SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

By Johannes B. Ullrich

Listen to a podcast, please open Podcast Republic app. Available on Google Play Store.


Category: Tech News

Open in iTunes


Open RSS feed


Open Website


Rate for this podcast


Description

A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Episode Date
ISC StormCast for Tuesday, August 14th 2018
5:03
New Sextorition Wave Using Partial Phone Numbers
New Extortion Tricks: Now Including Your (Partial) Phone Number!
Intel Releases Patch for Puma Modem Chips
https://www.dslreports.com/forum/r32071020-Internet-Rogers-modem-router-rebooting-on-wan-scans-by-design
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-000097.html
Bluetooth Low Energy Attack Tool
https://github.com/virtualabs/btlejack
Tesla Will Fix Cars if Researcher Breaks it While Hacking
https://twitter.com/bitquark/status/1028373178421309440
Aug 14, 2018
ISC StormCast for Monday, August 13th 2018
6:07
VIA C3 "God Mode"
https://github.com/xoreaxeaxeax/rosenbridge
Apple MDM Vulnerablity
https://www.wired.com/story/mac-remote-hack-wifi-enterprise/
Peeking into MSG Files
https://isc.sans.edu/forums/diary/Peeking+into+msg+files+revisited/23974/
Hunting SSL/TLS Clients Using JA3
https://isc.sans.edu/forums/diary/Hunting+SSLTLS+clients+using+JA3/23972/
Mobile Payment Terminal Vulnerabilities
https://www.blackhat.com/us-18/briefings.html#for-the-love-of-money-finding-and-exploiting-vulnerabilities-in-mobile-point-of-sales-systems
Aug 13, 2018
ISC StormCast for Friday, August 10th 2018
5:13
Vulnerabilities in Pacemaker Programmer and Insulin Pumps
https://arstechnica.com/information-technology/2018/08/lack-of-encryption-makes-hacks-on-life-saving-pacemakers-shockingly-easy/
"Panic Attacks" Against City Infrastructure
https://www.bbc.com/news/technology-45128053
Kaspersky VPN Leaks DNS Traffic
https://www.inputzero.io/2018/08/kaspersky-vpn-leaks-dns-address.html
Osiris Dropper Uses Process Dopplegaenging
https://blog.malwarebytes.com/threat-analysis/2018/08/osiris-using-process-doppelganging/
Aug 10, 2018
ISC StormCast for Thursday, August 9th 2018
5:07
Homebrew Exposed Github Credentials
https://brew.sh/2018/08/05/security-incident-disclosure/
WhatsApp Vulnerability
https://research.checkpoint.com/fakesapp-a-vulnerability-in-whatsapp/
Netflix Releases Tool To Detected Cloud Credential Compromise
https://medium.com/netflix-techblog/netflix-cloud-security-detecting-credential-compromise-in-aws-9493d6fd373a
Aug 09, 2018
ISC StormCast for Wednesday, August 8th 2018
5:34
Linux TCP DoS Vulnerability
https://www.kb.cert.org/vuls/id/962459
Let's Encrypt Now Trusted By All Major Root CA Programs
https://letsencrypt.org/2018/08/06/trusted-by-all-major-root-programs.html
Android Updates
https://source.android.com/security/bulletin/2018-08-01
OpenEMR Vulnerabilities
https://insecurity.sh/assets/reports/openemr.pdf
Aug 08, 2018
ISC StormCast for Tuesday, August 7th 2018
5:00
Numeric Obfuscation
https://isc.sans.edu/forums/diary/Numeric+obfuscation+another+example/23960/
Crestron Touchscreen Vulnerability
https://blog.securitycompass.com/security-advisory-regarding-crestron-tsw-xx60-touch-panel-devices-9f1a71a926a5
Facebook Releases "Fizz" TLS 1.3 Library
https://github.com/facebookincubator/fizz
Aug 07, 2018
ISC StormCast for Monday, August 6th 2018
5:30
New WPA Attack
https://hashcat.net/forum/thread-7717.html
Fake Techsupport Uses More Intelligent Call Routing
https://www.symantec.com/blogs/threat-intelligence/tech-support-scam-call-optimization
HP Printer Updates
https://support.hp.com/us-en/document/c06097712
Aug 06, 2018
ISC StormCast for Friday, August 3rd 2018
6:30
Malware in Animated GIF Files
https://isc.sans.edu/forums/diary/DHLthemed+malspam+reveals+embedded+malware+in+animated+gif/23944/
MikroTik Miner Botnet
https://www.trustwave.com/Resources/SpiderLabs-Blog/Mass-MikroTik-Router-Infection-%E2%80%93-First-we-cryptojack-Brazil,-then-we-take-the-World-/
Microsoft Edge Vulnerability
https://www.netsparker.com/blog/web-security/stealing-local-files-with-simple-html-file/
Aug 03, 2018
ISC StormCast for Thursday, August 2nd 2018
6:26
Facebook Smishing Attack
https://isc.sans.edu/forums/diary/Facebook+Phishing+via+SMS/23940/
Port 52869 UPNP Attacks
https://isc.sans.edu/forums/diary/When+Cameras+and+Routers+attack+Phones+Spike+in+CVE20148361+Exploits+Against+Port+52869/23942/
Microsoft Improves Account Security for Midterm Elections
https://www.bleepingcomputer.com/news/microsoft/microsoft-accountguard-service-offers-protection-for-political-and-election-orgs/
Google Improves "Government Sponsored Attacks" Alert for GSuite
https://9to5google.com/2018/08/01/g-suite-admins-government-based-attackers/
Aug 02, 2018
ISC StormCast for Wednesday, August 1st 2018
6:24
Powershell Inside Certificates
https://blog.nviso.be/2018/07/31/powershell-inside-a-certificate-part-1/
TEMPEST is Back
http://youtu.be/BpNP9b3aIfY?a
Big Star Labs Spyware
https://adguard.com/en/blog/big-star-labs-spyware/
Aug 01, 2018
ISC StormCast for Tuesday, July 31st 2018
6:56
DOSFuscation Campaign
https://isc.sans.edu/forums/diary/Malicious+Word+documents+using+DOSfuscation/23932/
Let's Encrypt Outage
https://letsencrypt.status.io
Malvertising Campaign Insides
https://research.checkpoint.com/malvertising-campaign-based-secrets-lies/
Jul 31, 2018
ISC StormCast for Monday, July 30th 2018
7:10
Summary of Earchings in Recent Sextortion Attack
https://isc.sans.edu/forums/diary/Sextortion+Follow+the+Money/23922/
Adware Distributed with Legitimate Applications
https://www.bleepingcomputer.com/news/security/fake-websites-for-keepass-7zip-audacity-others-found-pushing-adware/
https://twitter.com/JusticeRage
PDF Editor Supply Chain Exploit
https://cloudblogs.microsoft.com/microsoftsecure/2018/07/26/attack-inception-compromised-supply-chain-within-a-supply-chain-poses-new-risks/
Jul 30, 2018
ISC StormCast for Friday, July 27th 2018
15:52
NetSpectre: Read Arbitrary Memory over the Network
https://misc0110.net/web/files/netspectre.pdf
Google Play Store Bans Crypto Miners
https://play.google.com/about/developer-content-policy-print/
Japanese Calendar Issues
https://blogs.msdn.microsoft.com/shawnste/2018/04/12/the-japanese-calendars-y2k-moment/
Multiple Vulnerabilities in Samsung SmartThings Hub
https://blog.talosintelligence.com/2018/07/samsung-smartthings-vulns.html?m=1
Times Change and Your Training Data Should Too: The Effect of Training Data Recency on Twitter Classifiers. Ryan O'Grady
https://www.sans.org/reading-room/whitepapers/artificialintelligence/times-change-training-data-too-effect-training-data-recency-twitter-classifiers-38500
Jul 27, 2018
ISC StormCast for Thursday, July 26th 2018
5:19
Etherscan.io XSS Vulnerability
https://scotthelme.co.uk/xss-on-etherscan-io/
Tomcat Vulnerabilities Patched
https://www.us-cert.gov/ncas/current-activity/2018/07/23/Apache-Releases-Security-Updates-Apache-Tomcat
DNS over HTTPS Standard Finalized
https://datatracker.ietf.org/wg/doh/about/
ERP Systems Targeted in Recent Attacks
https://www.us-cert.gov/ncas/current-activity/2018/07/25/Malicious-Cyber-Activity-Targeting-ERP-Applications
Jul 26, 2018