Cyber Security Podcasts - SANS Internet Storm Center

Daily Information Security Podcast ("StormCast")

Stormcasts are daily 5-10 minute information security threat updates. The podcast is produced each work day, and typically released late in the day to be ready for your morning commute.

To subscribe, use one of the following URLs:
RSS feed: https://isc.sans.edu/dailypodcast.xml (any podcast player should support this in some way)

Recent Episodes

ISC StormCast for Monday, August 19th 2019
VoIP Vulnerabilities; AV Sandbox Leaks; Trend Micro Password Manager; Firefox Password Manager;
ISC StormCast for Friday, August 16th 2019
Spearphishing Maldoc Analysis; No News IoT Security; Kaspersky Insecurity
ISC StormCast for Thursday, August 15th 2019
MedusaHTTP Malware; DuckDNS C&C; HTTP/2 Vulnerabilities; Intel NUC
ISC StormCast for Wednesday, August 14th 2019
MSFT/Adobe Patch Tuesday; Windwos Text Services (CTF) Vulnerabilities
ISC StormCast for Tuesday, August 13th 2019
DAA Files; Exploiting SQLLite; Printer Vulnerabilities
ISC StormCast for Monday, August 12th 2019
Phishing With JavaScript; Camera Vulnerabilities; Tesla Surveilance; Electron Weaknesses
ISC StormCast for Friday, August 9th 2019
Kubernetes Security Audit; Apple Bug Bounty; Steam Vuln; Actual Sextortion
ISC StormCast for Thursday, August 8th 2019
AT&T Insider Attack; RDP/HyperV Vulnerability; Cisco Patches; Firefox Android WebAuthn
ISC StormCast for Wednesday, August 7th 2019
Corporate IoT Attack; SWAPGS Spectre Attacks; WPA-3 Weaknesses
ISC StormCast for Tuesday, August 6th 2019
Sexploitation Money Summary; VMWare Update; Android Qualcom Bug
ISC StormCast for Monday, August 5th 2019
Misconfigured JIRA; Voice Assistant Listening Policies Change; NVidia Updates; Detecting Chrome 76 Incognito Mode
ISC StormCast for Friday, August 2nd 2019
Investigating Port 9527; Rocke Cryptojacking; PowerShel Empire EOL
ISC StormCast for Thursday, August 1st 2019
Targeted Phish; Enterprise Software Phoning Home; Bypassing Contactless Limits
ISC StormCast for Wednesday, July 31st 2019
Luno Phish and Pseudo 2FA; Chrome Update; Disabling Siri Server Side Logging;
ISC StormCast for Tuesday, July 30th 2019
VxWorks TCP/IP Flaws; iOS iMessage File Disclosure (patched)
ISC StormCast for Monday, July 29th 2019
Port 34567 Uptick; LibreOffice Macro Code Exec; Extracting Private Keys from Amazon Music
ISC StormCast for Friday, July 26th 2019
When Users Attack; BlueKeep in Canvas; Darkmatter Cert Nixed; Johannesburg Ransomware
ISC StormCast for Thursday, July 25th 2019
VLC Non-Vulnerabilty; Crytominer with BlueKeep Scanner; Elastic; People as IOCs
ISC StormCast for Wednesday, July 24th 2019
TLS Configuration; #Apple Updates; #QNAP/#Synology Advice; New #Bluekeep Writeup @0xeb-bp
ISC StormCast for Tuesday, July 23rd 2019
Compressed PowerShell; GlobalProtect RCE; FortiOS RCE; ProFTPD Permission Issue
ISC StormCast for Monday, July 22nd 2019
php malware; iNSYNC breached by Ransomware
ISC StormCast for Friday, July 19th 2019
802.1x Tips; Kazachstan TLS Interception; Cylance Weakness; BEC Trends
ISC StormCast for Thursday, July 18th 2019
DNS TXT Records; Evilgnome Linux Malware; Interesting AMEX Phish
ISC StormCast for Wednesday, July 17th 2019
More Zoom Patches; Boarding Pass Hack; Android File Jacking
ISC StormCast for Tuesday, July 16th 2019
isodump.py released; Scrapy Vuln; Atlassian Crowd; iOS URL Schemes
ISC StormCast for Monday, July 15th 2019
Magecart Targets S3; Atlassian Jira; Tracking Anonymized BLE Devices
ISC StormCast for Friday, July 12th 2019
AZORult Sample; Zoom Followup; Apple Watch eavesdropping; PXE Windows Bug; @sans_edu
ISC StormCast for Thursday, July 11th 2019
Samba Disabling SMBv1; GnuPG Keyserver Update; eChoOraix Ransomware
ISC StormCast for Wednesday, July 10th 2019
MSFT Patch Tuesday; Adobe Updates; Critical Zoom Video Conferencing Bug
ISC StormCast for Tuesday, July 9th 2019
Canonical Hack; New Magecart Wave; Facebook Libra/Calibra Scams
ISC StormCast for Monday, July 8th 2019
DoH Or Not? Cisco Exploit, Magento Exploit, Malicious XSL Files
ISC StormCast for Wednesday, July 3rd 2019
Zipato SmartHub; Blocking DoH; Cloudflare Outage; Android Update; Powershell Killswitch
ISC StormCast for Tuesday, July 2nd 2019
Maldoc Payloads; Zyxel Patches; AMD Secure Memory Patch; Card Encrollment
ISC StormCast for Sunday, June 30th 2019
Domain Wide Virustotal Search; Mozilla TLS Guide; SKS Attack; QR Code Phishing
ISC StormCast for Friday, June 28th 2019
New Brickerbot; Telco Service Provider Attachs; Malwaretising; Automating Phish Reporting Response @sans_edu
ISC StormCast for Wednesday, June 26th 2019
Pitou.B Trojan; AWS VPC Traffic Mirroring; Elastic SIEM App; Spoofed Emergency Alerts
ISC StormCast for Tuesday, June 25th 2019
Cloudflare Outage; WeTransfer Leak; Jenkins Pillage @cloudflare @dolosgroup
ISC StormCast for Monday, June 24th 2019
SSH Keys in Memory; #Bluekeep Patching; Android ADB/SSH Botnet @damientmiller @notninjacat
ISC StormCast for Friday, June 21st 2019
Dell Support Assistant Update; Cisco RVxxxW RCE Vuln; STI Research: Biometrics @sans_edu #dell #cisco #biometrics
ISC StormCast for Thursday, June 20th 2019
WebLogic Critical Patch; Exim Exploits against Other Mail servers
ISC StormCast for Wednesday, June 19th 2019
SACK Panic Update; Critical Firefox Update; Google Site Reporter and Deceptive Site Protection
ISC StormCast for Tuesday, June 18th 2019
TCP SACK Panic; Logitech Pointer Recall, Rig Exploit Kit
ISC StormCast for Monday, June 17th 2019
Whats App Phishing; Encrypted Email Phishing; Android Apps Link to Fake Sites
ISC StormCast for Friday, June 14th 2019
#Exim Flaw Exploited; @YubiCo Recall; #Telegram Vuln; #Ghidra; VoWifi @sans_edu @0xAmit
ISC StormCast for Thursday, June 13th 2019
More SandboxEscaper; Bypassing NTML Message Signing; macOS Keysteal Details @simakov_marina @LinusHenze
ISC StormCast for Wednesday, June 12th 2019
Microsoft, Adobe, Intel, SAP Patches; GPS Woes; RAMBleed
ISC StormCast for Tuesday, June 11th 2019
JavaScript Deobfuscation; Spam Using DNS over HTTPS; BGP Leaks; VLC update
ISC StormCast for Monday, June 10th 2019
WMI Logs; DNS Logs and Sysmon; Komodo Wallet Highjack; MSFT SOC Lessons #MSFT #DNS
ISC StormCast for Friday, June 7th 2019
GoldBrute Botnet; Exim Vulnerability; iOS Apps Disabling TLS @wandera @renato_marinho @bojanz
ISC StormCast for Thursday, June 6th 2019
Android Updates; Chrome Updates; Bing Injecting Mac Malware @AiroSecurity @Akamai
ISC StormCast for Wednesday, June 5th 2019
Notepad Bug; vim bug; New RDP Vulnerability; @rawsec @taviso
ISC StormCast for Tuesday, June 4th 2019
macOS Synthetic Clicks; Intel Microcode for Old Win 10; Fake AV in Games; GandGrab
ISC StormCast for Monday, June 3rd 2019
Google Outage; Siemens LOGO 8! BM Vulnerablity; Exposing tor users; nginx njs vulnerability; #google #siemens #nginx #tor
ISC StormCast for Friday, May 31st 2019
scdbg Shellcode Analysis; GitHub Auto Patching; Docker Malware and Shodan; Web Packaging
ISC StormCast for Thursday, May 30th 2019
MSFT ASA Malware Analysis; Docker Symlink Race Attack; Nanshu Campaign; #MSFT #docker
ISC StormCast for Wednesday, May 29th 2019
BASE64 Encoded Powershell; #BlueKeep Census; MSFT DHCP Client Vuln Analysis; @sensepost @ErrataRob @0xdf_
ISC StormCast for Tuesday, May 28th 2019
GateKeeper Bypass; FortiOS SSL VPN Vulnerablities; Customizing NMAP
ISC StormCast for Friday, May 24th 2019
Custom URL Schemes; Skimming Trends; #Apple T2 Chip Update; #MSFT APT for MacOS @IntelAdvanced @zer0pwn
ISC StormCast for Thursday, May 23rd 2019
Yet Another BlueKeep Update; SanboxExcaper; Signed Malware
ISC StormCast for Wednesday, May 22nd 2019
Shodan Monitoring; Smartphone Fingerprinting; Docker Password Issues; #bluekeep #suricata sigs;
ISC StormCast for Tuesday, May 21st 2019
MSFT RDP Vuln (#BlueKeep) Update; Sharepoint Exploited; JWT Risks; MuddyWater
ISC StormCast for Monday, May 20th 2019
Google 0-Day Response Analysis; #ASUS WebStorage Exploited; #Apple Air Drop Vuln
ISC StormCast for Friday, May 17th 2019
Vulnerability Scanner NTLM Relay; ARIN Revokes Malicious IPs; Cisco Patches; ILS Hacks
ISC StormCast for Thursday, May 16th 2019
Forbes vs Magecart; TLS Tampering; Titan Key Update; Samba Patch; SAP Patch
ISC StormCast for Wednesday, May 15th 2019
More #Intel CPU Issues; #MSFT Patches (watch out #RDP!); #Apple/#Adobe Updates; Broken Trust Seal Logs Keystrokes
ISC StormCast for Tuesday, May 14th 2019
Linux rds_tcp_kill_sock RCE; WhatsApp; Cisco Vuln; Linksys JNAP Exposure
ISC StormCast for Monday, May 13th 2019
#DSSuite; #Sqlite Vuln; #NVidia Patch; Windows 10 #FIDO2 Cert; #Google ADB Backup
ISC StormCast for Friday, May 10th 2019
ELECTRICFISH; Fake Keepass Site; Android Updates; AV Company Breah
ISC StormCast for Thursday, May 9th 2019
EMail Roulette; Lightneuron Exchange Compromise; Alpine Linux Docker; Wordpress Secures Updates
ISC StormCast for Wednesday, May 8th 2019
Jenkins Exploit Mines Crypto; Confluence Miners; Cisco ESC REST Vuln;
ISC StormCast for Tuesday, May 7th 2019
UTF-16 in UDF Files; VMWare Fusion RCE; Bad Bad Guy Passwords; Amazon S3 Path Style Access
ISC StormCast for Monday, May 6th 2019
Git Ransomware; DLink Ransomware Patch; Jenkins Plugins; Malicious WPAD
ISC StormCast for Friday, May 3rd 2019
SAP Targeted; Cisco Nexus 9000; CryptoJacking Update; DLink; Securepairs; #righttorepair
ISC StormCast for Thursday, May 2nd 2019
RCE in Dell SupportAssist; Creston Vuln; More JS Skimmers; S/Mime and PGP Vuln
ISC StormCast for Wednesday, May 1st 2019
WebLogic Ransom Ware; Facebook Location Leak, AutoMacTC, KAPE
ISC StormCast for Tuesday, April 30th 2019
iLnkP2P Weakness; iFrame Tech Support Scam; Window 10 Users Avoiding October 2018 Update
ISC StormCast for Monday, April 29th 2019
WebLogic Update; Docker Hub Breach;
ISC StormCast for Friday, April 26th 2019
Windows Service Acccounts; Weblogic Flaw; Confluence Exploited; New Windows 10/Server Security Baseline
ISC StormCast for Thursday, April 25th 2019
Finding Domain Admins; X-Protect Covering PE Files; Hotspot Password Leak; Github Hosting Phishing Pages
ISC StormCast for Wednesday, April 24th 2019
VBA Macro Wtihout Source Code; More Shadowhammer Victims; Malicous Google Sites
ISC StormCast for Tuesday, April 23rd 2019
ACE Exploit; Younger Malware Senders; McAfee vs. Windows Update; Blocking Azure Blob Phishing
ISC StormCast for Monday, April 22nd 2019
Analyzing UDF Files; HTML Link Ping; Edge User Agents; French Govt Chat User Managment
ISC StormCast for Friday, April 19th 2019
Malicious UDF Files; Facebook Clear Text Passwords; Iranian Hackers Hacked; Win8 Live Tiles Takeover
ISC StormCast for Thursday, April 18th 2019
Sea Turtle; Broadcom Drivers; NamPoHyu, Confluence Attacks
ISC StormCast for Wednesday, April 17th 2019
CVE-2019-0726 (Win DHCP Client) PoC; Oracle CPU; WiPro Hacked; GHydra Tips
ISC StormCast for Tuesday, April 16th 2019
DNS False Positives; Adblock Code Injection; Executables in DICOM Images; Misleading VPN Ads
ISC StormCast for Monday, April 15th 2019
MTA-STA; AirBNB Cameras; VPN Credentials; MSIE XXE Vulnerability
ISC StormCast for Friday, April 12th 2019
GMail Supporting MTA-STS; Juniper Patch; Uniden IP Camera Site Hosting Malware
ISC StormCast for Thursday, April 11th 2019
WPA3 Dragonblood Vulnerablity; HOPLIGHT Trojan; SneakyPastes
ISC StormCast for Wednesday, April 10th 2019
Microsoft/Adobe Patches; Food Poisoning Malspam; Axis Vulnerability; Golang Vuln
ISC StormCast for Tuesday, April 9th 2019
TrendMicro Patch; Dovecot Patch; Apache Exploit; Using Javascript in Exploits; Ghidra vs. IDA
ISC StormCast for Monday, April 8th 2019
Fake Office365 Invoices; "well-known" hiding place; Altering CT Data; QT Framework Bug
ISC StormCast for Friday, April 5th 2019
Old Rule Triggers on New Exploit; Xiaomi Guardapp; Xwo Scanner; SmartWatches Pwned
ISC StormCast for Thursday, April 4th 2019
Ghidra vs. IDA; IRS Phishing; Large Facebook Data Leak; PostgreSQL "COPY" Command
ISC StormCast for Wednesday, April 3rd 2019
LaCie Drives Spread Fake AV; Unpatched IE/Edge SOP Bug; Apache Patch; Verzion Phish
ISC StormCast for Tuesday, April 2nd 2019
OpenOffice PDFs; Android Updates; Android Malware Redirects Phonecalls; Google Extends WebAuthn Support
ISC StormCast for Monday, April 1st 2019
Reversing Golang; Kubernetes Vulnerability; VMWare Patches; ASUS MACs
ISC StormCast for Friday, March 29th 2019
Passive DNS; Incomplete Cisco RV320 Patch; TPLink Debug Port
ISC StormCast for Thursday, March 28th 2019
MSFT Application Guard for FF/Chrome; LTE Vulnerabilities; NVidia Vuln;
ISC StormCast for Wednesday, March 27th 2019
Apple Updates; ASUS Response; Firefox Cert Issues; UC Browser MITM Vuln

This podcast is also available via various podcast sites. Please let us know if we forgot one.

iTunes

MP3 Download

RSS Feed

Google Play

Stitcher

Podbean

Amazon Echo

YouTube

Spreaker

iOS App

Spotify

Top of page