SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

By Johannes B. Ullrich

Listen to a podcast, please open Podcast Republic app. Available on Google Play Store.


Category: Tech News

Open in Apple Podcasts


Open RSS feed


Open Website


Rate for this podcast

Subscribers: 1194
Reviews: 7


 Jun 16, 2022


 Aug 1, 2021


 May 13, 2021


 May 2, 2020


 Jan 10, 2019

Description

Daily update on current cyber security threats

Episode Date
ISC StormCast for Thursday, June 30th, 2022
6:45
Jun 30, 2022
ISC StormCast for Wednesday, June 29th, 2022
5:48
Jun 29, 2022
ISC StormCast for Tuesday, June 28th, 2022
6:30
Jun 28, 2022
ISC StormCast for Monday, June 27th, 2022
7:51
Jun 27, 2022
ISC StormCast for Thursday, June 23rd, 2022
5:31
Jun 23, 2022
ISC StormCast for Wednesday, June 22nd, 2022
6:16
Jun 22, 2022
ISC StormCast for Tuesday, June 21st, 2022
5:43
Jun 21, 2022
ISC StormCast for Monday, June 20th, 2022
8:34
Jun 20, 2022
ISC StormCast for Friday, June 17th, 2022
5:56
Jun 17, 2022
ISC StormCast for Thursday, June 16th, 2022
5:57
Jun 16, 2022
ISC StormCast for Wednesday, June 15th, 2022
7:05
Jun 15, 2022
ISC StormCast for Tuesday, June 14th, 2022
5:48
Jun 14, 2022
ISC StormCast for Monday, June 13th, 2022
6:21
Jun 13, 2022
ISC StormCast for Friday, June 10th, 2022
8:34
Jun 10, 2022
ISC StormCast for Thursday, June 9th, 2022
5:55
SANS RSA Panel
(sorry, video no longer available)
Atlassian Confluence Attacks
https://isc.sans.edu/forums/diary/Atlassian+Confluence+Exploits+Seen+By+Our+Honeypots+CVE202226134/28722/
Fake CClenaer Malvertisements
https://blog.avast.com/fakecrack-campaign
Weakness in Verbatim Keypad Secure USB Drive
https://blog.syss.com/posts/hacking-usb-flash-drives-part-1/
Jun 09, 2022
ISC StormCast for Wednesday, June 8th, 2022
5:34
Jun 08, 2022
ISC StormCast for Tuesday, June 7th, 2022
6:18
Jun 07, 2022
ISC StormCast for Monday, June 6th, 2022
5:28
Jun 06, 2022
ISC StormCast for Friday, June 3rd, 2022
6:00
Jun 03, 2022
ISC StormCast for Thursday, June 2nd, 2022
5:55
Jun 02, 2022
ISC StormCast for Wednesday, June 1st, 2022
5:18
Jun 01, 2022
ISC StormCast for Tuesday, May 31st, 2022
7:47
May 30, 2022
ISC StormCast for Friday, May 27th, 2022
15:40
Huge Signed PE Files
https://isc.sans.edu/forums/diary/Huge+Signed+PE+File/28686/
VMWare Authentication Bypass PoC
https://www.horizon3.ai/vmware-authentication-bypass-vulnerability-cve-2022-22972-technical-deep-dive/
Quanta Server BMC Vulnerability
https://eclypsium.com/2022/05/26/quanta-servers-still-vulnerable-to-pantsdown/
Windows 11 and Server 2022 Update Prevent Trend Micro Ransomware Protection
https://success.trendmicro.com/dcx/s/solution/000291066?language=en_US
Nate Street: Advancing SIEM Log Management Strategies through Vendor-Agnostic Measurement
https://www.sans.edu/cyber-research/38685/
May 27, 2022
ISC StormCast for Thursday, May 26th, 2022
5:09
May 26, 2022
ISC StormCast for Wednesday, May 25th, 2022
5:18
May 25, 2022
ISC StormCast for Tuesday, May 24th, 2022
5:26
Attacker Scanning for jQuery-File-Upload
https://isc.sans.edu/forums/diary/Attacker+Scanning+for+jQueryFileUpload/28674/
Oracle Security Alert Advisory - CVE-2022-21500
https://www.oracle.com/security-alerts/alert-cve-2022-21500.html
How to find NPM dependencies vulnerable to account hijacking
https://www.theregister.com/2022/05/23/npm_dependencies_vulnerable/
Pre-hijacked accounts
https://arxiv.org/pdf/2205.10174.pdf
May 24, 2022
ISC StormCast for Monday, May 23rd, 2022
6:10
May 23, 2022
ISC StormCast for Friday, May 20th, 2022
6:01
May 20, 2022
ISC StormCast for Thursday, May 19th, 2022
6:48
May 19, 2022
ISC StormCast for Wednesday, May 18th, 2022
6:09
May 18, 2022
ISC StormCast for Tuesday, May 17th, 2022
6:18
Apple Patches Everything
https://isc.sans.edu/forums/diary/Apple+Patches+Everything/28654/
Evil Never Sleeps: When Wireless Malware Stays on After Turning Off iPhones
https://arxiv.org/pdf/2205.06114.pdf
Third-Party Web Trackers Log What You Type Before Submitting
https://homes.esat.kuleuven.be/~asenol/leaky-forms/
May 17, 2022
ISC StormCast for Monday, May 16th, 2022
6:26
May 16, 2022
ISC StormCast for Friday, May 13th, 2022
4:58
May 13, 2022
ISC StormCast for Thursday, May 12th, 2022
5:33
TA578 Using Thread-Hijacked Emails to Push ISO Files for Bumblebee Malware
https://isc.sans.edu/forums/diary/TA578+using+threadhijacked+emails+to+push+ISO+files+for+Bumblebee+malware/28636/
Google Drive Emerges as Top App for Malware Downloads
https://www.helpnetsecurity.com/2022/05/11/malicious-pdf-search-engines/
Vanity URL Abuse
https://www.varonis.com/blog/url-spoofing
npm Supply Chain Attack Turns Out to be Part of Penetration Test
https://jfrog.com/blog/npm-supply-chain-attack-targets-german-based-companies/
May 12, 2022
ISC StormCast for Wednesday, May 11th, 2022
5:32
May 11, 2022
ISC StormCast for Tuesday, May 10th, 2022
5:51
May 10, 2022
ISC StormCast for Monday, May 9th, 2022
5:53
May 09, 2022
ISC StormCast for Friday, May 6th, 2022
5:36
Password-protected Excel Spreadsheet Pushes Remcos RAT
https://isc.sans.edu/forums/diary/Passwordprotected+Excel+spreadsheet+pushes+Remcos+RAT/28616/
Microsoft, Apple, Google Accelated FIDO Standard Implementation
https://www.theregister.com/2022/05/05/microsoft-apple-google-fido/
Heroku Admits Breach
https://status.heroku.com/incidents/2413
May 06, 2022
ISC StormCast for Thursday, May 5th, 2022
5:54
May 05, 2022
ISC StormCast for Wednesday, May 4th, 2022
6:09
May 04, 2022
ISC StormCast for Tuesday, May 3rd, 2022
5:45
May 03, 2022
ISC StormCast for Monday, May 2nd, 2022
4:48
May 02, 2022
ISC StormCast for Friday, April 29th, 2022
6:18
Apr 29, 2022
ISC StormCast for Thursday, April 28th, 2022
6:07
Apr 28, 2022
ISC StormCast for Wednesday, April 27th, 2022
6:22
WSO2 Vuln Exploited to Install Crypto Coin Miners
https://isc.sans.edu/forums/diary/WSO2+RCE+exploited+in+the+wild/28586/
Core Impact Backdoor Delivered Via VMware Vulnerablity
https://blog.morphisec.com/vmware-identity-manager-attack-backdoor
VirusTotal Exploit Update
https://twitter.com/bquintero/status/1518738072820670464
Emotet Experimenting With New Delivery Techniques
https://www.proofpoint.com/us/blog/threat-insight/emotet-tests-new-delivery-techniques
Apr 27, 2022
ISC StormCast for Tuesday, April 26th, 2022
5:59
Apr 26, 2022
ISC StormCast for Monday, April 25th, 2022
5:00
Apr 25, 2022
ISC StormCast for Friday, April 22nd, 2022
6:26
Apr 22, 2022
ISC StormCast for Thursday, April 21st, 2022
5:45
Apr 21, 2022
ISC StormCast for Wednesday, April 20th, 2022
6:15
Apr 20, 2022
ISC StormCast for Tuesday, April 19th, 2022
4:56
Apr 19, 2022
ISC StormCast for Monday, April 18th, 2022
5:36
Apr 18, 2022
ISC StormCast for Friday, April 15th, 2022
5:28
Apr 15, 2022
ISC StormCast for Thursday, April 14th, 2022
5:52
Apr 14, 2022
ISC StormCast for Wednesday, April 13th, 2022
6:45
Apr 13, 2022
ISC StormCast for Tuesday, April 12th, 2022
5:59
Apr 12, 2022
ISC StormCast for Monday, April 11th, 2022
6:15
Apr 11, 2022
ISC StormCast for Friday, April 8th, 2022
15:36
Apr 08, 2022
ISC StormCast for Thursday, April 7th, 2022
6:18
Apr 07, 2022
ISC StormCast for Wednesday, April 6th, 2022
6:30
Apr 06, 2022
ISC StormCast for Tuesday, April 5th, 2022
6:13
Apr 05, 2022
ISC StormCast for Monday, April 4th, 2022
6:19
Apr 04, 2022
ISC StormCast for Friday, April 1st, 2022
5:35
Apr 01, 2022
ISC StormCast for Thursday, March 31st, 2022
5:56
Mar 31, 2022
ISC StormCast for Wednesday, March 30th, 2022
6:44
Mar 30, 2022
ISC StormCast for Tuesday, March 29th, 2022
6:04
Mar 29, 2022
ISC StormCast for Monday, March 28th, 2022
6:16
Mar 28, 2022
ISC StormCast for Friday, March 25th, 2022
5:56
Mar 25, 2022
ISC StormCast for Thursday, March 24th, 2022
6:18
Mar 24, 2022
ISC StormCast for Wednesday, March 23rd, 2022
7:18
Mar 23, 2022
ISC StormCast for Tuesday, March 22nd, 2022
7:35
Mar 22, 2022
ISC StormCast for Monday, March 21st, 2022
6:06
Mar 21, 2022
ISC StormCast for Friday, March 18th, 2022
14:33
npm Package Sabotaged for Belarus/Russian Users
https://snyk.io/blog/peacenotwar-malicious-npm-node-ipc-package-vulnerability/
President Zelensky Deepfakes
https://twitter.com/ngleicher/status/1504186935291506693
ATM Rootkit
https://www.mandiant.com/resources/unc2891-overview
Scanner for Backdoored Mikrotik Routers
https://github.com/microsoft/routeros-scanner
SANS.edu Student: Ron Grohman; Network Access Control and ICS: A Practical Guide
https://www.sans.edu/cyber-research/network-access-control-and-ics-a-practical-guide/
Mar 18, 2022
ISC StormCast for Thursday, March 17th, 2022
5:32
Qakbot Infection With Cobalt Strike and VNC Activity
https://isc.sans.edu/forums/diary/Qakbot+infection+with+Cobalt+Strike+and+VNC+activity/28448/
Gh0stCringe RAT Being Distributed to Vulnerable Database Servers
https://asec.ahnlab.com/en/32572/
dompdf 0 day
https://positive.security/blog/dompdf-rce
OpenSSL DoS Vulnerability
https://www.openssl.org/news/secadv/20220315.txt
Mar 17, 2022
ISC StormCast for Wednesday, March 16th, 2022
5:06
Mar 16, 2022
ISC StormCast for Tuesday, March 15th, 2022
5:40
Mar 15, 2022
ISC StormCast for Monday, March 14th, 2022
5:27
Mar 14, 2022
ISC StormCast for Friday, March 11th, 2022
5:32
Mar 11, 2022
ISC StormCast for Thursday, March 10th, 2022
6:15
Mar 10, 2022
ISC StormCast for Wednesday, March 9th, 2022
5:32
Mar 09, 2022
ISC StormCast for Tuesday, March 8th, 2022
5:46
Mar 07, 2022
ISC StormCast for Monday, March 7th, 2022
6:44
Mar 07, 2022
ISC StormCast for Friday, March 4th, 2022
7:07
Mar 04, 2022
ISC StormCast for Thursday, March 3rd, 2022
5:28
Mar 03, 2022
ISC StormCast for Wednesday, March 2nd, 2022
6:02
Mar 02, 2022
ISC StormCast for Tuesday, March 1st, 2022
6:46
Mar 01, 2022
ISC StormCast for Monday, February 28th, 2022
5:35
Feb 28, 2022
ISC StormCast for Friday, February 25th, 2022
6:42
Feb 25, 2022
ISC StormCast for Thursday, February 24th, 2022
6:58
Feb 24, 2022
ISC StormCast for Wednesday, February 23rd, 2022
6:30
A Good Old Equation Editor Vulnerablity Deliverying Malware
https://www.welivesecurity.com/2022/02/22/teenage-cybercrime-stop-kids-wrong-path/
Horde Webmail 5.2.22 - Account Takeover via Email
https://blog.sonarsource.com/horde-webmail-account-takeover-via-email
NoVNC Phishing
https://mrd0x.com/bypass-2fa-using-novnc/
Feb 23, 2022
ISC StormCast for Tuesday, February 22nd, 2022
5:55
Feb 22, 2022
ISC StormCast for Monday, February 21st, 2022
5:04
Feb 21, 2022
ISC StormCast for Friday, February 18th, 2022
5:17
Feb 18, 2022
ISC StormCast for Thursday, February 17th, 2022
5:31
Feb 17, 2022
ISC StormCast for Wednesday, February 16th, 2022
5:42
Feb 16, 2022
ISC StormCast for Tuesday, February 15th, 2022
5:40
Feb 15, 2022
ISC StormCast for Monday, February 14th, 2022
5:03
Feb 14, 2022
ISC StormCast for Friday, February 11th, 2022
6:02
Feb 11, 2022
ISC StormCast for Thursday, February 10th, 2022
6:23
Feb 10, 2022
ISC StormCast for Wednesday, February 9th, 2022
5:46
Feb 09, 2022
ISC StormCast for Tuesday, February 8th, 2022
5:41
Feb 08, 2022
ISC StormCast for Monday, February 7th, 2022
6:16
Feb 07, 2022
ISC StormCast for Friday, February 4th, 2022
5:20
Feb 04, 2022
ISC StormCast for Thursday, February 3rd, 2022
5:31
Feb 03, 2022
ISC StormCast for Wednesday, February 2nd, 2022
5:59
Windows Privilege Escalation Exploit CVE-2022-21882
https://github.com/KaLendsi/CVE-2022-21882
Fingerprinting Devices Via GPU
https://arxiv.org/pdf/2201.09956.pdf
SolarMarker Campaign used novel registry changes to establish persistence
https://news.sophos.com/en-us/2022/02/01/solarmarker-campaign-used-novel-registry-changes-to-establish-persistence/
Fake Job Ads
https://www.ic3.gov/Media/Y2022/PSA220201
Automation is Nice But Don't Replace Your Knowledge
https://isc.sans.edu/forums/diary/Automation+is+Nice+But+Dont+Replace+Your+Knowledge/28296/
Feb 02, 2022
ISC StormCast for Tuesday, February 1st, 2022
5:18
Feb 01, 2022
ISC StormCast for Monday, January 31st, 2022
6:12
Jan 31, 2022
ISC StormCast for Friday, January 28th, 2022
16:00
Jan 28, 2022
ISC StormCast for Thursday, January 27th, 2022
6:22
Jan 27, 2022
ISC StormCast for Wednesday, January 26th, 2022
5:17
Jan 26, 2022
ISC StormCast for Tuesday, January 25th, 2022
6:08
Jan 25, 2022
ISC StormCast for Monday, January 24th, 2022
6:12
Jan 24, 2022
ISC StormCast for Friday, January 21st, 2022
6:14
Jan 21, 2022
ISC StormCast for Thursday, January 20th, 2022
6:13
Jan 20, 2022
ISC StormCast for Wednesday, January 19th, 2022
5:30
Jan 19, 2022
ISC StormCast for Tuesday, January 18th, 2022
5:26
Log4Shell Attacks Getting Smarter
https://isc.sans.edu/forums/diary/Log4Shell+Attacks+Getting+Smarter/28246/
Microsoft Releases Special Update to Deal with January Update Fail
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-oob-updates-for-january-windows-update-issues/
Cisco Unified Contact Center Management Portal and Unifed Contact Center Domain Manager Privilege Escalation Vulnerablity
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ccmp-priv-esc-JzhTFLm4
Zoho Critical Security Patch Released in Desktop Central and Desktop Central MSP
https://pitstop.manageengine.com/portal/en/community/topic/a-critical-security-patch-released-in-desktop-central-and-desktop-central-msp-for-cve-2021-44757-17-1-2022
Google Chrome Restricting Private Network Access
https://developer.chrome.com/blog/private-network-access-preflight/
Jan 18, 2022
ISC StormCast for Monday, January 17th, 2022
5:17
Jan 17, 2022
ISC StormCast for Friday, January 14th, 2022
5:31
Jan 14, 2022
ISC StormCast for Thursday, January 13th, 2022
5:31
Jan 13, 2022
ISC StormCast for Wednesday, January 12th, 2022
6:32
Jan 12, 2022
ISC StormCast for Tuesday, January 11th, 2022
5:39
Jan 11, 2022
ISC StormCast for Monday, January 10th, 2022
5:31
Jan 10, 2022
ISC StormCast for Friday, January 7th, 2022
5:28
Jan 07, 2022
ISC StormCast for Thursday, January 6th, 2022
5:29
Jan 06, 2022
ISC StormCast for Wednesday, January 5th, 2022
5:20
Jan 05, 2022
ISC StormCast for Tuesday, January 4th, 2022
5:38
Jan 04, 2022
ISC StormCast for Monday, January 3rd, 2022
7:35
Jan 03, 2022
ISC StormCast for Thursday, December 30th, 2021
4:10
Dec 30, 2021
ISC StormCast for Wednesday, December 29th, 2021
4:54
Dec 29, 2021
ISC StormCast for Tuesday, December 28th, 2021
4:41
Attackers are Abusing MSBuild to Evade Defenses and Implant Cobalt Strike Beacons
https://isc.sans.edu/forums/diary/Attackers+are+abusing+MSBuild+to+evade+defenses+and+implant+Cobalt+Strike+beacons/28180/
Bypassing File Quarantine, Gatekeeper and Notarization Requirements
https://objective-see.com/blog/blog_0x6A.html
Spider-Miner: Trojanized Version of Spiderman No Way Home
https://blog.reasonlabs.com/2021/12/23/spider-miner-with-great-power-comes-great-problems/
Dec 28, 2021
ISC StormCast for Monday, December 27th, 2021
5:46
Dec 27, 2021
ISC StormCast for Thursday, December 23rd, 2021
4:00
Dec 23, 2021
ISC StormCast for Wednesday, December 22nd, 2021
4:59
Dec 22, 2021
ISC StormCast for Tuesday, December 21st, 2021
5:55
PowerPoint Atachments: Agent Tesla and Code Reuse in Malware
https://isc.sans.edu/forums/diary/PowerPoint+attachments+Agent+Tesla+and+code+reuse+in+malware/28154/
VMWare Workspace ONE Patch / log4j status
https://www.vmware.com/security/advisories.html
Attacks Against Building Automation
https://limessecurity.com/en/knxlock/
Dec 21, 2021
ISC StormCast for Monday, December 20th, 2021
6:31
Dec 20, 2021
ISC StormCast for Friday, December 17th, 2021
7:42
Dec 17, 2021
ISC StormCast for Thursday, December 16th, 2021
5:45
Dec 16, 2021
ISC StormCast for Wednesday, December 15th, 2021
5:20
Dec 15, 2021
ISC StormCast for Tuesday, December 14th, 2021
5:07
Dec 14, 2021
ISC StormCast for Monday, December 13th, 2021
7:44
Dec 13, 2021
ISC StormCast for Friday, December 10th, 2021
6:30
Dec 10, 2021
ISC StormCast for Thursday, December 9th, 2021
5:30
Dec 09, 2021
ISC StormCast for Wednesday, December 8th, 2021
5:37
Webshells, Webshells everywhere!
https://isc.sans.edu/forums/diary/Webshells+Webshells+everywhere/28106/
AWS Outage
https://status.aws.amazon.com
Misconfigured Kafdrop Puts Companies' Apache Kafka Completely Exposed
https://spectralops.io/blog/misconfigured-kafdrop-puts-companies-apache-kafka-completely-exposed/
Windows 10 RCE: The exploit is in the link
https://positive.security/blog/ms-officecmd-rce
XSinator.com: From a Formal Model to the Automatic Evaluation of Cross-Site Leaks in Web Browsers
https://xsinator.com/paper.pdf
Dec 08, 2021
ISC StormCast for Tuesday, December 7th, 2021
5:30
Dec 07, 2021
ISC StormCast for Monday, December 6th, 2021
5:22
Dec 06, 2021
ISC StormCast for Friday, December 3rd, 2021
14:23
TA551 (Shathak) Pushes IcedID (Bokbot)
https://isc.sans.edu/forums/diary/TA551+Shathak+pushes+IcedID+Bokbot/28092/
pip-audit scanning Python packages for known vulnerabilities
https://pypi.org/project/pip-audit/
Wifi Router Flaws
https://www.iot-inspector.com/blog/router-security-check-2021/
SANS Holiday Hack Challenge
https://www.sans.org/mlp/holiday-hack-challenge/
Dec 03, 2021
ISC StormCast for Thursday, December 2nd, 2021
6:15
Dec 02, 2021
ISC StormCast for Wednesday, December 1st, 2021
6:24
Dec 01, 2021
ISC StormCast for Tuesday, November 30th, 2021
5:25
Nov 30, 2021
ISC StormCast for Monday, November 29th, 2021
6:04
Nov 29, 2021
ISC StormCast for Wednesday, November 24th, 2021
3:13
Nov 24, 2021
ISC StormCast for Tuesday, November 23rd, 2021
4:25
Nov 23, 2021
ISC StormCast for Monday, November 22nd, 2021
5:00
Hikvision Security Cameras Potentially Exposed to Remote Code Execution
https://isc.sans.edu/forums/diary/Hikvision+Security+Cameras+Potentially+Exposed+to+Remote+Code+Execution/28056/
Detecting PAM Backdoors
https://isc.sans.edu/forums/diary/Backdooring+PAM/28058/
Rusted Anchors: A National Client-Side View of Hidden Root CAs in the Web PKI Ecosystem
https://dl.acm.org/doi/pdf/10.1145/3460120.3484768
CVE-2021-42306 CredManifest: App Registration Certificates Stored in Azure Active Directory
https://www.netspi.com/blog/technical/cloud-penetration-testing/azure-cloud-vulnerability-credmanifest/
Nov 22, 2021
ISC StormCast for Friday, November 19th, 2021
6:42
Nov 19, 2021
ISC StormCast for Thursday, November 18th, 2021
4:35
Nov 18, 2021
ISC StormCast for Wednesday, November 17th, 2021
6:43
Nov 17, 2021
ISC StormCast for Tuesday, November 16th, 2021
6:41
Nov 16, 2021
ISC StormCast for Monday, November 15th, 2021
5:45
Nov 15, 2021
ISC StormCast for Friday, November 12th, 2021
3:00
Nov 12, 2021
ISC StormCast for Thursday, November 11th, 2021
6:35
Shadow IT Makes People More Vulnerable to Phishing
https://isc.sans.edu/forums/diary/Shadow+IT+Makes+People+More+Vulnerable+to+Phishing/28022/
PaloAlto Networks GlobalProtect VPN CVE-2021-3064
https://www.randori.com/blog/cve-2021-3064/?i=2
Citrix ADC/Gateway/SD-WAN WANOP Patch
https://support.citrix.com/article/CTX330728
HPE Aruba Breach
https://www.arubanetworks.com/support-services/security-bulletins/central-incident-faq/
LiveStream: Application Security; Web Apps, APIs & Microservices
youtu.be/6gGB7skXvpg
2pm ET Today (not 1pm as mentioned in the podcast
Nov 11, 2021
ISC StormCast for Wednesday, November 10th, 2021
6:35
Nov 10, 2021
ISC StormCast for Tuesday, November 9th, 2021
7:15
(Ab)Using Security Tools & Controls for the Bad
https://isc.sans.edu/forums/diary/AbUsing+Security+Tools+Controls+for+the+Bad/28014/
Targeted Attack Campaign Against ManageEngine ADSelfService Plus
https://unit42.paloaltonetworks.com/manageengine-godzilla-nglite-kdcsponge/
Image-Scaling Attacks in Machine Learning
https://www.usenix.org/system/files/sec20fall_quiring_prepub.pdf
Nov 09, 2021
ISC StormCast for Monday, November 8th, 2021
5:11
Nov 08, 2021
ISC StormCast for Friday, November 5th, 2021
7:03
October 2021 Forensic Contest Answers and Analysis
https://isc.sans.edu/forums/diary/October+2021+Forensic+Contest+Answers+and+Analysis/27998/
CVE-2021-43267: Remote Linux Kernel Heap Overflow in TIPC Module
https://www.sentinelone.com/labs/tipc-remote-linux-kernel-heap-overflow-allows-arbitrary-code-execution/
Cisco Patches
https://tools.cisco.com/security/center/publicationListing.x
The Security Risk of Lacking Compiler Protection in WebAssembly
https://arxiv.org/abs/2111.01421
Nov 05, 2021
ISC StormCast for Thursday, November 4th, 2021
5:11
Nov 04, 2021
ISC StormCast for Wednesday, November 3rd, 2021
5:41
Nov 03, 2021
ISC StormCast for Tuesday, November 2nd, 2021
7:03
Nov 02, 2021
ISC StormCast for Monday, November 1st, 2021
5:22
Nov 01, 2021
ISC StormCast for Friday, October 29th, 2021
5:36
Oct 29, 2021
ISC StormCast for Thursday, October 28th, 2021
5:09
Oct 28, 2021
ISC StormCast for Wednesday, October 27th, 2021
5:35
Oct 27, 2021
ISC StormCast for Tuesday, October 26th, 2021
4:44
Oct 26, 2021
ISC StormCast for Monday, October 25th, 2021
5:35
Oct 25, 2021
ISC StormCast for Friday, October 22nd, 2021
6:18
Oct 22, 2021
ISC StormCast for Thursday, October 21st, 2021
5:38
Oct 21, 2021
ISC StormCast for Wednesday, October 20th, 2021
4:45
Oct 20, 2021
ISC StormCast for Tuesday, October 19th, 2021
5:06
Oct 19, 2021
ISC StormCast for Monday, October 18th, 2021
5:34
Oct 18, 2021
ISC StormCast for Friday, October 15th, 2021
6:32
Oct 15, 2021
ISC StormCast for Wednesday, October 13th, 2021
5:54
Oct 13, 2021
ISC StormCast for Tuesday, October 12th, 2021
5:04
Oct 12, 2021
ISC StormCast for Monday, October 11th, 2021
5:24
Oct 11, 2021
ISC StormCast for Friday, October 8th, 2021
6:21
Oct 08, 2021
ISC StormCast for Thursday, October 7th, 2021
5:19
Oct 07, 2021
ISC StormCast for Wednesday, October 6th, 2021
5:40
Oct 06, 2021
ISC StormCast for Tuesday, October 5th, 2021
5:47
Oct 05, 2021
ISC StormCast for Monday, October 4th, 2021
5:51
Oct 04, 2021
ISC StormCast for Friday, October 1st, 2021
14:59
Visa/Apple Express Transit Relay Attack
https://www.bbc.com/news/technology-58719891
FluBot Offering Fake FlutBot Protection
https://twitter.com/CERTNZ/status/1443701853665980440
Undetected Azure Active Directory Brute-Force Attacks
https://www.secureworks.com/research/undetected-azure-active-directory-brute-force-attacks
SANS.edu Student Christopher DeWees: Expired Domain Dumpster Diving https://www.sans.edu/cyber-research/40505/
Oct 01, 2021
ISC StormCast for Thursday, September 30th, 2021
5:28
Sep 30, 2021
ISC StormCast for Wednesday, September 29th, 2021
5:39
Sep 29, 2021
ISC StormCast for Tuesday, September 28th, 2021
5:47
Sep 28, 2021
ISC StormCast for Monday, September 27th, 2021
6:13
Sep 27, 2021
ISC StormCast for Friday, September 24th, 2021
5:31
Sep 24, 2021
ISC StormCast for Thursday, September 23rd, 2021
6:53
Sep 23, 2021
ISC StormCast for Wednesday, September 22nd, 2021
5:40
Sep 22, 2021
ISC StormCast for Tuesday, September 21st, 2021
6:24
Sep 21, 2021
ISC StormCast for Monday, September 20th, 2021
5:47
Sep 20, 2021
ISC StormCast for Friday, September 17th, 2021
6:30
Sep 17, 2021
ISC StormCast for Thursday, September 16th, 2021
5:29
Hancitor Campaign Abusing Microsoft's OneDrive
https://isc.sans.edu/forums/diary/Hancitor+campaign+abusing+Microsofts+OneDrive/27838/
"Secret"Agent Exposes Azure Customers To Unauthorized Code Execution
https://www.wiz.io/blog/secret-agent-exposes-azure-customers-to-unauthorized-code-execution
Sep 16, 2021
ISC StormCast for Wednesday, September 15th, 2021
5:22
Sep 15, 2021
ISC StormCast for Tuesday, September 14th, 2021
5:08
Sep 14, 2021
ISC StormCast for Monday, September 13th, 2021
5:33
Sep 13, 2021
ISC StormCast for Friday, September 10th, 2021
6:30
Sep 10, 2021
ISC StormCast for Thursday, September 9th, 2021
5:39
Sep 09, 2021
ISC StormCast for Wednesday, September 8th, 2021
5:43
Microsoft MSHTML Remote Code Execution Vulnerability CVE-2021-40444
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444
ProntonMail/VPN Releasing User's IP Address
https://protonmail.com/blog/climate-activist-arrest/
What's App End To End Encryption Questioned (but upheld)
https://twitter.com/evacide/status/1435288900587589632?s=20
PRIVATELOG and STASHLOG Malware Store Payload in Common Log File System (CLFS)
https://www.fireeye.com/blog/threat-research/2021/09/unknown-actor-using-clfs-log-files-for-stealth.html
Sep 08, 2021
ISC StormCast for Tuesday, September 7th, 2021
5:25
Sep 07, 2021
ISC StormCast for Friday, September 3rd, 2021
14:10
Attackers Will Always Abuse Major Events in our Lifes
https://isc.sans.edu/forums/diary/Attackers+Will+Always+Abuse+Major+Events+in+our+Lifes/27808/
Active Exploitation of Confluence Server CVE-2021-26084
https://www.rapid7.com/blog/post/2021/09/02/active-exploitation-of-confluence-server-cve-2021-26084/
GitHub Removing old Ciphers / Keys
https://github.blog/2021-09-01-improving-git-protocol-security-github/
Cisco Enterprise NFV Infrastructure Software Authentication Bypass
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nfvis-g2DMVVh
Hackers are Selling Tool to Hide Malware in GPUs
https://www.ehackingnews.com/2021/09/hackers-are-selling-tool-to-hide.html
Michael Beck: Cloud Forensics Triage Framework (CFTF)
https://www.sans.org/white-papers/40415/
Sep 03, 2021
ISC StormCast for Thursday, September 2nd, 2021
6:00
Sep 02, 2021
ISC StormCast for Wednesday, September 1st, 2021
5:27
Sep 01, 2021
ISC StormCast for Tuesday, August 31st, 2021
5:54
Aug 31, 2021
ISC StormCast for Monday, August 30th, 2021
5:04
Aug 30, 2021
ISC StormCast for Friday, August 27th, 2021
5:44
Aug 27, 2021
ISC StormCast for Thursday, August 26th, 2021
5:44
Aug 26, 2021
ISC StormCast for Wednesday, August 25th, 2021
5:21
Aug 25, 2021
ISC StormCast for Tuesday, August 24th, 2021
5:41
Aug 24, 2021
ISC StormCast for Monday, August 23rd, 2021
5:10
Aug 23, 2021
ISC StormCast for Friday, August 20th, 2021
15:17
When Lightning Strikes: What works and doesn't work
https://isc.sans.edu/forums/diary/When+Lightning+Strikes+What+works+and+doesnt+work/27766/
Cisco Small Business Router Vulnerabilities
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-sb-rv-overflow-htpymMB5
Blackberry QNX Products Vulnerability
https://support.blackberry.com/kb/articleDetail?articleNumber=000082334
SANS.edu Student: Mark Morowcynzski; Decreasing Attacker Dwell Time in Azure Active Directory
https://www.sans.org/white-papers/40390/
Aug 20, 2021
ISC StormCast for Thursday, August 19th, 2021
4:52
Aug 19, 2021
ISC StormCast for Wednesday, August 18th, 2021
6:14
Aug 18, 2021
ISC StormCast for Tuesday, August 17th, 2021
5:19
Aug 17, 2021
ISC StormCast for Monday, August 16th, 2021
5:49
Aug 16, 2021
ISC StormCast for Friday, August 13th, 2021
3:11
Aug 13, 2021
ISC StormCast for Thursday, August 12th, 2021
5:55
Aug 12, 2021
ISC StormCast for Wednesday, August 11th, 2021
5:24
Aug 11, 2021
ISC StormCast for Tuesday, August 10th, 2021
5:50
Aug 10, 2021
ISC StormCast for Monday, August 9th, 2021
5:23
Aug 09, 2021
ISC StormCast for Friday, August 6th, 2021
15:26
Aug 06, 2021
ISC StormCast for Thursday, August 5th, 2021
5:53
Aug 05, 2021
ISC StormCast for Wednesday, August 4th, 2021
5:10
Aug 03, 2021
ISC StormCast for Tuesday, August 3rd, 2021
6:12
Aug 03, 2021
ISC StormCast for Sunday, August 1st, 2021
5:26
Aug 01, 2021
ISC StormCast for Friday, July 30th, 2021
5:31
Malicious Content Delivered Trhough archive.org
https://isc.sans.edu/forums/diary/Malicious+Content+Delivered+Through+archiveorg/27688/
A Large-Scale Security-Oriented Static Analysis of Python Packages in PyPI
https://arxiv.org/abs/2107.12699
Crimea "manifesto" deploys VBA Rat using double attack vectors
https://blog.malwarebytes.com/threat-intelligence/2021/07/crimea-manifesto-deploys-vba-rat-using-double-attack-vectors/
Jul 30, 2021
ISC StormCast for Thursday, July 29th, 2021
8:32
Jul 29, 2021
ISC StormCast for Wednesday, July 28th, 2021
6:42
Jul 28, 2021
ISC StormCast for Tuesday, July 27th, 2021
6:07
Jul 27, 2021
ISC StormCast for Monday, July 26th, 2021
6:26
Jul 26, 2021
ISC StormCast for Friday, July 23rd, 2021
6:28
Jul 23, 2021
ISC StormCast for Thursday, July 22nd, 2021
6:34
Jul 22, 2021
ISC StormCast for Wednesday, July 21st, 2021
7:00
Jul 21, 2021
ISC StormCast for Tuesday, July 20th, 2021
5:44
Jul 20, 2021
ISC StormCast for Monday, July 19th, 2021
6:11
Jul 19, 2021
ISC StormCast for Friday, July 16th, 2021
5:58
Jul 16, 2021
ISC StormCast for Thursday, July 15th, 2021
5:38
Jul 15, 2021
ISC StormCast for Wednesday, July 14th, 2021
6:32
Jul 14, 2021
ISC StormCast for Tuesday, July 13th, 2021
6:04
Jul 13, 2021
ISC StormCast for Monday, July 12th, 2021
5:36
Jul 12, 2021
ISC StormCast for Friday, July 9th, 2021
5:33
Jul 09, 2021
ISC StormCast for Thursday, July 8th, 2021
5:55
Jul 08, 2021
ISC StormCast for Wednesday, July 7th, 2021
8:34
Jul 07, 2021
ISC StormCast for Tuesday, July 6th, 2021
6:39
Jul 06, 2021
ISC StormCast for Monday, July 5th, 2021
5:14
Jul 04, 2021
ISC StormCast for Friday, July 2nd, 2021
7:42
Jul 02, 2021
ISC StormCast for Thursday, July 1st, 2021
6:57
Jul 01, 2021
ISC StormCast for Wednesday, June 30th, 2021
5:53
Jun 30, 2021
ISC StormCast for Monday, June 28th, 2021
6:13
Jun 28, 2021
ISC StormCast for Friday, June 25th, 2021
6:20
Jun 25, 2021
ISC StormCast for Thursday, June 24th, 2021
6:28
Jun 24, 2021
ISC StormCast for Wednesday, June 23rd, 2021
6:10
Jun 23, 2021
ISC StormCast for Tuesday, June 22nd, 2021
5:28
Jun 22, 2021
ISC StormCast for Monday, June 21st, 2021
5:40
Jun 21, 2021
ISC StormCast for Friday, June 18th, 2021
5:48
Jun 18, 2021
ISC StormCast for Thursday, June 17th, 2021
5:26
Jun 17, 2021
ISC StormCast for Wednesday, June 16th, 2021
6:06
Jun 16, 2021
ISC StormCast for Tuesday, June 15th, 2021
5:38
Jun 15, 2021
ISC StormCast for Monday, June 14th, 2021
6:31
Jun 14, 2021
ISC StormCast for Friday, June 11th, 2021
6:39
Jun 11, 2021
ISC StormCast for Thursday, June 10th, 2021
5:45
Jun 10, 2021
ISC StormCast for Wednesday, June 9th, 2021
6:42
Jun 09, 2021
ISC StormCast for Tuesday, June 8th, 2021
5:56
Jun 08, 2021
ISC StormCast for Monday, June 7th, 2021
4:57
Jun 07, 2021
ISC StormCast for Friday, June 4th, 2021
6:01
Jun 04, 2021
ISC StormCast for Thursday, June 3rd, 2021
5:28
Jun 03, 2021
ISC StormCast for Wednesday, June 2nd, 2021
6:12
Jun 02, 2021
ISC StormCast for Tuesday, June 1st, 2021
4:59
Jun 01, 2021
ISC StormCast for Friday, May 28th, 2021
6:58
May 28, 2021
ISC StormCast for Thursday, May 27th, 2021
5:57
May 27, 2021
ISC StormCast for Wednesday, May 26th, 2021
4:59
May 26, 2021
ISC StormCast for Tuesday, May 25th, 2021
4:56
May 25, 2021
ISC StormCast for Monday, May 24th, 2021
6:25
May 24, 2021
ISC StormCast for Friday, May 21st, 2021
19:50
May 21, 2021
ISC StormCast for Thursday, May 20th, 2021
6:07
May 20, 2021
ISC StormCast for Wednesday, May 19th, 2021
5:21
May 19, 2021
ISC StormCast for Tuesday, May 18th, 2021
6:08
Ransomware Defenses
https://isc.sans.edu/forums/diary/Ransomware+Defenses/27420/
AXA Stops Ransomware Payments
https://www.insurancejournal.com/news/international/2021/05/09/613255.htm
http.sys Proof of Concept
https://github.com/0vercl0k/CVE-2021-31166
Google/Mozilla colaborating on HTML Sanitizer API
https://wicg.github.io/sanitizer-api/#sanitizer-api
SANS Technology Institute Research Journal
https://www.sans.edu/cyber-research
May 18, 2021
ISC StormCast for Monday, May 17th, 2021
5:41
May 17, 2021
ISC StormCast for Friday, May 14th, 2021
6:48
May 14, 2021
ISC StormCast for Thursday, May 13th, 2021
5:51
Number of industrial control systems on the internet is lower then in 2020...but still far from zero
https://isc.sans.edu/forums/diary/Number+of+industrial+control+systems+on+the+internet+is+lower+then+in+2020but+still+far+from+zero/27412/
Webcast: Ransoming Critical Infrastructure
https://www.sans.org/webcasts/119775
Links to FragAttacks Vendor Bulletins (in German)
https://www.heise.de/news/WLAN-Sicherheitsluecken-FragAttacks-Erste-Updates-6045116.html
Adobe Acrobat Patches
https://helpx.adobe.com/security/products/acrobat/apsb21-29.html
Sending Arbitrary Messages via FindMy
https://positive.security/blog/send-my
May 13, 2021
ISC StormCast for Wednesday, May 12th, 2021
6:30
May 12, 2021
ISC StormCast for Tuesday, May 11th, 2021
5:27
May 11, 2021
ISC StormCast for Monday, May 10th, 2021
5:22
May 10, 2021
ISC StormCast for Friday, May 7th, 2021
5:36
May 07, 2021
ISC StormCast for Thursday, May 6th, 2021
6:17
May 2021 Forensic Contest
https://isc.sans.edu/forums/diary/May+2021+Forensic+Contest/27386/
Windows Defender Bug Fills Windows 10 Boot Drive with thousands of files
https://www.bleepingcomputer.com/news/microsoft/windows-defender-bug-fills-windows-10-boot-drive-with-thousands-of-files/
VMWare vRealize Business for Cloud Patch
https://kb.vmware.com/s/article/83475
Cisco Updates SD-WAN vManager / HyperFlex HX
https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir&limit=100#~Vulnerabilities
Security and Privacy Risks of Number Recycling at Mobile Carriers in the US
https://recyclednumbers.cs.princeton.edu
May 06, 2021
ISC StormCast for Wednesday, May 5th, 2021
5:31
May 05, 2021
ISC StormCast for Tuesday, May 4th, 2021
4:42
May 04, 2021
ISC StormCast for Monday, May 3rd, 2021
5:31
May 03, 2021
ISC StormCast for Friday, April 30th, 2021
5:19
Apr 30, 2021
ISC StormCast for Thursday, April 29th, 2021
5:14
Apr 29, 2021
ISC StormCast for Wednesday, April 28th, 2021
4:25
Apr 28, 2021
ISC StormCast for Tuesday, April 27th, 2021
7:23
Apr 27, 2021
ISC StormCast for Monday, April 26th, 2021
5:46
Apr 26, 2021
ISC StormCast for Friday, April 23rd, 2021
5:51
Apr 23, 2021
ISC StormCast for Thursday, April 22nd, 2021
6:25
Apr 22, 2021
ISC StormCast for Wednesday, April 21st, 2021
6:15
Apr 21, 2021
ISC StormCast for Tuesday, April 20th, 2021
5:03
Apr 20, 2021
ISC StormCast for Monday, April 19th, 2021
5:36
Apr 19, 2021
ISC StormCast for Friday, April 16th, 2021
14:20
Apr 16, 2021
ISC StormCast for Thursday, April 15th, 2021
6:09
Apr 15, 2021
ISC StormCast for Wednesday, April 14th, 2021
5:43
Apr 14, 2021
ISC StormCast for Tuesday, April 13th, 2021
6:04
Apr 13, 2021
ISC StormCast for Monday, April 12th, 2021
6:48
No Python Interpreter? This Simple RAT Installs Its Own Copy
https://isc.sans.edu/forums/diary/No+Python+Interpreter+This+Simple+RAT+Installs+Its+Own+Copy/27292/
Facebook Mistakingly Suggests Adding Domains To Public Suffix List will Ease Tracking
https://publicsuffix.org
https://www.facebook.com/business/help/331612538028890?id=428636648170202
Facebook Ads Used to Push Clubhouse Related Malware
https://www.ehackingnews.com/2021/04/cybercriminals-used-facebook-ads-to.html
Identifying Cobalt Strike DNS Intrastructure
https://labs.f-secure.com/blog/detecting-exposed-cobalt-strike-dns-redirectors
Apr 12, 2021
ISC StormCast for Friday, April 9th, 2021
5:42
Apr 09, 2021
ISC StormCast for Thursday, April 8th, 2021
6:44
Apr 08, 2021
ISC StormCast for Wednesday, April 7th, 2021
5:48
Apr 07, 2021
ISC StormCast for Tuesday, April 6th, 2021
5:45
Apr 06, 2021
ISC StormCast for Monday, April 5th, 2021
5:57
Apr 05, 2021
ISC StormCast for Friday, April 2nd, 2021
6:16
Apr 02, 2021
ISC StormCast for Thursday, April 1st, 2021
4:53
Apr 01, 2021
ISC StormCast for Wednesday, March 31st, 2021
5:37
Mar 31, 2021
ISC StormCast for Tuesday, March 30th, 2021
6:54
Mar 30, 2021
ISC StormCast for Friday, March 19th, 2021
6:04
Mar 19, 2021
ISC StormCast for Thursday, March 18th, 2021
5:52
Mar 18, 2021
ISC StormCast for Wednesday, March 17th, 2021
5:55
Mar 17, 2021
ISC StormCast for Tuesday, March 16th, 2021
5:02
Mar 16, 2021
ISC StormCast for Monday, March 15th, 2021