us/HT211025https://lists.cabforum.org/pipermail/servercert-wg/2020-June/002000.html

  • ISC StormCast for Friday, June 26th 2020
    by Johannes B. Ullrich, Ph.D. on June 26, 2020 at 2:00 am

    Recordings of the Tech Tuesday Workshophttps://isc.sans.edu/forums/diary/Tech+Tuesday+Recap+Recordings+Part+2+Installing+the+Honeypot+release/26280/https://www.youtube.com/channel/UCfbOsqPmWg1H_34hTjKEW2A Credit Card Skimmers Hide Code in Favicon EXIF Datahttps://blog.malwarebytes.com/threat-analysis/2020/06/web-skimmer-hides-within-exif-metadata-exfiltrates-credit-cards-via-image-files/ GeoVision Scanners Vulnerabilitieshttps://thehackernews.com/2020/06/geovision-scanner-vulnerabilities.html Docker Images Containing Cryptojacking Malwarehttps://unit42.paloaltonetworks.com/cryptojacking-docker-images-for-mining-monero/ SANS.edu Student Karim Lalji: https://www.sans.org/reading-room/whitepapers/threathunting/real-time-honeypot-forensic-investigation-german-organized-crime-network-39640

  • ISC StormCast for Thursday, June 25th 2020
    by Johannes B. Ullrich, Ph.D. on June 25, 2020 at 1:42 am

    Using Shell Links as zero-touch downloaders and to initiate network connectionshttps://isc.sans.edu/forums/diary/Using+Shell+Links+as+zerotouch+downloaders+and+to+initiate+network+connections/26276/ Chrome Updates Releasedhttps://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop_22.html QNAP Updates for Helpdeskhttps://www.qnap.com/de-de/security-advisory/qsa-20-03 Magento Updatehttps://helpx.adobe.com/security/products/magento/apsb20-41.html Attacks Against Microsoft Exchange Servershttps://www.microsoft.com/security/blog/2020/06/24/defending-exchange-servers-under-attack/

  • ISC StormCast for Wednesday, June 24th 2020
    by Johannes B. Ullrich, Ph.D. on June 24, 2020 at 2:00 am

    Analysis Of Traffic Targeting CyberBunker IP Spacehttps://isc.sans.edu/forums/diary/Cyberbunker+20+Analysis+of+the+Remnants+of+a+Bullet+Proof+Hosting+Provider/26266/ Microsoft Offering Enterprise Security Products for Linux/Androidhttps://techcommunity.microsoft.com/t5/microsoft-defender-atp/announcing-microsoft-defender-atp-for-android/ba-p/1480787https://techcommunity.microsoft.com/t5/microsoft-defender-atp/microsoft-defender-atp-for-linux-is-now-generally-available/ba-p/1482344 Microsoft Safe Documentshttps://techcommunity.microsoft.com/t5/microsoft-365-blog/safe-documents-is-generally-available/ba-p/1480401

  • ISC StormCast for Tuesday, June 23rd 2020
    by Johannes B. Ullrich, Ph.D. on June 23, 2020 at 2:00 am

    Comparing Office Documents with WinMergehttps://isc.sans.edu/forums/diary/Comparing+Office+Documents+with+WinMerge/26268/ VMWare Tools and Microsoft Office Updates for macOShttps://www.vmware.com/security/advisories/VMSA-2020-0014.htmlhttps://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1225https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1226https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1229 Remote Code Execution Vulnerability in Bitdefenderhttps://palant.info/2020/06/22/exploiting-bitdefender-antivirus-rce-from-any-website/ Google Analytics Used to Exfiltrate Datahttps://www.perimeterx.com/tech-blog/2020/bypassing-csp-exflitrate-data/

  • ISC StormCast for Monday, June 22nd 2020
    by Johannes B. Ullrich, Ph.D. on June 22, 2020 at 2:00 am

    Sigma Rules! The Generic Signature Format for SIEM Systemshttps://isc.sans.edu/forums/diary/Sigma+rules+The+generic+signature+format+for+SIEM+systems/26258/ Pi Zero Honeypothttps://isc.sans.edu/forums/diary/Pi+Zero+HoneyPot/26260/ Ransomware Operators Lurk on Your Networkhttps://www.bleepingcomputer.com/news/security/ransomware-operators-lurk-on-your-network-after-their-attack/ Discord Modified to Steal Accountshttps://www.bleepingcomputer.com/news/security/discord-modified-to-steal-accounts-by-new-nitrohack-malware/

  • ISC StormCast for Friday, June 19th 2020
    by Johannes B. Ullrich, Ph.D. on June 19, 2020 at 2:00 am

    Broken Phishing Accidentially Exploiting Outlook Zero-Dayhttps://isc.sans.edu/forums/diary/Broken+phishing+accidentally+exploiting+Outlook+zeroday/26254/ Webcast: https://www.sans.org/webcasts/sansatmic-catch-release-phishing-techniques-good-guys-115430 Cisco Updates Treck IP Stack: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-treck-ip-stack-JyBQ5GyC All Advisories: https://tools.cisco.com/security/center/publicationListing.x Netgear httpd Firmware Upload Stack-based Buffer Overflow RCE Vulnerabilityhttps://blog.grimm-co.com/2020/06/soho-device-exploitation.html Tech Tuesday Workshop: https://www.sans.org/webcasts/tech-tuesday-workshop-collaborating-scale-contribute-profit-internet-storm-center-115935

  • ISC StormCast for Thursday, June 18th 2020
    by Johannes B. Ullrich, Ph.D. on June 18, 2020 at 2:00 am

    Odd Protest Spam (Scam?) Targeting Atlanta Police Foundationhttps://isc.sans.edu/forums/diary/Odd+Protest+Spam+Scam+Targeting+Atlanta+Police+Foundation/26248/ Zoom Publishes End-to-End Encryption Whitepaperhttps://github.com/zoom/zoom-e2e-whitepaper Linux ACPI Bug Defeats UEFI Secure Boothttps://git.zx2c4.com/american-unsigned-language/tree/american-unsigned-language-2.sh Tech Tuesday Workshop: https://www.sans.org/webcasts/tech-tuesday-workshop-collaborating-scale-contribute-profit-internet-storm-center-115935

Share This Information.

4 thoughts on “Internet Storm Centre Podcast

  1. Oh my goodness! Impressive article dude! Thank you, However I am experiencing problems with your RSS.
    I don’t understand why I can’t join it. Is there anybody else having similar RSS problems?
    Anybody who knows the answer can you kindly respond?

    Thanks!!

  2. We absolutely love your blog websitecyber and find the majority of your post’s to be precisely what I’m looking for. Do you offer guest writers to write content for yourself? I wouldn’t mind producing a post or elaborating on many of the subjects you write related to here. Again, awesome web log!

Leave a Reply

Your email address will not be published. Required fields are marked *