ISC Daily Stormcasts-logo

ISC Daily Stormcasts

Technology News >

SANS Internet Storm Center Daily Network Security and Computer Security Podcast

SANS Internet Storm Center Daily Network Security and Computer Security Podcast
More Information

Location:

United States

Description:

SANS Internet Storm Center Daily Network Security and Computer Security Podcast

Language:

English


Episodes

ISC StormCast for Wednesday, August 15th 2018

8/15/2018
More
Microsoft Patch Tuesday Summary https://isc.sans.edu/forums/diary/Microsoft+August+2018+Patch+Tuesday/23986/ Oracle Database Patch http://www.oracle.com/technetwork/security-advisory/alert-cve-2018-3110-5032149.html Intel Fixes Three More CPU Flaws https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault

Duration:00:06:11

ISC StormCast for Tuesday, August 14th 2018

8/14/2018
More
New Sextorition Wave Using Partial Phone Numbers New Extortion Tricks: Now Including Your (Partial) Phone Number! Intel Releases Patch for Puma Modem Chips https://www.dslreports.com/forum/r32071020-Internet-Rogers-modem-router-rebooting-on-wan-scans-by-design https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-000097.html Bluetooth Low Energy Attack Tool https://github.com/virtualabs/btlejack Tesla Will Fix Cars if Researcher Breaks it While...

Duration:00:05:03

ISC StormCast for Monday, August 13th 2018

8/13/2018
More
VIA C3 "God Mode" https://github.com/xoreaxeaxeax/rosenbridge Apple MDM Vulnerablity https://www.wired.com/story/mac-remote-hack-wifi-enterprise/ Peeking into MSG Files https://isc.sans.edu/forums/diary/Peeking+into+msg+files+revisited/23974/ Hunting SSL/TLS Clients Using JA3 https://isc.sans.edu/forums/diary/Hunting+SSLTLS+clients+using+JA3/23972/ Mobile Payment Terminal...

Duration:00:06:07

ISC StormCast for Friday, August 10th 2018

8/10/2018
More
Vulnerabilities in Pacemaker Programmer and Insulin Pumps https://arstechnica.com/information-technology/2018/08/lack-of-encryption-makes-hacks-on-life-saving-pacemakers-shockingly-easy/ "Panic Attacks" Against City Infrastructure https://www.bbc.com/news/technology-45128053 Kaspersky VPN Leaks DNS Traffic https://www.inputzero.io/2018/08/kaspersky-vpn-leaks-dns-address.html Osiris Dropper Uses Process...

Duration:00:05:13

ISC StormCast for Thursday, August 9th 2018

8/9/2018
More
Homebrew Exposed Github Credentials https://brew.sh/2018/08/05/security-incident-disclosure/ WhatsApp Vulnerability https://research.checkpoint.com/fakesapp-a-vulnerability-in-whatsapp/ Netflix Releases Tool To Detected Cloud Credential Compromise https://medium.com/netflix-techblog/netflix-cloud-security-detecting-credential-compromise-in-aws-9493d6fd373a

Duration:00:05:07

ISC StormCast for Wednesday, August 8th 2018

8/8/2018
More
Linux TCP DoS Vulnerability https://www.kb.cert.org/vuls/id/962459 Let's Encrypt Now Trusted By All Major Root CA Programs https://letsencrypt.org/2018/08/06/trusted-by-all-major-root-programs.html Android Updates https://source.android.com/security/bulletin/2018-08-01 OpenEMR Vulnerabilities https://insecurity.sh/assets/reports/openemr.pdf

Duration:00:05:34

ISC StormCast for Tuesday, August 7th 2018

8/7/2018
More
Numeric Obfuscation https://isc.sans.edu/forums/diary/Numeric+obfuscation+another+example/23960/ Crestron Touchscreen Vulnerability https://blog.securitycompass.com/security-advisory-regarding-crestron-tsw-xx60-touch-panel-devices-9f1a71a926a5 Facebook Releases "Fizz" TLS 1.3 Library https://github.com/facebookincubator/fizz

Duration:00:05:00

ISC StormCast for Monday, August 6th 2018

8/6/2018
More
New WPA Attack https://hashcat.net/forum/thread-7717.html Fake Techsupport Uses More Intelligent Call Routing https://www.symantec.com/blogs/threat-intelligence/tech-support-scam-call-optimization HP Printer Updates https://support.hp.com/us-en/document/c06097712

Duration:00:05:30

ISC StormCast for Friday, August 3rd 2018

8/3/2018
More
Malware in Animated GIF Files https://isc.sans.edu/forums/diary/DHLthemed+malspam+reveals+embedded+malware+in+animated+gif/23944/ MikroTik Miner Botnet https://www.trustwave.com/Resources/SpiderLabs-Blog/Mass-MikroTik-Router-Infection-%E2%80%93-First-we-cryptojack-Brazil,-then-we-take-the-World-/ Microsoft Edge Vulnerability https://www.netsparker.com/blog/web-security/stealing-local-files-with-simple-html-file/

Duration:00:06:30

ISC StormCast for Thursday, August 2nd 2018

8/2/2018
More
Facebook Smishing Attack https://isc.sans.edu/forums/diary/Facebook+Phishing+via+SMS/23940/ Port 52869 UPNP Attacks https://isc.sans.edu/forums/diary/When+Cameras+and+Routers+attack+Phones+Spike+in+CVE20148361+Exploits+Against+Port+52869/23942/ Microsoft Improves Account Security for Midterm Elections https://www.bleepingcomputer.com/news/microsoft/microsoft-accountguard-service-offers-protection-for-political-and-election-orgs/ Google Improves "Government Sponsored Attacks" Alert for...

Duration:00:06:26

ISC StormCast for Wednesday, August 1st 2018

8/1/2018
More
Powershell Inside Certificates https://blog.nviso.be/2018/07/31/powershell-inside-a-certificate-part-1/ TEMPEST is Back http://youtu.be/BpNP9b3aIfY?a Big Star Labs Spyware https://adguard.com/en/blog/big-star-labs-spyware/

Duration:00:06:24

ISC StormCast for Tuesday, July 31st 2018

7/31/2018
More
DOSFuscation Campaign https://isc.sans.edu/forums/diary/Malicious+Word+documents+using+DOSfuscation/23932/ Let's Encrypt Outage https://letsencrypt.status.io Malvertising Campaign Insides https://research.checkpoint.com/malvertising-campaign-based-secrets-lies/

Duration:00:06:56

ISC StormCast for Monday, July 30th 2018

7/30/2018
More
Summary of Earchings in Recent Sextortion Attack https://isc.sans.edu/forums/diary/Sextortion+Follow+the+Money/23922/ Adware Distributed with Legitimate Applications https://www.bleepingcomputer.com/news/security/fake-websites-for-keepass-7zip-audacity-others-found-pushing-adware/ https://twitter.com/JusticeRage PDF Editor Supply Chain Exploit https://cloudblogs.microsoft.com/microsoftsecure/2018/07/26/attack-inception-compromised-supply-chain-within-a-supply-chain-poses-new-risks/

Duration:00:07:10

ISC StormCast for Friday, July 27th 2018

7/27/2018
More
NetSpectre: Read Arbitrary Memory over the Network https://misc0110.net/web/files/netspectre.pdf Google Play Store Bans Crypto Miners https://play.google.com/about/developer-content-policy-print/ Japanese Calendar Issues https://blogs.msdn.microsoft.com/shawnste/2018/04/12/the-japanese-calendars-y2k-moment/ Multiple Vulnerabilities in Samsung SmartThings Hub https://blog.talosintelligence.com/2018/07/samsung-smartthings-vulns.html?m=1 Times Change and Your Training Data Should Too:...

Duration:00:15:52

ISC StormCast for Thursday, July 26th 2018

7/26/2018
More
Etherscan.io XSS Vulnerability https://scotthelme.co.uk/xss-on-etherscan-io/ Tomcat Vulnerabilities Patched https://www.us-cert.gov/ncas/current-activity/2018/07/23/Apache-Releases-Security-Updates-Apache-Tomcat DNS over HTTPS Standard Finalized https://datatracker.ietf.org/wg/doh/about/ ERP Systems Targeted in Recent Attacks https://www.us-cert.gov/ncas/current-activity/2018/07/25/Malicious-Cyber-Activity-Targeting-ERP-Applications

Duration:00:05:19

ISC StormCast for Wednesday, July 25th 2018

7/25/2018
More
Emotet Update https://isc.sans.edu/forums/diary/Recent+Emotet+activity/23908/ Clear Text Phone Tracking https://isc.sans.edu/forums/diary/Cell+Phone+Monitoring+Who+is+Watching+the+Watchers/23910/ Bluetooth Bug https://www.kb.cert.org/vuls/id/304725 Apache OpenWhisk Vulnerability https://www.puresec.io/blog/Apache_OpenWhisk_Mutability_Weakness?hs_preview=EpJUmSoY-5972289702

Duration:00:05:13

ISC StormCast for Tuesday, July 24th 2018

7/24/2018
More
More Spectre https://arxiv.org/pdf/1807.07940.pdf July IE Patch Fixed older Remote Code Exec. Bug http://blogs.360.cn/blog/from-a-patched-itw-0day-to-remote-code-execution-part-i-from-patch-to-new-0day/ Google Chrome 68 Released Today. HTTP sites marked as "insecure" https://support.google.com/chrome/a/answer/7679408?hl=en DNS Rebinding Vulnerablity Common in IoT https://www.armis.com/dns-rebinding-exposes-half-a-billion-iot-devices-in-the-enterprise/

Duration:00:06:21

ISC StormCast for Monday, July 23rd 2018

7/23/2018
More
New WebLogic Vulnerability Already Exploited https://isc.sans.edu/forums/diary/Weblogic+Exploit+Code+Made+Public+CVE20182893/23896/ Microsoft Edge Turns off XSS Protection https://portswigger.net/daily-swig/xss-protection-disappears-from-microsoft-edge Intel Management Engine Vulnerabilities https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00112.html User Tracking With TLS 1.2...

Duration:00:05:15

ISC StormCast for Friday, July 20th 2018

7/20/2018
More
Cisco Patches https://tools.cisco.com/security/center/publicationListing.x Diqee Smart Vacuum Vulnerabilities http://en.diqee.com/goods/1994.html Instagram About To Release 2FA Update https://techcrunch.com/2018/07/17/instagram-2-factor/ Reporting Malicious Websites https://isc.sans.edu/forums/diary/Reporting+Malicious+Websites+in+2018/23892/

Duration:00:05:14

ISC StormCast for Thursday, July 19th 2018

7/19/2018
More
Increase in scans for port 15454 https://isc.sans.edu/forums/diary/Request+for+Packets+Port+15454/23888/ Oracle Quarterly Critical Patch Update http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html Venmo Public Transaction API https://publicbydefault.fyi Credential Stuffing Responsible for Majority of Login Attempts http://info.shapesecurity.com/2018-Credential-Spill-Report-by-Shape-Security

Duration:00:05:20