Sans Internet Storm Center Daily Network/cyber Security And Information Security Podcast

Sans Internet Storm Center Daily Network/cyber Security And Information Security Podcast

  • Autor: Vários
  • Narrador: Vários
  • Editor: Podcast
  • Duración: 259:41:20
  • Mas informaciones

Informações:

Seguir
Escucha
Escucha

Sinopsis

Daily update on current cyber security threats

Show more

Episodios

  • ISC StormCast for Wednesday, January 13th, 2021

    ISC StormCast for Wednesday, January 13th, 2021
    13/01/2021 Duración: 06min

    MSFT January 2021 Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+January+2021+Patch+Tuesday/26978/ Adobe Patches https://helpx.adobe.com/security.html MimeCast Cert Stolen https://www.mimecast.com/blog/important-update-from-mimecast/ Leaking Silhouettes of Cross-Origin Images https://blog.mozilla.org/attack-and-defense/2021/01/11/leaking-silhouettes-of-cross-origin-images/

    Escucha
  • ISC StormCast for Tuesday, January 12th, 2021

    ISC StormCast for Tuesday, January 12th, 2021
    12/01/2021 Duración: 05min

    Using the NVD Database API Part 3/3 https://isc.sans.edu/forums/diary/Using+the+NVD+Database+and+API+to+Keep+Up+with+Vulnerabilities+and+Patches+Tool+Drop+CVEScan+Part+3+of+3/26974/ Sysinternals Update https://docs.microsoft.com/en-us/sysinternals/ Ubiquiti Breach https://www.bleepingcomputer.com/news/security/networking-giant-ubiquiti-alerts-customers-of-potential-data-breach/ Run-Only AppleScript Reversing https://labs.sentinelone.com/fade-dead-adventures-in-reversing-malicious-run-only-applescripts/

    Escucha
  • ISC StormCast for Monday, January 11th, 2021

    ISC StormCast for Monday, January 11th, 2021
    11/01/2021 Duración: 05min

    Maldoc Strings Analysis https://isc.sans.edu/forums/diary/Maldoc+Strings+Analysis/26966/ CVSS Reliablity Survey https://user-surveys.cs.fau.de/index.php?r=survey/index&sid=248857 Fake Trump Video Malware https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/updated-qnode-rat-downloader-distributed-as-trump-video-scandal/ SMS Phishing (Smishing) https://www.bbc.com/news/business-55563748 dnsren vulnerability https://www.exploit-db.com/exploits/49394

    Escucha
  • ISC StormCast for Friday, January 8th, 2021

    ISC StormCast for Friday, January 8th, 2021
    08/01/2021 Duración: 15min

    Using the NIST Database and API to Keep Up with Vulnerabilities https://isc.sans.edu/forums/diary/Using+the+NIST+Database+and+API+to+Keep+Up+with+Vulnerabilities+and+Patches+Part+1+of+3/26958/ Titan Security Key https://ninjalab.io/wp-content/uploads/2021/01/a_side_journey_to_titan.pdf The Great Suspender Google Chrome Extension https://www.theregister.com/2021/01/07/great_suspender_malware/ Brian Nishida: Ubuntu Artifacts Generated by Gnome Desktop Environment https://www.sans.org/reading-room/whitepapers/forensics/ubuntu-artifacts-generated-gnome-desktop-environment-40035

    Escucha
  • ISC StormCast for Thursday, January 7th, 2021

    ISC StormCast for Thursday, January 7th, 2021
    07/01/2021 Duración: 04min

    Zyxel Exploitation Under Way https://isc.sans.edu/forums/diary/Scans+for+Zyxel+Backdoors+are+Commencing/26954/ Fortinet Patches https://www.fortiguard.com/psirt?date=01-2021 Foxit PhantomPDF Patches https://www.foxitsoftware.com/support/security-bulletins.html Firefox Android Updates https://www.mozilla.org/en-US/security/advisories/mfsa2021-01/

    Escucha
  • ISC StormCast for Wednesday, January 6th, 2021

    ISC StormCast for Wednesday, January 6th, 2021
    06/01/2021 Duración: 05min

    Netfox Detective: An Alternative Open-Source Packet Analysis Tool https://isc.sans.edu/forums/diary/Netfox+Detective+An+Alternative+OpenSource+Packet+Analysis+Tool/26950/ ElectroRAT Drains Cryptocurrency Accounts https://www.intezer.com/blog/research/operation-ElectroRAT-attacker-creates-fake-companies-to-drain-your-crypto-wallets/ Chrome Will Prefer HTTPS over HTTP By Default https://chromium-review.googlesource.com/c/chromium/src/+/2568448 Android January Patch Day https://source.android.com/security/bulletin/2021-01-01 Telegram Publishes Users' Locations Online https://blog.ahmed.nyc/2021/01/if-you-use-this-feature-on-telegram.html

    Escucha
  • ISC StormCast for Tuesday, January 5th, 2021

    ISC StormCast for Tuesday, January 5th, 2021
    05/01/2021 Duración: 05min

    From a Small BAT File to Mass Logger Infostealer https://isc.sans.edu/forums/diary/From+a+small+BAT+file+to+Mass+Logger+infostealer/26946/ Citrix Releases Updates Addressing DTLS Flaw https://support.citrix.com/article/CTX289674 Zend Framework Deserialization Flaw https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3007 https://github.com/Ling-Yizhou/zendframework3-/blob/main/zend%20framework3%20 %20rce.md

    Escucha
  • ISC StormCast for Monday, January 4th 2021

    ISC StormCast for Monday, January 4th 2021
    04/01/2021 Duración: 04min

    Traffic Analysis Quiz https://isc.sans.edu/forums/diary/End+of+Year+Traffic+Analysis+Quiz/26940/ Zyxel Backdoor https://www.eyecontrol.nl/blog/undocumented-user-account-in-zyxel-products.html Microsoft Source Code Accessed As a Result of SolarWinds Backdoor https://msrc-blog.microsoft.com/2020/12/31/microsoft-internal-solorigate-investigation-update/

    Escucha
  • ISC StormCast for Wednesday, December 30th 2020

    ISC StormCast for Wednesday, December 30th 2020
    30/12/2020 Duración: 04min

    Accessing Restricted Directory Listings via Your AV Solution https://isc.sans.edu/forums/diary/Want+to+know+whats+in+a+folder+you+dont+have+a+permission+to+access+Try+asking+your+AV+solution/26932/ Coin Miner Malware Written in Go https://www.intezer.com/blog/research/new-golang-worm-drops-xmrig-miner-on-servers/?fbclid=IwAR3eFiHCNoqr5mc2UAOcm8nocjUOjZn0cpcAiSoYmn__JtJfBbjqUUT1OwQ AutoHotKey Credential Stealer https://www.trendmicro.com/en_us/research/20/l/stealth-credential-stealer-targets-us-canadian-bank-customers.html

    Escucha
  • ISC StormCast for Tuesday, December 29th 2020

    ISC StormCast for Tuesday, December 29th 2020
    29/12/2020 Duración: 05min

    Extending Android Device Compatibility for Let's Encrypt Certificates https://letsencrypt.org/2020/12/21/extending-android-compatibility.html Insufficient Patch for Windows 8.1/10 Print Spooler https://bugs.chromium.org/p/project-zero/issues/detail?id=2096 Google Docs Vulnerability https://savebreach.com/stealing-private-documents-through-a-google-docs-bug/ CCC Conferences Virtual https://streaming.media.ccc.de/rc3

    Escucha
  • ISC StormCast for Monday, December 28th 2020

    ISC StormCast for Monday, December 28th 2020
    28/12/2020 Duración: 05min

    base64dump.py Supported Encodings https://isc.sans.edu/forums/diary/base64dumppy+Supported+Encodings/26924/ String Analysis and Maldocs https://isc.sans.edu/forums/diary/Quickie+String+Analysis+Maldocs/26922/ Malicious Word Document Delivering an Octopus Backdoor https://isc.sans.edu/forums/diary/Malicious+Word+Document+Delivering+an+Octopus+Backdoor/26918/ Analysis Dridex Dropper, IoC extraction https://isc.sans.edu/forums/diary/Analysis+Dridex+Dropper+IoC+extraction+guest+diary/26920/ AT&T Outage due to Nashville Explosion https://about.att.com/pages/disaster_relief/nashville.html SolarWinds SUPERNOVA Malware / API Vulnerability https://www.solarwinds.com/securityadvisory Citrix ADC DDoS Attack https://support.citrix.com/article/CTX289674 Crowdstrike Reporting Tool for Azure https://github.com/CrowdStrike/CRT

    Escucha
  • ISC StormCast for Wednesday, December 23rd 2020

    ISC StormCast for Wednesday, December 23rd 2020
    23/12/2020 Duración: 03min

    Malware Victim Selection Through WiFi Identification https://isc.sans.edu/forums/diary/Malware+Victim+Selection+Through+WiFi+Identification/26910/ New Treck IP Stack Vulnerabilities https://treck.com/vulnerability-response-information/ Detecting Treck IP Stack https://github.com/Forescout/project-memoria-detector

    Escucha
  • ISC StormCast for Tuesday, December 22nd 2020

    ISC StormCast for Tuesday, December 22nd 2020
    22/12/2020 Duración: 06min

    What's The Deal With Openportstats.com? https://isc.sans.edu/forums/diary/Whats+the+deal+with+openportstatscom/26912/ Dell Wyse ThinOS 8.6 Security Update https://www.dell.com/support/kbdoc/en-hr/000180768/dsa-2020-281 SolarWinds 2nd Backdoor https://www.microsoft.com/security/blog/2020/12/18/analyzing-solorigate-the-compromised-dll-file-that-started-a-sophisticated-cyberattack-and-how-microsoft-defender-helps-protect/ SolarWinds Domains https://securelist.com/sunburst-connecting-the-dots-in-the-dns-requests/99862/

    Escucha
  • ISC StormCast for Monday, December 21st 2020

    ISC StormCast for Monday, December 21st 2020
    21/12/2020 Duración: 05min

    A slightly optimistic tale of how patching went for CVE-2019-19781 https://isc.sans.edu/forums/diary/A+slightly+optimistic+tale+of+how+patching+went+for+CVE201919781/26900/ Heads-up: VirusTotal Functionality in Sysinternals Tools Not Working https://isc.sans.edu/forums/diary/Headsup+VirusTotal+Functionality+in+Sysinternals+Tools+Not+Working/26906/ Kasachstan: Browsers Block Government Certificate Authority https://www.zdnet.com/article/apple-google-microsoft-and-mozilla-ban-kazakhstans-mitm-https-certificate/ 5G Vulnerabilities https://positive-tech.com/about/news/vulnerabilities-in-standalone-5g-networks-could-allow-attackers-to-steal-credentials-and-falsify-subscriber-authentication/ Bouncy Castle BCrypt Password Verification Error https://www.synopsys.com/blogs/software-security/cve-2020-28052-bouncy-castle/

    Escucha
  • ISC StormCast for Friday, December 18th 2020

    ISC StormCast for Friday, December 18th 2020
    18/12/2020 Duración: 06min

    Token Authentication Requirements for Git Operations https://github.blog/2020-12-15-token-authentication-requirements-for-git-operations/ Google Attempting to Speed Up OS Update Adoption https://android-developers.googleblog.com/2020/12/treble-plus-one-equals-four.html Trend Micro InterScan Web Security Virtual Appliance Vulnerability https://success.trendmicro.com/solution/000283077 Malicios Browser Extensions https://blog.avast.com/malicious-browser-extensions-avast

    Escucha
  • ISC StormCast for Thursday, December 17th 2020

    ISC StormCast for Thursday, December 17th 2020
    17/12/2020 Duración: 06min

    Cloud DNS Logs https://isc.sans.edu/forums/diary/DNS+Logs+in+Public+Clouds/26892/ Solarwinds Update https://www.heise.de/news/l-f-SolarWinds-Backdoor-Hersteller-sorgte-fuer-Ausnahmen-von-AV-Ueberwachung-4990910.html https://krebsonsecurity.com/2020/12/malicious-domain-in-solarwinds-hack-turned-into-killswitch/ Hewlett Packard Enterprise Systems Insight Manager (SIM) Vulnerability https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04068en_us SAP HANA SAML Validation Weakness https://www.secureauth.com/blog/secureauth-uncovers-saml-validation-weakness-in-sap-hana/

    Escucha
  • ISC StormCast for Wednesday, December 16th 2020

    ISC StormCast for Wednesday, December 16th 2020
    16/12/2020 Duración: 06min

    Analyzing A Fireeye Maldoc https://isc.sans.edu/forums/diary/Analyzing+FireEye+Maldocs/26882/ Didier Stevens: 2020 Difference Makers https://www.sans.org/webcasts/2020-difference-makers-awards-ceremony-117154 F5 Big IP Vulnerabilities https://support.f5.com/csp/article/K20984059 https://support.f5.com/csp/article/K42696541 https://support.f5.com/csp/article/K37960100 Google Outage https://status.cloud.google.com/incident/zall/20013 GoLang XML Parser Vulnerabilities https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/

    Escucha
  • ISC StormCast for Tuesday, December 15th 2020

    ISC StormCast for Tuesday, December 15th 2020
    15/12/2020 Duración: 07min

    SolarWinds Followup https://isc.sans.edu/forums/diary/SolarWinds+Breach+Used+to+Infiltrate+Customer+Networks+Solarigate/26884/ https://sansurl.com/solarwinds Apple Updates Everything https://support.apple.com/en-us/HT201222 Sophos and Reversing Labs Release 20 Million Malware Samples https://github.com/sophos-ai/SOREL-20M

    Escucha
  • ISC StormCast for Monday, December 14th 2020

    ISC StormCast for Monday, December 14th 2020
    14/12/2020 Duración: 05min

    SolarWinds Compromise https://isc.sans.edu/forums/diary/SolarWinds+Breach+Used+to+Infiltrate+Customer+Networks+Solarigate/26884/ Writing Yara Rules for Fun and Profit: Notes form the FireEye Breach Countermeasures https://isc.sans.edu/forums/diary/Writing+Yara+Rules+for+Fun+and+Profit+Notes+from+the+FireEye+Breach+Countermeasures/26870/ Flash Player EoL https://helpx.adobe.com/flash-player/release-note/fp_32_air_32_release_notes.html Subway Marketing System Hacked to Send TrickBot Malware Emails https://www.bleepingcomputer.com/news/security/subway-marketing-system-hacked-to-send-trickbot-malware-emails/

    Escucha
  • ISC StormCast for Friday, December 11th 2020

    ISC StormCast for Friday, December 11th 2020
    11/12/2020 Duración: 13min

    Python Backdoor Talking to a C2 Through Ngrok https://isc.sans.edu/forums/diary/Python+Backdoor+Talking+to+a+C2+Through+Ngrok/26866/ Cisco Releases Improved Patch for Jabber Vulnerabilities https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-jabber-ZktzjpgO https://watchcom.no/nyheter/nyhetsarkiv/uncovers-cisco-jabber-vulnerabilities/ SANS Holiday Hack Challenge https://holidayhackchallenge.com/2020/ Karim Lalji: Fear of the Unkown: A Metanalysis of Insecure Object Deserialization Vulnerabilities https://www.sans.org/reading-room/whitepapers/testing/fear-unknown-metanalysis-insecure-object-deserialization-vulnerabilities-39920

    Escucha
página 60 de 117

Títulos relacionados