Sans Internet Storm Center Daily Network/cyber Security And Information Security Podcast

Sans Internet Storm Center Daily Network/cyber Security And Information Security Podcast

  • Autor: Vários
  • Narrador: Vários
  • Editor: Podcast
  • Duración: 257:30:05
  • Mas informaciones

Informações:

Seguir
Escucha
Escucha

Sinopsis

Daily update on current cyber security threats

Show more

Episodios

  • ISC StormCast for Monday, December 19th 2016

    ISC StormCast for Monday, December 19th 2016
    19/12/2016 Duración: 05min

    Verizon Webmail XSS Exploit https://randywestergren.com/persistent-xss-verizons-webmail-client/ Blocking Powershell Connections via Windows Firewall https://isc.sans.edu/forums/diary/Blocking+Powershell+Connection+via+Windows+Firewall/21829/ Exploit Kits Delivering Cerber Ransomware https://isc.sans.edu/forums/diary/One+if+by+email+and+two+if+by+EK+The+Cerbers+are+coming/21823/ More Security Companies joining "No More Ransom" https://www.nomoreransom.org IT Contractor Trying to Take Over Radio Station https://regmedia.co.uk/2016/12/16/kcohvtaylorfiling.pdf Holiday Safe Computing Tips https://isc.sans.edu/forums/diary/Holiday+Safe+Computing+Tips/21827/

    Escucha
  • ISC StormCast for Friday, December 16th 2016

    ISC StormCast for Friday, December 16th 2016
    16/12/2016 Duración: 05min

    Domain Cops Malware Analysis https://isc.sans.edu/forums/diary/Domaincop+malpsam/21821/ OS X Filevault Password Retrieval http://blog.frizk.net/2016/12/filevault-password-retrieval.html QEMU/Xen Vulnerability http://xenbits.xen.org/xsa/advisory-199.html DNS Changer Attacking Home Routers https://www.proofpoint.com/us/threat-insight/post/home-routers-under-attack-malvertising-windows-android-devices

    Escucha
  • ISC StormCast for Thursday, December 15th 2016

    ISC StormCast for Thursday, December 15th 2016
    15/12/2016 Duración: 05min

    Malicious JavaScript Bypasses UAC https://isc.sans.edu/forums/diary/UAC+Bypass+in+JScript+Dropper/21813/ Skype Unauthorized API Access Blocked https://www.trustwave.com/Resources/SpiderLabs-Blog/A-Backdoor-in-Skype-for-Mac-OS-X/?page=1&year=0&month=0 Facebook Anounces Certificate Transparency Monitoring Tool https://www.facebook.com/notes/protect-the-graph/introducing-our-certificate-transparency-monitoring-tool/1811919779048165 Another Tor Browser (and Firefox) Bug Fixed https://blog.torproject.org/blog/tor-browser-608-released Cheap Android Phones Arrive With Malware Preinstalled https://news.drweb.com/show/?i=10345&lng=en Exploit for Nagios https://legalhackers.com/advisories/Nagios-Exploit-Command-Injection-CVE-2016-9565-2008-4796.html

    Escucha
  • ISC StormCast for Wednesday, December 14th 2016

    ISC StormCast for Wednesday, December 14th 2016
    14/12/2016 Duración: 05min

    Microsoft Patch Tuesday + Adobe Flash https://isc.sans.edu/mspatchdays.html?viewday=2016-12-13 Apple Updates https://support.apple.com/en-us/HT201222 More Netgear Products Vulnerable; Beta Patch Available http://kb.netgear.com/000036386/CVE-2016-582384?cid=wmt_netgear_organic iOS Profile Vulnerability PoC Available https://cxsecurity.com/issue/WLB-2016110046

    Escucha
  • ISC StormCast for Tuesday, December 13th 2016

    ISC StormCast for Tuesday, December 13th 2016
    13/12/2016 Duración: 05min

    Apple Releases Patches for iOS/WatchOS and tvOS https://support.apple.com/en-us/HT201222 Windows 8/10 Update Causing DHCP Problems https://community.plus.net/t5/Broadband/Windows-8-10-Issues/m-p/1393675#M310992 McAfee VirusScan Enterprise for Linux Vulnerabilities https://nation.state.actor/mcafee.html Snowball Marketing for Ransomware https://www.bleepingcomputer.com/news/security/new-scheme-spread-popcorn-time-ransomware-get-chance-of-free-decryption-key/ Europol Arrests DDoS Miscreants http://www.theregister.co.uk/2016/12/12/europol_arrests_34_ddos_kiddies/ 5 Questions to Ask you IoT Vendor https://isc.sans.edu/forums/diary/5+Questions+to+Ask+your+IoT+Vendors+But+Do+Not+Expect+an+Answer/21807/

    Escucha
  • ISC StormCast for Monday, December 12th 2016

    ISC StormCast for Monday, December 12th 2016
    11/12/2016 Duración: 05min

    Malware Uses NTP to Prevent Reverse Analsys https://isc.sans.edu/forums/diary/Sleeping+VBS+Really+Wants+To+Sleep/21801/ PwC ACE Tool For SAP Introduces Security Vulnerability into SAP http://seclists.org/fulldisclosure/2016/Dec/33 Steganography Used to Hide Exploits in Images https://isc.sans.edu/forums/diary/Steganography+in+Action+Image+Steganography+StegExpose/21803/ Netgear R7000 and R6400 Aribtrary Command Execution http://www.kb.cert.org/vuls/id/582384 Holiday Hack Challenge https://holidayhackchallenge.com

    Escucha
  • ISC StormCast for Friday, December 9th 2016

    ISC StormCast for Friday, December 9th 2016
    09/12/2016 Duración: 05min

    Domaincops Malware https://isc.sans.edu/forums/diary/Good+Cop+Bad+Cop+Domain+Cop/21795/ Yahoo Mail Persistent XSS https://klikki.fi/adv/yahoo2.html Trend Office Scan False Positives https://www.reddit.com/r/sysadmin/comments/5gs2gv/anyone_else_also_affected_by_a_deleted/ Linux Privilege Escalation due ot af_packet.c race condition http://seclists.org/oss-sec/2016/q4/607

    Escucha
  • ISC StormCast for Thursday, December 8th 2016

    ISC StormCast for Thursday, December 8th 2016
    08/12/2016 Duración: 06min

    Attackers are using AV Exclusion Lists to Bypass AV http://www.theregister.co.uk/2016/12/07/clever_crims_using_av_exclusion_lists_as_malware_safe_harbour/ Android Update Patches "Dirty Cow" https://source.android.com/security/bulletin/2016-12-01.html "Goldeneye" Ransomware May Use Stolen Data For Realistic E-Mails https://www.heise.de/security/meldung/Goldeneye-nutzt-Informationen-vom-Arbeitsamt-fuer-aeusserst-gezielte-Angriffe-3564386.html Firefox Cross Domain Cookie Vulnerability https://insert-script.blogspot.ch/2016/12/firefox-svg-cross-domain-cookie.html

    Escucha
  • ISC StormCast for Wednesday, December 7th 2016

    ISC StormCast for Wednesday, December 7th 2016
    07/12/2016 Duración: 06min

    Attacking NoSQL Applications https://isc.sans.edu/forums/diary/Attacking+NoSQL+applications/21787/ Heap Buffer Overflow in Encase Forensic Imager https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20161128-0_Guidance_Software_Encase_DoS_heap_buffer_overflow_vulnerabilities_v10.txt Raspbian To Increase Default Security https://www.raspberrypi.org/blog/a-security-update-for-raspbian-pixel/ SONY Camera Backdoor https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20161206-0_Sony_IPELA_Engine_IP_Cameras_Backdoors_v10.txt Feedback: https://isc.sans.edu/contact.html

    Escucha
  • ISC StormCast for Tuesday, December 6th 2016

    ISC StormCast for Tuesday, December 6th 2016
    06/12/2016 Duración: 05min

    Video Walk Through: Analysing Hancitor Malicious Document https://isc.sans.edu/forums/diary/Hancitor+Maldoc+Videos/21783/ Rapid Distributed Credit Card Number Brute Forcing http://eprint.ncl.ac.uk/file_store/production/230123/19180242-D02E-47AC-BDB3-73C22D6E1FDB.pdf Cloudflare Detecting Large DDoS Attacks Over Thanksgiving / Cyber Monday https://blog.cloudflare.com/the-daily-ddos-ten-days-of-massive-attacks/ Free Windows Tool to Harden Networks: SAMRi10 https://gallery.technet.microsoft.com/SAMRi10-Hardening-Remote-48d94b5b NY State Outlawing Automated Ticket Purchasing Software https://www.nysenate.gov/legislation/bills/2015/S8123

    Escucha
  • ISC StormCast for Monday, December 5th 2016

    ISC StormCast for Monday, December 5th 2016
    04/12/2016 Duración: 05min

    CSP Bypass with Polyglot Images http://blog.portswigger.net/2016/12/bypassing-csp-using-polyglot-jpegs.html also see this Youtube video on Polyglot Images: https://www.youtube.com/watch?v=Ub5G_t-gUBc Stack Overflow SQL Injection Questions https://laurent22.github.io/so-injections/ Mirai Update: More Outages and Vulnerable Chipset Identified http://www.theregister.co.uk/2016/12/02/broadband_mirai_takedown_analysis/ SEC503 Intrusion Detection in Depth in Brussles (Jan 2017): https://www.sans.org/event/brussels-winter-2017/course/intrusion-detection-in-depth

    Escucha
  • ISC StormCast for Friday, December 2nd 2016

    ISC StormCast for Friday, December 2nd 2016
    02/12/2016 Duración: 05min

    Open Source Tool "Beamgun" Fights Rogue USB Devices on Windows https://github.com/JLospinoso/beamgun "Shamoon" Malware is back with a new destructive attack against Saudi Arabia https://www.bloomberg.com/news/articles/2016-12-01/destructive-hacks-strike-saudi-arabia-posing-challenge-to-trump British ISP "KCOM" Suffering Outage After Attack http://www.hulldailymail.co.uk/kcom-blames-cyber-attack-for-thousands-losing-internet-access-in-hull/story-29944084-detail/story.html#xf23rtZbUqlh5uXY.99 Microsoft Fixes Long Known Priviledge Escalation Issue https://threatpost.com/microsoft-silently-fixes-kernel-bug-that-led-to-chrome-sandbox-bypass/122179/

    Escucha
  • ISC StormCast for Thursday, December 1st 2016

    ISC StormCast for Thursday, December 1st 2016
    30/11/2016 Duración: 06min

    Mozilla Patches Firefox 0-Day (Exploit already avaiable!) https://isc.sans.edu/forums/diary/Unpatched+Vulnerability+in+Firefox+used+to+Attack+Tor+Browser/21769/ SQL Slammer "Resurgance" ? https://isc.sans.edu/forums/diary/Take+Back+Wednesday+SQL+Slammer+still+alive+but+barely+kicking/21767/ Goolian Android Malware http://blog.checkpoint.com/2016/11/30/1-million-google-accounts-breached-gooligan/ Bypassing SAML 2.0 SSO http://research.aurainfosec.io/bypassing-saml20-SSO/ Webcast: The Six Most Dangerous New Cyber Attack Techniques https://cc.readytalk.com/registration/#/?meeting=9yq9nbx4tp7a&campaign=nggmjhc39guc

    Escucha
  • ISC StormCast for Wednesday, November 30th 2016

    ISC StormCast for Wednesday, November 30th 2016
    29/11/2016 Duración: 05min

    Mirai/TR-069 Update: Deutsche Telekom Routers May have been DDoSed by Traffic Volume, not Exploit https://comsecuris.com/blog/posts/were_900k_deutsche_telekom_routers_compromised_by_mirai/ Bitlocker Encrypted Drives Exposed During System Upgrade http://blog.win-fu.com/2016/11/every-windows-10-in-place-upgrade-is.html Software-Only Defenses Against Rowhammer https://arxiv.org/abs/1611.08396

    Escucha
  • ISC StormCast for Tuesday, November 29th 2016

    ISC StormCast for Tuesday, November 29th 2016
    29/11/2016 Duración: 05min

    Mirai Variant Scanning Port 5555 and 7547 For TR-069/SOAP Vulnerability https://isc.sans.edu/forums/diary/Port+7547+SOAP+Remote+Code+Execution+Attack+Against+DSL+Modems/21759/ Paypal OAuth Vulnerability http://blog.intothesymmetry.com/2016/11/all-your-paypal-tokens-belong-to-me.html

    Escucha
  • ISC StormCast for Monday, November 28th 2016

    ISC StormCast for Monday, November 28th 2016
    28/11/2016 Duración: 06min

    Extracting Shellcode from Javascript https://isc.sans.edu/forums/diary/Extracting+Shellcode+From+JavaScript/21753/ Using Scapy to Test CozyDuke Snort Signatures https://isc.sans.edu/forums/diary/Scapy+vs+CozyDuke/21755/ Malicious JPEG Spreading via Facebook http://blog.checkpoint.com/2016/11/24/imagegate-check-point-uncovers-new-method-distributing-malware-images/ San Francisco Public Transport ("MUNI") hit by Ransomware http://sanfrancisco.cbslocal.com/2016/11/26/you-hacked-cyber-attackers-crash-muni-computer-system-across-sf/ Tesla Smartphone App Vulnerability https://promon.co/blog/tesla-cars-can-be-stolen-by-hacking-the-app/

    Escucha
  • ISC StormCast for Wednesday, November 23rd 2016

    ISC StormCast for Wednesday, November 23rd 2016
    23/11/2016 Duración: 06min

    WordPress RCE Via Fake Updates http://www.openwall.com/lists/oss-security/2016/11/21/3 Turning Speakers into Microphones http://cyber.bgu.ac.il/advanced-cyber/system/files/SPEAKEaR.pdf 5 Second Video iOS Crash http://www.cultofmac.com/455215/455215/ "Stubby" Implements Encrypted DNS http://www.theregister.co.uk/2016/11/22/dns_boffins_offer_up_privacy_test/

    Escucha
  • ISC StormCast for Tuesday, November 22nd 2016

    ISC StormCast for Tuesday, November 22nd 2016
    21/11/2016 Duración: 05min

    Encrypted ZIP File With Comments https://isc.sans.edu/forums/diary/ZIP+With+Comment/21737/ Siemens Surveilance Cameras Use Static Default Password https://ics-cert.us-cert.gov/advisories/ICSA-16-322-01 NTP Single Packet DoS Vulnerablity http://dumpco.re/cve-2016-7434/ Windows 10 Does Not Provide the Same Protections as EMET https://insights.sei.cmu.edu/cert/2016/11/windows-10-cannot-protect-insecure-applications-like-emet-can.html

    Escucha
  • ISC StormCast for Monday, November 21st 2016

    ISC StormCast for Monday, November 21st 2016
    21/11/2016 Duración: 05min

    Converting Timestamps with Epocalypse https://isc.sans.edu/forums/diary/How+many+Epoch+times+Epocalypsepy+timestamp+converter/21733/ SIP Disabled on Some Macbook Pros http://www.macrumors.com/2016/11/17/system-integrity-protection-disabled-macbook-pro/ Spoofing Microsoft.com E-Mails with Outlook.com https://www.utkusen.com/blog/sending-valid-phishing-emails-from-microsoftcom.html Various High Profile Twitter Accounts Hijacked By Spammers https://www.engadget.com/2016/11/19/spammers-compromised-twitter-accounts-for-playstation-and-other/ Dyn Attack Caused by Single Angry Playstation User http://www.wsj.com/articles/october-internet-attack-targeted-playstation-network-researchers-say-1479250847

    Escucha
  • ISC StormCast for Friday, November 18th 2016

    ISC StormCast for Friday, November 18th 2016
    18/11/2016 Duración: 05min

    Phishers Protect Phishing Sites from Security Researchers https://isc.sans.edu/forums/diary/Example+of+Getting+Analysts+Researchers+Away/21721/ Fedora / Chrome Automatic Downloads and Code Execution https://scarybeastsecurity.blogspot.de/2016/11/0day-poc-risky-design-decisions-in.html Volutility Version 1.0 Released https://techanarchy.net/2016/11/volutility-version-1-0-release/ iOS Synchronizing Call Logs via iCloud http://www.forbes.com/sites/thomasbrewster/2016/11/17/iphone-call-logs-in-icloud-warns-elcomsoft-hackers/#5d96b21c2936

    Escucha
página 107 de 116

Títulos relacionados