Sans Internet Storm Center Daily Network/cyber Security And Information Security Podcast

Sans Internet Storm Center Daily Network/cyber Security And Information Security Podcast

  • Autor: Vários
  • Narrador: Vários
  • Editor: Podcast
  • Duración: 257:30:05
  • Mas informaciones

Informações:

Seguir
Escucha
Escucha

Sinopsis

Daily update on current cyber security threats

Show more

Episodios

  • ISC StormCast for Wednesday, October 4th 2017

    ISC StormCast for Wednesday, October 4th 2017
    04/10/2017 Duración: 06min

    Fedex Malspam Pushes Formbook Infostealer Malware https://isc.sans.edu/forums/diary/Malspam+pushing+Formbook+info+stealer/22888/ Wordpress Plugins Heavily Abused For Site Defacements https://www.wordfence.com/blog/2017/10/3-zero-day-plugin-vulnerabilities-exploited-wild/ Fake WordPress Security Plugin Being Advertised https://blog.sucuri.net/2017/09/fake-plugins-fake-security.html Proof Of Concept Information Disclosure for Internet Explorer https://www.brokenbrowser.com/revealing-the-content-of-the-address-bar-ie/ Nzyme Wifi Frame Recording and Forensics https://wtf.horse/2017/10/02/introducing-nzyme-wifi-802-11-frame-recording-and-forensics/ Cyber Security Interviews https://twitter.com/CSI_Podcast/status/915026734801489921

    Escucha
  • ISC StormCast for Tuesday, October 3rd 2017

    ISC StormCast for Tuesday, October 3rd 2017
    03/10/2017 Duración: 05min

    Passive DNS Investigating Security Incidents with Passive DNS Bypassing Domain Authentication https://medium.freecodecamp.org/how-i-hacked-hundreds-of-companies-through-their-helpdesk-b7680ddc2d4c DNSMasq Vulnerabilities https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html

    Escucha
  • ISC StormCast for Monday, October 2nd 2017

    ISC StormCast for Monday, October 2nd 2017
    02/10/2017 Duración: 05min

    Who's Borrowing Your Resources. Javascript Monero Miners on Video Sites https://isc.sans.edu/forums/diary/Whos+Borrowing+your+Resources/22882/ OS X Silently Patches Javascript Quarantine Bypass https://www.wearesegment.com/research/Mac-OS-X-Local-Javascript-Quarantine-Bypass.html Apple EFI Updates Often Not Applied https://duo.com/blog/the-apple-of-your-efi-mac-firmware-security-research

    Escucha
  • ISC StormCast for Friday, September 29th 2017

    ISC StormCast for Friday, September 29th 2017
    29/09/2017 Duración: 05min

    Dealing With Massive Packet Captures https://isc.sans.edu/forums/diary/The+easy+way+to+analyze+huge+amounts+of+PCAP+data/22876/ Illusion Gap Anti-Virus Bypass https://www.cyberark.com/threat-research-blog/illusion-gap-antivirus-bypass-part-1/ DNSSEC KSK Update Delayed https://www.icann.org/news/announcement-2017-09-27-en Linux PIE/Stack Corruption https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt

    Escucha
  • ISC StormCast for Thursday, September 28th 2017

    ISC StormCast for Thursday, September 28th 2017
    28/09/2017 Duración: 05min

    Everything You Ever Wanted To Know About JPEGs (and more) https://isc.sans.edu/forums/diary/It+is+a+resume+Part+3/22808/ Linux 4.14 Memory Encryption https://lwn.net/Articles/686808/ CLKSCREW: Exposing Secure Enclaves via Energy Management https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-tang.pdf ~ ~ ~ ~

    Escucha
  • ISC StormCast for Wednesday, September 27th 2017

    ISC StormCast for Wednesday, September 27th 2017
    27/09/2017 Duración: 05min

    XPCTRA Steals Banking / Cryptocurrency Info https://isc.sans.edu/forums/diary/XPCTRA+Malware+Steals+Banking+and+Digital+Wallet+Users+Credentials/22868/ Vulnerable Mobile Investment Applications http://blog.ioactive.com/2017/09/are-you-trading-securely-insights-into.html iOS WiFi Exploit PoC Code Published https://bugs.chromium.org/p/project-zero/issues/detail?id=1289 Android Malware Exploiting "Dirty Cow" http://blog.trendmicro.com/trendlabs-security-intelligence/zniu-first-android-malware-exploit-dirty-cow-vulnerability/

    Escucha
  • ISC StormCast for Tuesday, September 26th 2017

    ISC StormCast for Tuesday, September 26th 2017
    26/09/2017 Duración: 05min

    macOS High Sierra Security Updates https://support.apple.com/en-us/HT201222 Possible macOS Keychain Leak https://twitter.com/patrickwardle/status/912254053849079808 Monero Cryptocoin Miner Found on Showtime Website https://badpackets.net/coinhive-miner-found-on-official-showtime-network-websites-in-latest-case-of-cryptojacking/

    Escucha
  • ISC StormCast for Monday, September 25th 2017

    ISC StormCast for Monday, September 25th 2017
    25/09/2017 Duración: 06min

    Forensic Use of "mount --bind" https://isc.sans.edu/forums/diary/Forensic+use+of+mount+bind/22854/ Adobe Publishes Secret PGP Key By Mistake https://twitter.com/jupenur/status/911286403434246144 AVAST Publishes CCleaner Update https://blog.avast.com/avast-threat-labs-analysis-of-ccleaner-incident Compromised Android Keyboard App https://blog.adguard.com/en/go-spy-go-popular-android-keyboard-from-china-crosses-the-red-line/

    Escucha
  • ISC StormCast for Friday, September 22nd 2017

    ISC StormCast for Friday, September 22nd 2017
    22/09/2017 Duración: 05min

    More (Likely Fake) DDoS Extortion Attempts https://isc.sans.edu/forums/diary/Emails+threatening+DDoS+allegedly+from+Phantom+Squad/22856/ CVE-2017-8759 Used in Cyber Crime Attacks https://isc.sans.edu/forums/diary/Email+attachment+using+CVE20178759+exploit+targets+Argentina/22850/ CCleaner Command and Control Server http://blog.talosintelligence.com/2017/09/ccleaner-c2-concern.html?m=1 Vulnerability in Intel Managment Engine Can Lead to Execution of Unsigned Code https://www.blackhat.com/eu-17/briefings/schedule/#how-to-hack-a-turned-off-computer-or-running-unsigned-code-in-intel-management-engine-8668

    Escucha
  • ISC StormCast for Thursday, September 21st 2017

    ISC StormCast for Thursday, September 21st 2017
    21/09/2017 Duración: 05min

    Newest Locky Update: RAR Attachments and "Invoice" E-Mails https://isc.sans.edu/forums/diary/Ongoing+Ykcol+Locky+campaign/22848/ Viacom S3 Bucket Leak https://www.upguard.com/breaches/cloud-leak-viacom iOS 11 Outlook.com Bug https://support.apple.com/en-us/HT208136

    Escucha
  • ISC StormCast for Wednesday, September 20th 2017

    ISC StormCast for Wednesday, September 20th 2017
    20/09/2017 Duración: 06min

    Mac-Robber Python Rewrite https://isc.sans.edu/forums/diary/New+tool+macrobberpy/22844/ Apache Tomcat Patch https://www.us-cert.gov/ncas/current-activity/2017/09/19/Apache-Releases-Security-Updates-Apache-Tomcat Apple Updates For iOS, Xcode, tvOS, watchOS and Safari https://support.apple.com/en-us/HT201222

    Escucha
  • ISC StormCast for Tuesday, September 19th 2017

    ISC StormCast for Tuesday, September 19th 2017
    19/09/2017 Duración: 08min

    CCleaner Compromise http://blog.talosintelligence.com/2017/09/avast-distributes-malware.html http://www.piriform.com/news/release-announcements/2017/9/18/security-notification-for-ccleaner-v5336162-and-ccleaner-cloud-v1073191-for-32-bit-windows-users Word INCLUDEPICTURE Feature Abuse https://securelist.com/an-undocumented-word-feature-abused-by-attackers/81899/ security.txt file https://www.ietf.org/id/draft-foudil-securitytxt-00.txt https://www.ietf.org/rfc/rfc2142.txt

    Escucha
  • ISC StormCast for Monday, September 18th 2017

    ISC StormCast for Monday, September 18th 2017
    18/09/2017 Duración: 05min

    Bashware: Bypassing Windows Security via Linux (WSL) https://research.checkpoint.com/beware-bashware-new-method-malware-bypass-security-solutions/ Javascript Rogue Crypto Currency Miner https://www.welivesecurity.com/2017/09/14/cryptocurrency-web-mining-union-profit/ NodeJS Hash Table DoS https://medium.com/@ahmadbamieh/nodejs-constant-hashtables-seeds-vulnerability-f03bf70e3593 HTTPS Interception https://blog.cloudflare.com/understanding-the-prevalence-of-web-traffic-interception/

    Escucha
  • ISC StormCast for Friday, September 15th 2017

    ISC StormCast for Friday, September 15th 2017
    15/09/2017 Duración: 05min

    Another Webshell; Another Backdoor https://isc.sans.edu/forums/diary/Another+webshell+another+backdoor/22826/ D-Link Vulnerability https://pierrekim.github.io/blog/2017-09-08-dlink-850l-mydlink-cloud-0days-vulnerabilities.html Chrome To Label FTP As Insecure https://groups.google.com/a/chromium.org/forum/#!msg/security-dev/HknIAQwMoWo/xYyezYV5AAAJ More Google Play Store Malware https://blog.checkpoint.com/2017/09/14/expensivewall-dangerous-packed-malware-google-play-will-hit-wallet/ Elasticsearch Botnet https://mackeepersecurity.com/post/kromtech-discovers-massive-elasticsearch-infected-malware-botnet

    Escucha
  • ISC StormCast for Thursday, September 14th 2017

    ISC StormCast for Thursday, September 14th 2017
    14/09/2017 Duración: 05min

    No IPv6? Challenge Accepted https://isc.sans.edu/forums/diary/No+IPv6+Challenge+Accepted+Part+1/22820/ Exploiting CVE-2017-8759 https://www.mdsec.co.uk/2017/09/exploiting-cve-2017-8759-soap-wsdl-parser-code-injection/ Wordpress Plugin Found With Backdoor https://www.pluginvulnerabilities.com/2017/09/11/wordpress-poor-handling-of-plugin-security-exacerbates-malicious-takeover-of-display-widgets/

    Escucha
  • ISC StormCast for Wednesday, September 13th 2017

    ISC StormCast for Wednesday, September 13th 2017
    13/09/2017 Duración: 05min

    Microsoft Patch Tuesday https://www.fireeye.com/blog/threat-research/2017/09/zero-day-used-to-distribute-finspy.html https://technet.microsoft.com/security/advisories BlueBorne Bluetooth Vulnerability http://go.armis.com/hubfs/BlueBorne%20Technical%20White%20Paper.pdf

    Escucha
  • ISC StormCast for Tuesday, September 12th 2017

    ISC StormCast for Tuesday, September 12th 2017
    12/09/2017 Duración: 06min

    Cisco Struts Updates https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170909-struts2-rce Google Chrome Warning Users of Anti-Malware SSL Interception https://twitter.com/sashaperigo/status/906263091624591360 Machinelearning To Identify Malicious TLS Connections https://arxiv.org/pdf/1607.01639.pdf Comodo Breaking CAA Standard https://www.mail-archive.com/dev-security-policy@lists.mozilla.org/msg08027.html

    Escucha
  • ISC StormCast for Monday, September 11th 2017

    ISC StormCast for Monday, September 11th 2017
    11/09/2017 Duración: 05min

    Analyzing JPEG Files https://isc.sans.edu/forums/diary/Analyzing+JPEG+files/22806/ Auditing Windows With WINspect https://isc.sans.edu/forums/diary/Windows+Auditing+with+WINspect/22810/ Windows PSSetLoadImageNotifyRoutine Vulnerability https://breakingmalware.com/documentation/windows-pssetloadimagenotifyroutine-callbacks-good-bad-unclear-part-1/ IOTA Cryptocurrency Vulnerable Hash Function https://medium.com/@neha/cryptographic-vulnerabilities-in-iota-9a6a9ddc4367

    Escucha
  • ISC StormCast for Friday, September 8th 2017

    ISC StormCast for Friday, September 8th 2017
    08/09/2017 Duración: 15min

    Yet Another Struts RCE Vulnerability https://struts.apache.org/docs/s2-053.html Equifax Compromise https://www.bloomberg.com/news/articles/2017-09-07/three-equifax-executives-sold-stock-before-revealing-cyber-hack Hash Extension Flaws https://isc.sans.edu/forums/diary/Modern+Web+Application+Penetration+Testing+Hash+Length+Extension+Attacks/22792/ Matt Hosburgh: Offensive Intrusion Analysis: Uncovering Insiders with Threat Hunting and Active Defense

    Escucha
  • ISC StormCast for Thursday, September 7th 2017

    ISC StormCast for Thursday, September 7th 2017
    07/09/2017 Duración: 05min

    Struts2 Metasploit Module https://github.com/rapid7/metasploit-framework/pull/8924/commits/5ea83fee5ee8c23ad95608b7e2022db5b48340ef Google Docs Table With Hacked MongoDB Databases https://docs.google.com/spreadsheets/d/1QonE9oeMOQHVh8heFIyeqrjfKEViL0poLnY8mAakKhM/edit#gid=1781677175 Bypassing Cloudflare https://rhinosecuritylabs.com/cloud-security/cloudflare-bypassing-cloud-security/

    Escucha
página 97 de 116

Títulos relacionados