Cyber Security Podcasts

Daily Information Security Podcast ("StormCast")

Stormcasts are daily 5-10 minute information security threat updates. The podcast is produced each work day, and typically released late in the day to be ready for your morning commute.

To subscribe, use one of the following URLs:
RSS feed: https://isc.sans.edu/dailypodcast.xml (any podcast player should support this in some way)

Recent Episodes

ISC StormCast for Wednesday, January 27th, 2021
sudo vulnerability; Quakbot Update; Targeting Security Researchers; Apple Updates
ISC StormCast for Tuesday, January 26th, 2021
Hunting DoH Endpoints; Malicious NPM; Mitigating $I30; Proton VPN BSOD
ISC StormCast for Monday, January 25th, 2021
JNLP Malware; SonicWall Breach/Vuln; iObit Breach/Ransomware
ISC StormCast for Friday, January 22nd, 2021
PS RunSpaces and REvil; SAP Exploit; Oracle Patches; RDP DDoS; High Performance Computing @sans_edu
ISC StormCast for Thursday, January 21st, 2021
SolarWinds Updates; Cisco Advisories; WebRTC State Issues; Oracle BI XSS
ISC StormCast for Wednesday, January 20th, 2021
Qakbot Back From Holiday; dnsmasq vulnerabilities; Freakout Malware; Kids Break Screensaver
ISC StormCast for Tuesday, January 19th, 2021
Malicious Document; CIS Cisco NX-OS Benchmark; Shazam Geolocation; Social Engineering via VoIP/Messaging
ISC StormCast for Monday, January 18th, 2021
DNS over HTTPs; Netlogon DC Encforcement Mode; Apple Removing Firewall Bypass
ISC StormCast for Friday, January 15th, 2021
Dynamic Excel 4 Analysis; NTFS Corruption; Cisco Vulnerabilities
ISC StormCast for Thursday, January 14th, 2021
Hancitor is Back; Intel Anti Ransomware; Clouds Rain; SAP Patches
ISC StormCast for Wednesday, January 13th, 2021
MSFT Patches; Adobe Patches; Mimecast Cert Stolen; Leaking Silhouettes
ISC StormCast for Tuesday, January 12th, 2021
NVD CVEScan; Sysinternals Update; Ubiquity Breach; Run-Only AppleScript Reversing
ISC StormCast for Monday, January 11th, 2021
String Analysis; CVSS Reliability; Trump Video Malware; Covid Vacine Smishing; dnsrecon
ISC StormCast for Friday, January 8th, 2021
NIST NVD API; Titan Security Key; Great Suspender Malware; Gnome Desktop Forensics @sans_edu
ISC StormCast for Thursday, January 7th, 2021
Zyxel Exploitation; Fortinet Patches; Foxit PhatomPDF; Firefox Android Updates
ISC StormCast for Wednesday, January 6th, 2021
Netfox Detective; ElectroRAT; Chrome to Prefer https; Android Patches; Telegram Location bug/feature
ISC StormCast for Tuesday, January 5th, 2021
From Small BAT to Infostealer; Citrix DTLS Flaw; Zend Deserialization
ISC StormCast for Monday, January 4th 2021
Traffic Analysis Quiz; Zyxel Backdoor; Microsoft Source Code Leak
ISC StormCast for Wednesday, December 30th 2020
Simple AV Priv Escalation; Go Miner Malware; AutoHotKey Credential Stealer
ISC StormCast for Tuesday, December 29th 2020
Android vs Let's Encrypt; Insufficient Windows Patch; Google Docs Vuln
ISC StormCast for Monday, December 28th 2020
Quick Weekend Diaries;
ISC StormCast for Wednesday, December 23rd 2020
Wifi Geolocation Malware; New Treck IP Stack Vulns; Detecting Treck IP Stack
ISC StormCast for Tuesday, December 22nd 2020
OpenPortStats.com; Dell Wyse Vuln; More Solarwinds
ISC StormCast for Monday, December 21st 2020
Citrix ADC: One Year Later; VirusTotal vs. PE Explorer; Kasachstan TLS; 5G Vuln; Bouncy Castle
ISC StormCast for Friday, December 18th 2020
No Password Github; Android Updates; Trend Micro InterScan Vuln; Malicious Browser Extensions
ISC StormCast for Thursday, December 17th 2020
Cloud DNS Logs; Solarwinds Update; HPE SIM Vuln; SAP HANA SAML Weakness @martingalloar
ISC StormCast for Wednesday, December 16th 2020
FireEye Maldoc; Difference Maker; F5 Big-IP; Google Outage; GoLang XML
ISC StormCast for Tuesday, December 15th 2020
SolarWinds Followup; Apple Updates Everything; SOREL-20M
ISC StormCast for Monday, December 14th 2020
SolarWinds Compromise; Fireeye Yara Rules; Flash Player EOL; Subway UK Spreads Trickbot
ISC StormCast for Friday, December 11th 2020
ngrok Python Backdoor; Cisco Jabber Patches; SANS Holiday Hackchallenge; Desierailization; @sans_edu
ISC StormCast for Thursday, December 10th 2020
Oblivious DNS over HTTPs; @httparchive almanach; IoT TCP/IP Stacks; Fireeye
ISC StormCast for Wednesday, December 9th 2020
Microsoft Patches; Adobe Patches; OpenSSL Patches; and more Patches
ISC StormCast for Tuesday, December 8th 2020
BASE64 Tricks; MSFT Teamcs RCE; PlayStation Now RCE; Cisco Security Manager RCE
ISC StormCast for Monday, December 7th 2020
Proxy Scanner; De-Pixalating Passwords; Tomcat Info Leak; Google Updates
ISC StormCast for Friday, December 4th 2020
Packet Challenge; iOS Zero Click to Exploit; GitHub Report; Implementing CIS Benchmark @sans_edu
ISC StormCast for Thursday, December 3rd 2020
DNS Spoofing; Bladabindi via npm; DarkIRC vs. WebLogic
ISC StormCast for Wednesday, December 2nd 2020
Xanthe Docker Aware Miner; Ocean Lotus Mac Backdoor; OpenClinic vs OpenClinic GA; Cyberstart
ISC StormCast for Tuesday, December 1st 2020
Decrypting PowerShell; TrendMicro Vuln; WebKit Update; New Skimmer JS
ISC StormCast for Monday, November 30th 2020
Powershell Patching Windows API; Dangers of IoT Gifts; MobileIron Vuln Exploited
ISC StormCast for Wednesday, November 25th 2020
TCP RST; VMware Advisory; Holiday Hack Challenge; @KringleCon
ISC StormCast for Tuesday, November 24th 2020
Cobalt Strike Beacon; Godaddy Social Engineering; FBI Domain Spoofing
ISC StormCast for Monday, November 23rd 2020
VMWare Update; DB2 Vuln; Fortinet SSL VPN
ISC StormCast for Friday, November 20th 2020
PowerShell Drops Formbook; Google Phish; JARM TLS Fingerprint; ICS and IDS @sans_edu
ISC StormCast for Thursday, November 19th 2020
More Controls Less Security; Google Chrome Update; Firefox HTTPS Only; Windows Kerberos
ISC StormCast for Wednesday, November 18th 2020
MacOS 11 FW Bypass; Apple OCSP Changes; Cisco Security Manager @frycos
ISC StormCast for Tuesday, November 17th 2020
Old Vulnerabilities; XenApp/Desktop Update; Anti Zoombombing; Firefox Vuln Details
ISC StormCast for Monday, November 16th 2020
Oledump Update; Old Malware New Clothes; MacOS OCSP Woes; VoltPillager SGX Attack
ISC StormCast for Friday, November 13th 2020
Exposed Azure Blobs; MacOS Security Updates; DNS Cache Poisoning Again; Poisoned Postman @sans_edu
ISC StormCast for Thursday, November 12th 2020
Traffic Analysis Quiz; OSS Security Scorecards; Bitdefender UPX Issues;
ISC StormCast for Wednesday, November 11th 2020
Microsoft Patch Tuesday; Platypus; Adobe/Firefox Updates; Fingerprinting ADS-B
ISC StormCast for Tuesday, November 10th 2020
How Attackers Improve; Linux Ransomware; Malicious MSFT Teams; NPM Malware; RPKI Update
ISC StormCast for Monday, November 9th 2020
WebLogic Coin Mining; Extract VBA; Let's Encrypt Updates; set_fs(); BigIP
ISC StormCast for Friday, November 6th 2020
Find "Invoke-Expression"; Apple Updates; VoIP Fraud; Replacing WINS @sans_edu
ISC StormCast for Thursday, November 5th 2020
Cisco AnyConnect Vuln; Chrome Root CA Policy; Android Security Bulletin
ISC StormCast for Wednesday, November 4th 2020
Cobalt Strike and WebLogic; SaltSack; Adobe; Twilio NPM Brandjacking; GitHub Workflows
ISC StormCast for Tuesday, November 3rd 2020
Emotet :hearts: Qakbot; WebLogic Bad News; Google Chrome Udpate
ISC StormCast for Monday, November 2nd 2020
CAA Records; Unpatched Windows Bug Exploited; Operation Kitsone
ISC StormCast for Friday, October 30th 2020
WebLogic CVE-2020-14882 Exploit; ZoneAlarm Update; Ransomware and Healthcare; OpenEMR Vulns; @sans_edu: Serverless
ISC StormCast for Thursday, October 29th 2020
Reminder: SMBGhost; MSFT Defender ATP False Positives; QNAP; Linux Trickbot; Abuse.ch
ISC StormCast for Wednesday, October 28th 2020
SonarQube Exploited; MSFT Edge/Chrome Updates; Flash Removal Tool; MSFT Teams
ISC StormCast for Tuesday, October 27th 2020
Excel 4 Visibility; HP Revoked Cert; Link Preview Privacy
ISC StormCast for Monday, October 26th 2020
Censys vs Shodan; Sooty; ML Attacks; #Samsung #S20 RCE; #VMWare Patches
ISC StormCast for Friday, October 23rd 2020
BazarLoader Samples; Secure Boot Reviews Stalled; Cisco Advisories
ISC StormCast for Thursday, October 22nd 2020
Agent Tesla Shipping Emails; CN Exploits Usual Vulns; URL Bar Spoofing; Oracle CPU
ISC StormCast for Wednesday, October 21st 2020
Mirai in Python; Chrome Urgent Patch; QNAP ZeroLogon Patch; GravityRat; US Census Spoof
ISC StormCast for Tuesday, October 20th 2020
Out of Band #MSFT Patches; #SS7 Attacks; Adobe #Magento Patches
ISC StormCast for Monday, October 19th 2020
CVE-2020-5135 #SonicWall RCE Vuln; Malspammer Mistakes; Traffic Analysis Quiz; Qualcom; Discord
ISC StormCast for Friday, October 16th 2020
Obfuscated #Python RAT; #BadNeighbor Update; BlueZ Vuln; Zoom E2EE
ISC StormCast for Thursday, October 15th 2020
TA511 Shathak Update; MSFT Patch Followup; Apple T2 Vuln Update; SAP Updates
ISC StormCast for Wednesday, October 14th 2020
Microsoft Patch Tuesday; Adobe Updates
ISC StormCast for Tuesday, October 13th 2020
Nested MSG Files; Trickbot Takedown Attempt; Chrome Improving Cache Privacy
ISC StormCast for Monday, October 12th 2020
Phishing Kits; Open Packaging; Analyzing MSGs; Cisco Flaws; Apple Flaws
ISC StormCast for Friday, October 9th 2020
Hashicorp Vault Vuln; Ryuk Writeup; Ricky Tan (@sans_edu) Zeek and Maltego Casefile
ISC StormCast for Thursday, October 8th 2020
Nobody Attacking You Today; Google Chrome/Android Patches; QNAP Patches; Comcast Remote Vuln.
ISC StormCast for Wednesday, October 7th 2020
Apple T2 Chip Vulnerability; NVIDIA; Cloudflare; Gavatar Privacy
ISC StormCast for Tuesday, October 6th 2020
Repetition Obfuscation; UEFI Malware; AV Priv Escalation Flaw; Rapid7 SMTP Scan
ISC StormCast for Monday, October 5th 2020
Phishing Kit; Huawei Botnet; SQL Server CU 8; Telstra BGP; Raccine @cyb3rops
ISC StormCast for Friday, October 2nd 2020
Azure AD Logs; Outdated Intel; Apple Pulls Patches; EMOTET Check Service
ISC StormCast for Thursday, October 1st 2020
FPURL.xml Scanning; HP Device Manager Backdoor; KensingtonWorks RCE
ISC StormCast for Wednesday, September 30th 2020
Contractor/Partner Remote Access; Microsoft ZeroLogon Update; Cisco Patches; Foxit PDF Patches
ISC StormCast for Tuesday, September 29th 2020
Tyler Breach; Obfuscated PowerShell Backdoor; QNAP Patch; TrendMicro Apex One Vulnerability
ISC StormCast for Monday, September 28th 2020
Exchange Online; Corrupt BASE64; Fortinet VPNs; Single Use CC Numbers
ISC StormCast for Friday, September 25th 2020
PowerShell Debugging; Zerologon Exploited; Instagram Vulnerability; Apple Patches
ISC StormCast for Thursday, September 24th 2020
Dynamic Maldocs; SAMBA and ZeroLogon; Google Chrome Update; QNAP Devices
ISC StormCast for Wednesday, September 23rd 2020
Citrix ADC Updates; Firefox Update; RDP vs. Ransomware; iOS 14 Jailbreak
ISC StormCast for Tuesday, September 22nd 2020
Overlay Phishing; MacOS Code Injection; Snort/ClamAV and Cobalt Strike
ISC StormCast for Monday, September 21st 2020
Python in Word Docs; Salesforce Phish; Google Appspot Phish; Sysmon Clipboard monitor
ISC StormCast for Friday, September 18th 2020
OSSEC Active Response; MSFT Mac Office Patch; VMWare Patch; Secure Boot; End of Flash
ISC StormCast for Thursday, September 17th 2020
Mirai vs Amanda; Apple Updates iOS/iPadOS/WatchOS and Safari
ISC StormCast for Wednesday, September 16th 2020
Malware Quiz; Magento 1 Attacks; Adobe Media Enc. Patch; Zerologin/Finger Reminders
ISC StormCast for Tuesday, September 15th 2020
.well-known; BLE Lock Replay Vulnerability; Mobile Iron MDM Exploit
ISC StormCast for Monday, September 14th 2020
Pillaging the Clipboard; PANOS Patch; Softswitch VoIP Malware; Zerologon
ISC StormCast for Friday, September 11th 2020
Dridex Update; Zoom 2FA; AMD CPU Lock; BLURtooth
ISC StormCast for Thursday, September 10th 2020
MacOS 11 Network Traffic; Azure Auto Patching Windows; WeaveScope Used for Docker Attack
ISC StormCast for Wednesday, September 9th 2020
Patch Tuesday: Microsoft, Adobe, Intel
ISC StormCast for Tuesday, September 8th 2020
XXE/VB 6.0 Malware; OLE and ZIP; Golang XSS; "Baka" Skimmer
ISC StormCast for Friday, September 4th 2020
Anti-Sandbox via NTP; Android DoH; DDoS Extortion; Cisco Jabber Followup
ISC StormCast for Thursday, September 3rd 2020
Evil Windows Python; iOS 13.7; Cisco Jabber Patch; MoFi Vulnerabilities
ISC StormCast for Wednesday, September 2nd 2020
Exposed DC Used for DDoS Attacks; Edge Reviving SHA1; Trend Micro Patch; Is isn't a Breach if the data is public
ISC StormCast for Tuesday, September 1st 2020
Finding Original Maldocs; Slack Vuln; Apple Approved Malware; Cisco DoS Bug Exploited

This podcast is also available via various podcast sites. Please let us know if we forgot one.

iTunes

MP3 Download

RSS Feed

Google Play

Stitcher

Podbean

Amazon Echo

YouTube

Spreaker

iOS App

Spotify

Top of page