SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brie...
Using Zeek, Snort, and Grafana to Detect Crypto Mining Malware
https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Using%20Zeek%2C%20Snort%2C%20and%20Grafana%20to%20Detect%20Crypto%20Mining%20Malware/31472
The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access
https://www.volexity.com/blog/2024/11/22/the-nearest-neighbor-attack-how-a-russian-apt-weaponized-nearby-wi-fi-networks-for-covert-access/
Introducing NachoVPN: One VPN Server to Pwn Them All
https://blog.amberwolf.com/blog/2024/november/introducing-nachovpn---one-vpn-server-to-pwn-them-all/
Keycloak Patches
https://github.com/keycloak/keycloak/security/advisories/GHSA-93ww-43rr-79v3
Palo Alto Networks Global Protect App
https://security.paloaltonetworks.com/CVE-2024-5921
PHP Updates
https://github.com/php/php-src/security/advisories/GHSA-g665-fm4p-vhff
--------
6:13
ISC StormCast for Tuesday, November 26th, 2024
Quick & Dirty Obfuscated JavaScript Analysis
https://isc.sans.edu/diary/Quick%20%26%20Dirty%20Obfuscated%20JavaScript%20Analysis/31468
Decrypting a PDF With a User Password
https://isc.sans.edu/diary/Decrypting%20a%20PDF%20With%20a%20User%20Password/31466
The strange case of disappearing Russian servers
https://isc.sans.edu/diary/The%20strange%20case%20of%20disappearing%20Russian%20servers/31476
QNAP Buggy Firmware Update
https://community.qnap.com/t/firmware-qts-5-2-2-2950-build-20241114-released/254
7-ZIP Zstandard Decompression Integer Underflow
https://www.zerodayinitiative.com/advisories/ZDI-24-1532/
https://7-zip.org/download.html
--------
4:22
ISC StormCast for Friday, November 22nd, 2024
Increase In Phishing SVG Attachments
https://isc.sans.edu/diary/Increase%20In%20Phishing%20SVG%20Attachments/31456
Logging blind spot revealed in FortiClient VPN
https://pentera.io/blog/FortiClient-VPN_logging-blind-spot-revealed/
Needrestart Vulnerability
https://www.qualys.com/2024/11/19/needrestart/needrestart.txt
--------
5:37
ISC StormCast for Thursday, November 21st, 2024
Apple Patches Two Exploited Vulnerabilities
https://isc.sans.edu/diary/Apple%20Fixes%20Two%20Exploited%20Vulnerabilities/31452
Oracle Patch for Agile Product Lifecycle Management CVE-2024-21287
https://www.oracle.com/security-alerts/alert-cve-2024-21287.html
OFBiz Patches CVE-2024-47208 CVE-2024-48962
https://nvd.nist.gov/vuln/detail/CVE-2024-47208
https://seclists.org/oss-sec/2024/q4/95
D-Link Warns of Vulnerability in EOL Devices
https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10415
--------
5:03
ISC StormCast for Wednesday, November 20th, 2024
Detecting the Presence of a Debugger in Linux
https://isc.sans.edu/diary/Detecting%20the%20Presence%20of%20a%20Debugger%20in%20Linux/31450
Palo Alto Patches
https://security.paloaltonetworks.com/CVE-2024-0012
https://security.paloaltonetworks.com/CVE-2024-9474
VMware vCenter Server Attacks
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968e
Veritas Enterprise Vault Vulnerability
https://www.veritas.com/support/en_US/security/VTS24-014
About SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Listen to SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast), All-In with Chamath, Jason, Sacks & Friedberg and many other podcasts from around the world with the radio.net app
Canada - english