ISC Daily Stormcasts-logo

ISC Daily Stormcasts

Technology News >

SANS Internet Storm Center Daily Network Security and Computer Security Podcast

SANS Internet Storm Center Daily Network Security and Computer Security Podcast
More Information

Location:

United States

Description:

SANS Internet Storm Center Daily Network Security and Computer Security Podcast

Language:

English


Episodes

ISC StormCast for Monday, February 18th 2019

2/18/2019
More
Snap Patches Available https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SnapSocketParsing Finding Property Values in Office Documents https://isc.sans.edu/forums/diary/Finding+Property+Values+in+Office+Documents/24652/ Bro-Sysmon https://engineering.salesforce.com/test-out-bro-sysmon-a6fad1c8bb88 Cryptojacking Apps in Microsoft App Store https://www.symantec.com/blogs/threat-intelligence/cryptojacking-apps-microsoft-store

Duration:00:05:05

ISC StormCast for Friday, February 15th 2019

2/15/2019
More
PDF includes SMB Link https://isc.sans.edu/forums/diary/Suspicious+PDF+Connecting+to+a+Remote+SMB+Share/24646/ QNAP Malware https://www.qnap.com/en/security-advisory/nas-201902-13 Bomb Threat Spammers Arrested https://www.justice.gov/usao-cdca/pr/members-hacker-collective-face-federal-charges-attacking-computer-systems-emailing-mass Managed Service Providers Targeted By Ransomware https://www.bleepingcomputer.com/news/security/ransomware-attacks-target-msps-to-mass-infect-customers/

Duration:00:05:47

ISC StormCast for Thursday, February 14th 2019

2/14/2019
More
Fake Updates Campaign Still Active in 2019 https://isc.sans.edu/forums/diary/Fake+Updates+campaign+still+active+in+2019/24640/ macOS Malware (Shlayer) Disables Gatekeeper https://www.carbonblack.com/2019/02/12/tau-threat-intelligence-notification-new-macos-malware-variant-of-shlayer-osx-discovered/ Microsoft Exchange Server Patch (Errata for yesterday's podcast) https://support.microsoft.com/en-ca/help/4490060/exchange-web-services-push-notifications-can-provide-unauthorized-acce Cisco...

Duration:00:05:50

ISC StormCast for Wednesday, February 13th 2019

2/13/2019
More
Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+February+2019+Patch+Tuesday/24638/ Adobe Updates https://helpx.adobe.com/security.html Ubuntu Linux snapd "dirty_sock" exploit https://shenaniganslabs.io/2019/02/13/Dirty-Sock.html

Duration:00:05:24

ISC StormCast for Tuesday, February 12th 2019

2/12/2019
More
Severe Docker runc Vulnerability https://seclists.org/oss-sec/2019/q1/119 MacOS Mojave Privacy Flaw https://lapcatsoftware.com/articles/mojave-privacy3.html Android Malware Steals Crypto Addresses from Clipboard https://www.welivesecurity.com/2019/02/08/first-clipper-malware-google-play/ Not An E-Mail Virus, Just Intersting Malware https://isc.sans.edu/forums/diary/Have+You+Seen+an+Email+Virus+Recently/24634/

Duration:00:04:54

ISC StormCast for Monday, February 11th 2019

2/11/2019
More
Phishing Kit with JavaScript Keylogger https://isc.sans.edu/forums/diary/Phishing+Kit+with+JavaScript+Keylogger/24622/ Phishing Via Google Translate https://blogs.akamai.com/sitr/2019/02/phishing-attacks-against-facebook-google-via-google-translate.html iPhone Apps Record Screens https://techcrunch.com/2019/02/06/iphone-session-replay-screenshots/ Packet Challenge https://johannes.homepc.org/packet10.txt

Duration:00:06:49

ISC StormCast for Friday, February 8th 2019

2/8/2019
More
Value of UAC https://isc.sans.edu/forums/diary/UAC+is+not+all+that+bad+really/24620/ Apple Releases Facetime Patch https://support.apple.com/en-us/HT201222 Skype Video Now Allows For Blurred Background https://blogs.skype.com/news/2019/02/06/introducing-background-blur-in-skype/ Microsoft Exchange Server Advisory https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/adv190007

Duration:00:05:28

ISC StormCast for Thursday, February 7th 2019

2/7/2019
More
Android Monthly Security Update https://source.android.com/security/bulletin/2019-02-01.html Skia Graphics Library Vulnerability https://googleprojectzero.blogspot.com/2019/02/the-curious-case-of-convexity-confusion.html Google Chrome Password Check https://chrome.google.com/webstore/detail/password-checkup/pncabnpcffmalkkjpajodfhijclecjno/related Hancitor HelloFax Malspam https://isc.sans.edu/forums/diary/Hancitor+malspam+and+infection+traffic+from+Tuesday+20190205/24616/

Duration:00:06:26

ISC StormCast for Wednesday, February 6th 2019

2/6/2019
More
Mitigations against Mimikatz Style Attacks https://isc.sans.edu/forums/diary/Mitigations+against+Mimikatz+Style+Attacks/24612/ LibreOffice Macro Vulnerability https://insert-script.blogspot.com/2019/02/libreoffice-cve-2018-16858-remote-code.html Firefox 65 Breaks HTTPS AV Scanning https://bugzilla.mozilla.org/show_bug.cgi?id=1523701 RDP Client Vulnerabilities https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/ DNS...

Duration:00:06:42

ISC StormCast for Tuesday, February 5th 2019

2/5/2019
More
Exploiting Struts in vCenter https://isc.sans.edu/forums/diary/Struts+Vulnerability+CVE20175638+on+VMware+vCenter+the+Gift+that+Keeps+on+Giving/24606/ Wikipedia Tech Support Scam https://isc.sans.edu/forums/diary/Wikipedia+Articles+as+part+of+Tech+Support+Scamming+Campaigns/24608/ Stealing MacOS Keychain https://www.youtube.com/watch?v=nYTBZ9iPqsU Beauty Camera Ads for Android include...

Duration:00:05:21

ISC StormCast for Monday, February 4th 2019

2/4/2019
More
Sextortion EMail Update https://isc.sans.edu/forums/diary/Sextortion+Follow+the+Money+Part+3+The+cashout+begins/24592/ Ubiquity Devices Used in DDoS Attack https://blog.rapid7.com/2019/02/01/ubiquiti-discovery-service-exposures/?fbclid=IwAR0OUPQIfSV7YsBLvkjoC2WIbe_E4p9WGAM4LCTsL9TKr30I7aQ2Qwqoins Google Chrome Experimenting with Typo Domain Detection https://www.usenix.org/conference/enigma2019/presentation/stark YouTube Copyright Extortion https://www.youtube.com/watch?v=Q0i-sLESXqo

Duration:00:07:42

ISC StormCast for Friday, February 1st 2019

2/1/2019
More
Tracking DNS Changes https://isc.sans.edu/forums/diary/Tracking+Unexpected+DNS+Changes/24596/ SystemD/JournalD PoC Exploit https://capsule8.com/blog/exploiting-systemd-journald-part-1/ Windows Defender Boot Issues https://support.microsoft.com/en-us/help/4052623/update-for-windows-defender-antimalware-platform Mac Malware Steals Crytocurrency Exchange Cookies https://unit42.paloaltonetworks.com/mac-malware-steals-cryptocurrency-exchanges-cookies/

Duration:00:06:03

ISC StormCast for Thursday, January 31st 2019

1/31/2019
More
Chrome Update https://www.zdnet.com/article/google-chrome-72-removes-hpkp-deprecates-tls-1-0-and-tls-1-1/ Firefox Update https://techdows.com/2019/01/firefox-to-disable-extensions-in-private-browsing-mode-by-default.html Facebook (and Google) Research VPN https://techcrunch.com/2019/01/29/facebook-project-atlas/ https://www.macrumors.com/2019/01/30/google-exploiting-apple-enterprise-certificate/ RCE In Samsung Store via...

Duration:00:05:50

ISC StormCast for Wednesday, January 30th 2019

1/30/2019
More
Phishing Not Ready for IPv6 https://isc.sans.edu/forums/diary/A+Not+So+Well+Done+Phish+Why+Attackers+need+to+Implement+IPv6+Now/24582/ Apple Disables Facetime Group Messages https://www.apple.com/support/systemstatus/ Outlook 365 Safe Link Errors https://twitter.com/Swiss_Jay/status/1090271197193940992

Duration:00:05:49

ISC StormCast for Tuesday, January 29th 2019

1/29/2019
More
Relaying Exchange's NTLM Autentication to Become Domain Admin https://isc.sans.edu/forums/diary/Relaying+Exchanges+NTLM+authentication+to+domain+admin+and+more/24578/ Facetime Bug Allows Users to Receive Audio before Call is Accepted https://9to5mac.com/2019/01/28/facetime-bug-hear-audio/ AZORult Fake (signed) Google Update https://blog.minerva-labs.com/azorult-now-as-a-signed-google-update

Duration:00:05:09

ISC StormCast for Monday, January 28th 2019

1/28/2019
More
Cisco RV320/325 Router Vulnerability Exploited https://github.com/0x27/CiscoRV320Dump https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-inject https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info HTTP Signed Exchanges https://wicg.github.io/webpackage/draft-yasskin-http-origin-signed-responses.html BGP Experiments Disrupt...

Duration:00:07:03

ISC StormCast for Friday, January 25th 2019

1/25/2019
More
Ghostscript Remote Code Execution Vulnerability https://www.openwall.com/lists/oss-security/2019/01/23/5 Abusing Exchange to Obtain Domain Admin https://dirkjanm.io/abusing-exchange-one-api-call-away-from-domain-admin/ IPC Voucher UaF Remote Jailbreak http://blogs.360.cn/post/IPC%20Voucher%20UaF%20Remote%20Jailbreak%20Stage%202%20(EN).html Cisco Security Updates https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-bo

Duration:00:05:37

ISC StormCast for Thursday, January 24th 2019

1/24/2019
More
DHS Emergency Directive Regarding DNS Tampering https://cyber.dhs.gov/ed/19-01/ Abuse of Trusted Microsoft Azure Domains https://github.com/MicrosoftDocs/OfficeDocs-Enterprise/issues/233 Tech Support Scammers Unmasked https://www.fidusinfosec.com/turning-the-tables-on-virgin-media-twitter-scammers/

Duration:00:05:11

ISC StormCast for Wednesday, January 23rd 2019

1/23/2019
More
Turning MISP Data into RPZs https://isc.sans.edu/forums/diary/DNS+Firewalling+with+MISP/24556/ Man in the Middle Vulnerablity in apt https://justi.cz/security/2019/01/22/apt-rce.html PHP PEAR Compromised Package http://pear.php.net Apple Security Updates https://support.apple.com/en-us/HT201222

Duration:00:07:08

ISC StormCast for Tuesday, January 22nd 2019

1/22/2019
More
Suspicious GET Request: Do you know what it is? https://isc.sans.edu/forums/diary/Suspicious+GET+Request+Do+You+Know+What+This+Is/24552/ DNS Flag Day https://dnsflagday.net/

Duration:00:05:30