Daily Information Security Podcast ("StormCast")
Stormcasts are daily 5-10 minute information security threat updates. The podcast is produced each work day, and typically released late in the day to be ready for your morning commute.
To subscribe, use one of the following URLs:
RSS feed: https://isc.sans.edu/dailypodcast.xml (any podcast
player should support this in some way)
Recent Episodes
- ISC StormCast for Wednesday, November 14th 2018Microsoft Patch Tuesday; Adobe Patches
- ISC StormCast for Tuesday, November 13th 2018Google BPG Hijack via Russia; Bootable USB Microcode Loader; Wordpress GDPR Vuln.
- ISC StormCast for Monday, November 12th 20181.1.1.1 DNS For Mobile; CryotMiner Rootkits; Google Play Protect Success
- ISC StormCast for Friday, November 9th 2018Cisco Updates; Ruby Deserialization; Ouch Newsletter; Blockchain Botnets @sans_edu
- ISC StormCast for Thursday, November 8th 2018VirtualBox 0 Day; WooCommerce RCE #wordpress; Bing Notepad2 Malware; @Bsidesjax
- ISC StormCast for Wednesday, November 7th 2018Chinese Routing Leak; Android Update; Facetime PoC; U-Boot Vuln
- ISC StormCast for Tuesday, November 6th 2018Struts 2.3 RCE; Fake Elon Musk Site Steals BTC; Bypassing SSD Encryption
- ISC StormCast for Monday, November 5th 2018MacOS IR Beyond LaunchAgents; Dissecting CVE-2017-11882 Exploit; Portsmash, Edge Vuln
- ISC StormCast for Friday, November 2nd 2018Windows Defender Sandboxing Bug; BLE Vulnerability;
- ISC StormCast for Thursday, November 1st 2018Encrypted Word Maldocs; iOS/macOS ICMP Error RCE; iOS lock bypass;
- ISC StormCast for Wednesday, October 31st 2018Hancitor Update; Apple Updates; Telegram Clear Text Messages
- ISC StormCast for Tuesday, October 30th 2018PowerShell Cloning Maldoc; Unusual Malicious File Types; Crypto Tracker Backdoor
- ISC StormCast for Monday, October 29th 2018Office Docs and Linux; Anaylzing Crompressed RTF; DHCPv6 systemd; Docker; Hadoop
- ISC StormCast for Friday, October 26th 2018Scam Calls Targeting Chinese; X.org Priv. Elevation Flaw; MS Office Videos
- ISC StormCast for Thursday, October 25th 2018Reversing AutoIT; Arcserve Vulnerabilities; WebEx Vuln;
- ISC StormCast for Wednesday, October 24th 2018Malware Uses Decoy Picture; DoH Push Back; Signal Encryption Bug; Firefox 63
- ISC StormCast for Tuesday, October 23rd 2018Compressed RTF in MSG File; FreeRTOS TCP/IP Vuln; VLC Vulns; Yammer Update
- ISC StormCast for Monday, October 22nd 2018MacOS LaunchAgent; TLS Sessions; jQuery File Upload Plugin; Drupal
- ISC StormCast for Friday, October 19th 2018Cisco Patches; 51% Crypto Currency Attack; VMWare Patch;
- ISC StormCast for Thursday, October 18th 2018NewShareCount Abuse; D-Link Vulns; RID Hacking
- ISC StormCast for Wednesday, October 17th 2018Oracle CPU; libssh vulnerability; Vending Machine Mobile App; TLS1.0/1.1
- ISC StormCast for Tuesday, October 16th 2018CVE-2018-8495 PoE Exploit; Fake Mining Appsi; Fake Google Photo App
- ISC StormCast for Monday, October 15th 2018Branch.io Bug Affects Millions; Medtronics; WebLogic; MSFT JET Database
- ISC StormCast for Friday, October 12th 2018Equation Editor is Back;
- ISC StormCast for Thursday, October 11th 2018Whats App Vuln; SSH Fingerprints; win32k Vuln Details; Juniper Patches
- ISC StormCast for Wednesday, October 10th 2018Microsoft Patch Tuesday; Adobe Updates; Magecart hits Shopper Approved
- ISC StormCast for Tuesday, October 9th 2018Apple Updates; Intel 9th Gen CPU; Windows Deletes Files; macOS Code Signing
- ISC StormCast for Monday, October 8th 2018WPA2 Krack Attack Update; Cisco Patches; git Vulnerability; SWATing
- ISC StormCast for Friday, October 5th 2018Bloomberg Hardware Implant Story; Cloudflare Phishing; DNSSEC Root KSK Rollover
- ISC StormCast for Thursday, October 4th 2018Behind the Phish; Azure Phish; Zoho Phishing and keylogging
- ISC StormCast for Wednesday, October 3rd 2018Yara Rules; GhostDNS; Foxit PDF Reader Vulns; Intel ME Manufacturing Mode
- ISC StormCast for Tuesday, October 2nd 2018Facebook Update; Adobe Acrobat Update; SMTP MTA Strict Transport Security
- ISC StormCast for Monday, October 1st 2018Facebook Leak; Telegram leaks IPs; Browser Notifications; DDE Code Injection
- ISC StormCast for Friday, September 28th 2018Enriching Radare2/x64dbg Output; Apple DEP; UEFI Rootkit
- ISC StormCast for Thursday, September 27th 2018Emotet Update; Fedora Crypto Policies; Android Banking Trojan
- ISC StormCast for Wednesday, September 26th 2018Firefox Monitor;
- ISC StormCast for Tuesday, September 25th 2018MacOS 10.14; More Sextortion; Mojave Privacy Bypass; Cloudflare ESNI
- ISC StormCast for Monday, September 24th 2018Odd DNS Requests; Securing APIs; Windows Jet DB 0day; Malicious Job Offers
- ISC StormCast for Friday, September 21st 2018OSSEC Hunting; NSSLabs; Bitcoin DoS; WebAuthn
- ISC StormCast for Thursday, September 20th 2018Adobe PDF Updates; Credential Stuffing DDoS; Peekaboo;
- ISC StormCast for Wednesday, September 19th 2018Certificate Transparency Tools; WD MyCloud; Kodi Malicious Add-Ons; Cloudflare DNSSEC Support
- ISC StormCast for Tuesday, September 18th 2018Analyzing Office Docs; Apple Updates;
- ISC StormCast for Monday, September 17th 2018Reversing Shortcuts; Not So Random UA; Safari DoS; Webroot SecureAnywhere; Intel ME
- ISC StormCast for Friday, September 14th 2018Malicious MHT Files; Improved Coldboot Attacks; Hurricanes/Disasters; SAP Patches
- ISC StormCast for Thursday, September 13th 2018Fragment Update; Magacart Script; Bypassing CSP With Polyglots
- ISC StormCast for Wednesday, September 12th 2018Microsoft Patch Tuesday; Adobe Patches; URL Spooing; Exploit Search Engine
- ISC StormCast for Tuesday, September 11th 2018Malicious LNK File Tricks; Trend Micro Apps Removed from Apple App Store
- ISC StormCast for Sunday, September 9th 2018Headless Browser Cryptocoin Mining; Adware Doctor Privacy; VPN Priv Escalation
- ISC StormCast for Friday, September 7th 2018Powershell Malware C# Code;
- ISC StormCast for Thursday, September 6th 2018MEGA Chrome Extension Hack; Python Package Installer Code Exec; Win Scheduler Exploit
- ISC StormCast for Wednesday, September 5th 2018Microtik Exploits; Exposed git Directories; SSL Certs and Tor
- ISC StormCast for Tuesday, September 4th 2018Reversing Medium Mobile App;
- ISC StormCast for Sunday, September 2nd 2018OSX/MacOS Custom URL Schemes; Philips e-Alert Vulnerablity
- ISC StormCast for Friday, August 31st 2018Cryptocoin Miners Rule; Android Privacy Weakness; Mimecast EMail Stats
- ISC StormCast for Thursday, August 30th 2018More Octoprint Details #3dprint flaws; Packagist PHP Repo; More OpenSSH; TPM Flaws;
- ISC StormCast for Wednesday, August 29th 2018Windows Priv. Escalation 0 Day;
- ISC StormCast for Tuesday, August 28th 2018HWorm Infection Date; Gnome "Bubblewrap"; Fortnite Android Vuln
- ISC StormCast for Monday, August 27th 2018Struts CVE-2018-11776 Exploit Public; Publisher Malware; AT Commands;
- ISC StormCast for Friday, August 24th 2018Formcrafts Phishing;
- ISC StormCast for Thursday, August 23rd 2018New Critical Apache Struts Vulnerability; Ghostscript Vuln; Photoshop CC Vuln
- ISC StormCast for Wednesday, August 22nd 2018Malicious DLL Loaded with AutoIT; Critical Traefik Bug; Debian L1TF Patch Problem
- ISC StormCast for Tuesday, August 21st 2018Javascript ReDOS; OpenSSH User Enum Update; Turning (Page) Tables Exploit Technique
- ISC StormCast for Monday, August 20th 2018CVE-2018-8373 (VBScript Vulnerability); PHP Deserialization Vuln; HP Fax Patches
- ISC StormCast for Friday, August 17th 2018Anonymize pcaps; OpenSSH User Enum Vuln; VoiceXML #XXE;
- ISC StormCast for Thursday, August 16th 2018Maldoc Ransomware; Linux IP Frag DoS; macOS Scripting Mouse Clicks
- ISC StormCast for Wednesday, August 15th 2018#MSFT Patch Tuesday; Oracle Patch; Intel Patch
- ISC StormCast for Tuesday, August 14th 2018New Sextortion Wave; Intel Puma; btlejack
- ISC StormCast for Monday, August 13th 2018VIA C3 "God Mode"; Apple MDM Vulnerability; Peeking into MSG Files; JA3
- ISC StormCast for Friday, August 10th 2018Pacemaker/Insulin Pump Vuln; Panic Attacks; Process Doppleganging
- ISC StormCast for Thursday, August 9th 2018Homebrew Exposed Github Creds; WhatsApp Vuln.; Netflix AWS Methodology
- ISC StormCast for Wednesday, August 8th 2018Linux TCP DoS; Android August Updates; Lets Encrypt Trusted;
- ISC StormCast for Tuesday, August 7th 2018Numeric Obfuscation; Crestron Touchscreen Vulnerability; Facbook TLS 1.3;
- ISC StormCast for Monday, August 6th 2018New WPA Attack; Fake Techsupport Better Targeting; HP Printer Updates
- ISC StormCast for Friday, August 3rd 2018Malware in Animated GIF files; MicroTik Miner Botnet; MSFT Edge Vulnerability
- ISC StormCast for Thursday, August 2nd 2018Facebook #smishing; Port 52869 UPNP Attacks; Google/Microsoft Improve Security
- ISC StormCast for Wednesday, August 1st 2018Powershell Inside Certificates; TEMPEST is Back; Big Star Labs Spyware
- ISC StormCast for Tuesday, July 31st 2018DOSFuscation; Lets Encrypt Outage; Malvertising Campaign; Keepass Correction
- ISC StormCast for Monday, July 30th 2018Sextortion BTC Earnings; Adware Laced Downloads; PDF Editor Supply Chain Attack
- ISC StormCast for Friday, July 27th 2018NetSpectre; Google Play Outlaws Miners; Japanese Calendar
- ISC StormCast for Thursday, July 26th 2018Etherscan.io XSS; Tomcast Patch; DNS over HTTPs: Centralized or not?; ERP Systems Targeted
- ISC StormCast for Wednesday, July 25th 2018Emotet Update; Clear Text Phone Tracking; Bluetooth Bug; Apache OpenWhisk Bug
- ISC StormCast for Tuesday, July 24th 2018More Spectre; IE 0Day Patch Patched; HTTP Insecure; DNS Rebinding Again;
- ISC StormCast for Monday, July 23rd 2018New WebLogic Vuln Exploited; MSFt Edge XSS Protection Issue; Intel ME
- ISC StormCast for Friday, July 20th 2018Cisco Patches; Smart Vacuum Bugs; Instagram 2FA Update;
- ISC StormCast for Thursday, July 19th 2018Port 15454; Oracle CPU; Venmo Public API rediscovered;
- ISC StormCast for Wednesday, July 18th 2018Geolocating Login Attempts; Typo3 Update; Money Laundry Scheme
- ISC StormCast for Tuesday, July 17th 2018Encrypted SNI in TLS 1.3; Microsoft Will Retire "Delta Updates"; GPS Spoofing
- ISC StormCast for Monday, July 16th 2018Cryptominer Attached to JS; Dahua Vuln Exploited by Search Engine; iPhone MDM Spy Campaign
- ISC StormCast for Friday, July 13th 2018Extortion With Password; npm Package Malware; CIRCL IMAP Proxy; Banking Malware
- ISC StormCast for Thursday, July 12th 2018Hello Peppa Followup; Spectre 1.1/2; Site Isolation in Chrome
- ISC StormCast for Wednesday, July 11th 2018MSFT Patch Tueday; SettingContent-ms Files Blacklisted; Adobe Patches; Stolen DLINK Certificate;
- ISC StormCast for Tuesday, July 10th 2018Reverse Shell via Weblogic; Apple Patchesi; Hardening Azure AD Password Selection
- ISC StormCast for Monday, July 9th 2018HP iLO 4 Exploit; Miner/Ransomware; Online Gas Station Heist;
- ISC StormCast for Friday, July 6th 2018Gentoo GitHub Breach PM; World Cup Used to Trap Israeli Soldiers
- ISC StormCast for Thursday, July 5th 2018Watching Progress For Windows Scripts; Sylish Extension Steals History
- ISC StormCast for Tuesday, July 3rd 2018Odd PHP Exploit Attempt; Diameter Security; Attack Against Trezor
- ISC StormCast for Monday, July 2nd 2018MacOS Malware; LTE Attacks; Rowhammer Exploit For Android (and counter measure)
- ISC StormCast for Friday, June 29th 2018Nice Miners; Disassembling Webassembly; Spectre Browser Bypass; Gentoo Github Repo Takeover
- ISC StormCast for Thursday, June 28th 2018Magic Unicorn O365 API; Anonymizing Printers; Malware Analysis Opsec; CVE-2018-0296 (Cisco) Exploite
- ISC StormCast for Wednesday, June 27th 2018Analyzing XPS Files; WPA3 Finalized
This podcast is also available via various podcast sites. Please let us know if we forgot one.
iTunes
MP3 Download
RSS Feed
Google Play
Stitcher
Podbean
Amazon Echo
YouTube
Spreaker
iOS App
