ISC Daily Stormcasts-logo

ISC Daily Stormcasts

Technology News >

SANS Internet Storm Center Daily Network Security and Computer Security Podcast

SANS Internet Storm Center Daily Network Security and Computer Security Podcast
More Information

Location:

United States

Description:

SANS Internet Storm Center Daily Network Security and Computer Security Podcast

Language:

English


Episodes

ISC StormCast for Wednesday, December 12th 2018

12/12/2018
More
Microsoft December 2018 Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+December+2018+Patch+Tuesday/24404/ Adobe Patch Tuesday https://helpx.adobe.com/security/products/acrobat/apsb18-41.html Certificate Authority Weaknesses https://i.blackhat.com/eu-18/Thu-Dec-6/eu-18-Heftrig-Off-Path-Attacks-Against-PKI.pdf

Duration:00:05:31

ISC StormCast for Tuesday, December 11th 2018

12/11/2018
More
Kubernetes Unauthenticated PoC Exploit for CVE-2018-1002105 https://github.com/evict/poc_CVE-2018-1002105#unauthenticated-poc WebAssembly Brings Buffer Overflows to Browsers https://www.forcepoint.com/blog/security-labs/new-whitepaper-memory-safety-old-vulnerabilities-become-new-webassembly Increased Ethereum Miner Attacks https://isc.sans.edu/port.html?port=8545 https://www.zdnet.com/article/hackers-ramp-up-attacks-on-mining-rigs-before-ethereum-price-crashes-into-the-gutter Android...

Duration:00:05:45

ISC StormCast for Monday, December 10th 2018

12/10/2018
More
Analyzing Malicious Docker Images https://isc.sans.edu/forums/diary/A+Dive+into+malicious+Docker+Containers/24388/ Arrest of Huawei CFO Inspires Advance Fee Scam https://isc.sans.edu/forums/diary/Arrest+of+Huawei+CFO+Inspires+Advance+Fee+Scam/24396/ Sextortion Messages Leading to Ransomware https://www.proofpoint.com/us/threat-insight/post/sextortion-side-ransomware WebKit Exploit Released https://github.com/LinusHenze/WebKit-RegEx-Exploit Implants Found in Russian...

Duration:00:05:45

ISC StormCast for Friday, December 7th 2018

12/7/2018
More
Adobe Vulnerability PoC Released https://isc.sans.edu/forums/diary/Is+it+Time+to+Uninstall+Flash+If+you+havent+already/24382/ WatchOS Update https://support.apple.com/en-us/HT209343 Data Exfiltration During Pentests https://isc.sans.edu/forums/diary/Data+Exfiltration+in+Penetration+Tests/24354/ PoC Exploit for Kubernetes Vulnerability https://github.com/evict/poc_CVE-2018-1002105 Preston Ackerman: Marketing...

Duration:00:21:33

ISC StormCast for Thursday, December 6th 2018

12/6/2018
More
Adobe Releases Emergency Flash Patch https://helpx.adobe.com/security/products/flash-player/apsb18-42.html Apple Updates Everything (but not WatchOS) https://support.apple.com/en-us/HT201222 New Privacy Issues Affecting 3G-5G protocols https://eprint.iacr.org/2018/1175

Duration:00:05:06

ISC StormCast for Wednesday, December 5th 2018

12/5/2018
More
Fake Ransomware Decryption Service https://www.theregister.co.uk/2018/12/04/ransomware_helper_was_middleman_dr_shifro/ Latest Lokibot Malspam https://isc.sans.edu/forums/diary/Malspam+pushing+Lokibot+malware/24372/ Chrome 71 Released https://www.bleepingcomputer.com/news/google/chrome-71-released-with-abusive-ad-filtering-and-audio-blocking/ RSA Followup Webcast https://www.rsaconference.com/videos/virtual-session-the-5-most-dangerous-new-attack-techniques-and-whats-to-come

Duration:00:06:25

ISC StormCast for Tuesday, December 4th 2018

12/4/2018
More
Word Maldoc: Yet Another Place to Hide a Command https://isc.sans.edu/forums/diary/Word+maldoc+yet+another+place+to+hide+a+command/24370/ US-Cert Releases SamSam Alerts https://www.us-cert.gov/ncas/alerts/AA18-337A Kubernetes Patches https://groups.google.com/forum/#!topic/kubernetes-announce/GVllWCg6L88 Malicious iOS App Tricks User in Payment https://www.welivesecurity.com/2018/12/03/scam-ios-apps-promise-fitness-steal-money-instead/

Duration:00:04:53

ISC StormCast for Monday, December 3rd 2018

12/3/2018
More
KingMiner Improved Cryptomining https://research.checkpoint.com/kingminer-the-new-and-improved-cryptojacker/ Siglent Technologies Oscilloscope Vulnerabilities https://seclists.org/fulldisclosure/2018/Nov/68 Autocad Malware https://www.forcepoint.com/blog/security-labs/autocad-malware-computer-aided-theft ISC Stickers (login required. first 10 requests each day) https://isc.sans.edu/sticker.html

Duration:00:06:46

ISC StormCast for Friday, November 30th 2018

11/30/2018
More
Russian Language Malspam Pushing Shade (Troldesh) Ransomware https://isc.sans.edu/forums/diary/Russian+language+malspam+pushing+Shade+Troldesh+ransomware/24358/ Scamclub Malvertising Against iOS Users https://blog.confiant.com/malvertising-attack-hijacks-300-million-sessions-over-48-hours-9d0218fe02cd Andre Shori: To Block Or Not To Block? Impact and Analysis of Actively Blocking Shodan...

Duration:00:13:59

ISC StormCast for Thursday, November 29th 2018

11/29/2018
More
Obfuscated Shell Scripts: Fake MacOS Flash Updates https://isc.sans.edu/forums/diary/More+obfuscated+shell+scripts+Fake+MacOS+Flash+update/24352/ Sennheiser HeadSetup Certificate Authority Install https://www.secorvo.de/publikationen/headsetup-vulnerability-report-secorvo-2018.pdf Microsoft Fixes Shared Folder Permission Deletion Problem https://support.microsoft.com/en-us/help/4467684/windows-10-update-kb4467684 3ve Botnet...

Duration:00:06:19

ISC StormCast for Wednesday, November 28th 2018

11/28/2018
More
Obfuscated QNAP bash Malware; https://isc.sans.edu/forums/diary/Obfuscated+bash+script+targeting+QNap+boxes/24348/ Half of All Phishing Sites Use HTTPS https://krebsonsecurity.com/2018/11/half-of-all-phishing-sites-now-have-the-padlock/ Chrome and Firefox to Remove FTP Support https://www.bleepingcomputer.com/news/google/chrome-and-firefox-developers-aim-to-remove-support-for-ftp/ California Wildfire Used in BEC...

Duration:00:05:24

ISC StormCast for Tuesday, November 27th 2018

11/27/2018
More
ViperMonkey: VBA Maldoc Deobfuscation https://isc.sans.edu/forums/diary/ViperMonkey+VBA+maldoc+deobfuscation/24346/ Malicious NPM Libraries https://medium.com/@cnorthwood/todays-javascript-trash-fire-and-pile-on-f3efcf8ac8c7 Turning Your BMC Into A Revolving Door https://www.synacktiv.com/ressources/zeronights_2018_turning_your_bmc_into_a_revolving_door.pdf

Duration:00:06:07

ISC StormCast for Monday, November 26th 2018

11/26/2018
More
Attacks Against Docker API https://isc.sans.edu/forums/diary/Moby+the+Shark/24340/ Mirai Like Attack Hitting Hadoop https://asert.arbornetworks.com/mirai-not-just-for-iot-anymore/ New Rowhammer Variant Effects ECC Memory https://www.vusec.net/projects/eccploit/

Duration:00:05:53

ISC StormCast for Wednesday, November 21st 2018

11/21/2018
More
Critical Flash Update https://helpx.adobe.com/security/products/flash-player/apsb18-44.html Thanksgiving Lure for Emotet https://www.forcepoint.com/blog/security-labs/thanks-giving-emotet

Duration:00:03:12

ISC StormCast for Tuesday, November 20th 2018

11/20/2018
More
Google Play Malware https://twitter.com/LukasStefanko ATM Vulnerabilities https://www.ptsecurity.com/upload/corporate/ww-en/analytics/ATM-Vulnerabilities-2018-eng.pdf Nagios XI Update https://www.tenable.com/security/research/tra-2018-37

Duration:00:04:43

ISC StormCast for Monday, November 19th 2018

11/19/2018
More
Multipurpose PCAP Analysis Tool https://isc.sans.edu/forums/diary/Multipurpose+PCAP+Analysis+Tool/24322/ Quickly Investigating Websites with Lookyloo https://isc.sans.edu/forums/diary/Quickly+Investigating+Websites+with+Lookyloo/24320/ From Field Spoofing in GMail https://blog.cotten.io/hacking-gmail-with-weird-from-fields-d6494254722f?gi=ce61de4cb006

Duration:00:05:29

ISC StormCast for Friday, November 16th 2018

11/16/2018
More
Emotet Spreading IcedID Banking Malware https://isc.sans.edu/forums/diary/Emotet+infection+with+IcedID+banking+Trojan/24312/ Crypto Miners Abusing Insecure Docker Installs https://forums.juniper.net/t5/Threat-Research/Container-Malware-Miners-Go-Docker-Hunting-In-The-Cloud/ba-p/400587 GPS Watches Can Be Used To Track Kids https://www.pentestpartners.com/security-blog/tracking-and-snooping-on-a-million-kids/ Firefox Will Notify Users of Breached...

Duration:00:14:58

ISC StormCast for Thursday, November 15th 2018

11/15/2018
More
Details about Zero Day Exploit Taking Advantage of Win32k Vuln. https://securelist.com/a-new-exploit-for-zero-day-vulnerability-cve-2018-8589/88845/ PacSec Pwn2Own Results https://www.zerodayinitiative.com/blog/2018/11/13/pwn2own-tokyo-2018-day-one-results https://www.zerodayinitiative.com/blog/2018/11/14/pwn2own-tokyo-2018-day-two-results-and-master-of-pwn More Spectre/Meltdown Flaws https://arxiv.org/pdf/1811.05441.pdf

Duration:00:05:48

ISC StormCast for Wednesday, November 14th 2018

11/14/2018
More
Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/November+2018+Microsoft+Patch+Tuesday/24308/ Adobe Security Bulletins https://helpx.adobe.com/security.html

Duration:00:05:06

ISC StormCast for Tuesday, November 13th 2018

11/13/2018
More
Google BGP Hijack via Russia https://twitter.com/thousandeyes/status/1062102171506765825 https://www.wsj.com/articles/google-internet-traffic-is-briefly-misdirected-through-russia-china-1542068392 Microcode Bootloader USB https://www.techpowerup.com/forums/threads/intel-microcode-boot-loader.248858/ Wordpress GDPR Tool Vulnerable https://www.wordfence.com/blog/2018/11/trends-following-vulnerability-in-wp-gdpr-compliance-plugin/

Duration:00:05:17