Cyber Security Podcasts

Daily Information Security Podcast ("StormCast")

Stormcasts are daily 5-10 minute information security threat updates. The podcast is produced each work day, and typically released late in the day to be ready for your morning commute.

To subscribe, use one of the following URLs:
RSS feed: https://isc.sans.edu/dailypodcast.xml (any podcast player should support this in some way)

Recent Episodes

ISC StormCast for Wednesday, November 25th 2020
TCP RST; VMware Advisory; Holiday Hack Challenge; @KringleCon
ISC StormCast for Tuesday, November 24th 2020
Cobalt Strike Beacon; Godaddy Social Engineering; FBI Domain Spoofing
ISC StormCast for Monday, November 23rd 2020
VMWare Update; DB2 Vuln; Fortinet SSL VPN
ISC StormCast for Friday, November 20th 2020
PowerShell Drops Formbook; Google Phish; JARM TLS Fingerprint; ICS and IDS @sans_edu
ISC StormCast for Thursday, November 19th 2020
More Controls Less Security; Google Chrome Update; Firefox HTTPS Only; Windows Kerberos
ISC StormCast for Wednesday, November 18th 2020
MacOS 11 FW Bypass; Apple OCSP Changes; Cisco Security Manager @frycos
ISC StormCast for Tuesday, November 17th 2020
Old Vulnerabilities; XenApp/Desktop Update; Anti Zoombombing; Firefox Vuln Details
ISC StormCast for Monday, November 16th 2020
Oledump Update; Old Malware New Clothes; MacOS OCSP Woes; VoltPillager SGX Attack
ISC StormCast for Friday, November 13th 2020
Exposed Azure Blobs; MacOS Security Updates; DNS Cache Poisoning Again; Poisoned Postman @sans_edu
ISC StormCast for Thursday, November 12th 2020
Traffic Analysis Quiz; OSS Security Scorecards; Bitdefender UPX Issues;
ISC StormCast for Wednesday, November 11th 2020
Microsoft Patch Tuesday; Platypus; Adobe/Firefox Updates; Fingerprinting ADS-B
ISC StormCast for Tuesday, November 10th 2020
How Attackers Improve; Linux Ransomware; Malicious MSFT Teams; NPM Malware; RPKI Update
ISC StormCast for Monday, November 9th 2020
WebLogic Coin Mining; Extract VBA; Let's Encrypt Updates; set_fs(); BigIP
ISC StormCast for Friday, November 6th 2020
Find "Invoke-Expression"; Apple Updates; VoIP Fraud; Replacing WINS @sans_edu
ISC StormCast for Thursday, November 5th 2020
Cisco AnyConnect Vuln; Chrome Root CA Policy; Android Security Bulletin
ISC StormCast for Wednesday, November 4th 2020
Cobalt Strike and WebLogic; SaltSack; Adobe; Twilio NPM Brandjacking; GitHub Workflows
ISC StormCast for Tuesday, November 3rd 2020
Emotet :hearts: Qakbot; WebLogic Bad News; Google Chrome Udpate
ISC StormCast for Monday, November 2nd 2020
CAA Records; Unpatched Windows Bug Exploited; Operation Kitsone
ISC StormCast for Friday, October 30th 2020
WebLogic CVE-2020-14882 Exploit; ZoneAlarm Update; Ransomware and Healthcare; OpenEMR Vulns; @sans_edu: Serverless
ISC StormCast for Thursday, October 29th 2020
Reminder: SMBGhost; MSFT Defender ATP False Positives; QNAP; Linux Trickbot; Abuse.ch
ISC StormCast for Wednesday, October 28th 2020
SonarQube Exploited; MSFT Edge/Chrome Updates; Flash Removal Tool; MSFT Teams
ISC StormCast for Tuesday, October 27th 2020
Excel 4 Visibility; HP Revoked Cert; Link Preview Privacy
ISC StormCast for Monday, October 26th 2020
Censys vs Shodan; Sooty; ML Attacks; #Samsung #S20 RCE; #VMWare Patches
ISC StormCast for Friday, October 23rd 2020
BazarLoader Samples; Secure Boot Reviews Stalled; Cisco Advisories
ISC StormCast for Thursday, October 22nd 2020
Agent Tesla Shipping Emails; CN Exploits Usual Vulns; URL Bar Spoofing; Oracle CPU
ISC StormCast for Wednesday, October 21st 2020
Mirai in Python; Chrome Urgent Patch; QNAP ZeroLogon Patch; GravityRat; US Census Spoof
ISC StormCast for Tuesday, October 20th 2020
Out of Band #MSFT Patches; #SS7 Attacks; Adobe #Magento Patches
ISC StormCast for Monday, October 19th 2020
CVE-2020-5135 #SonicWall RCE Vuln; Malspammer Mistakes; Traffic Analysis Quiz; Qualcom; Discord
ISC StormCast for Friday, October 16th 2020
Obfuscated #Python RAT; #BadNeighbor Update; BlueZ Vuln; Zoom E2EE
ISC StormCast for Thursday, October 15th 2020
TA511 Shathak Update; MSFT Patch Followup; Apple T2 Vuln Update; SAP Updates
ISC StormCast for Wednesday, October 14th 2020
Microsoft Patch Tuesday; Adobe Updates
ISC StormCast for Tuesday, October 13th 2020
Nested MSG Files; Trickbot Takedown Attempt; Chrome Improving Cache Privacy
ISC StormCast for Monday, October 12th 2020
Phishing Kits; Open Packaging; Analyzing MSGs; Cisco Flaws; Apple Flaws
ISC StormCast for Friday, October 9th 2020
Hashicorp Vault Vuln; Ryuk Writeup; Ricky Tan (@sans_edu) Zeek and Maltego Casefile
ISC StormCast for Thursday, October 8th 2020
Nobody Attacking You Today; Google Chrome/Android Patches; QNAP Patches; Comcast Remote Vuln.
ISC StormCast for Wednesday, October 7th 2020
Apple T2 Chip Vulnerability; NVIDIA; Cloudflare; Gavatar Privacy
ISC StormCast for Tuesday, October 6th 2020
Repetition Obfuscation; UEFI Malware; AV Priv Escalation Flaw; Rapid7 SMTP Scan
ISC StormCast for Monday, October 5th 2020
Phishing Kit; Huawei Botnet; SQL Server CU 8; Telstra BGP; Raccine @cyb3rops
ISC StormCast for Friday, October 2nd 2020
Azure AD Logs; Outdated Intel; Apple Pulls Patches; EMOTET Check Service
ISC StormCast for Thursday, October 1st 2020
FPURL.xml Scanning; HP Device Manager Backdoor; KensingtonWorks RCE
ISC StormCast for Wednesday, September 30th 2020
Contractor/Partner Remote Access; Microsoft ZeroLogon Update; Cisco Patches; Foxit PDF Patches
ISC StormCast for Tuesday, September 29th 2020
Tyler Breach; Obfuscated PowerShell Backdoor; QNAP Patch; TrendMicro Apex One Vulnerability
ISC StormCast for Monday, September 28th 2020
Exchange Online; Corrupt BASE64; Fortinet VPNs; Single Use CC Numbers
ISC StormCast for Friday, September 25th 2020
PowerShell Debugging; Zerologon Exploited; Instagram Vulnerability; Apple Patches
ISC StormCast for Thursday, September 24th 2020
Dynamic Maldocs; SAMBA and ZeroLogon; Google Chrome Update; QNAP Devices
ISC StormCast for Wednesday, September 23rd 2020
Citrix ADC Updates; Firefox Update; RDP vs. Ransomware; iOS 14 Jailbreak
ISC StormCast for Tuesday, September 22nd 2020
Overlay Phishing; MacOS Code Injection; Snort/ClamAV and Cobalt Strike
ISC StormCast for Monday, September 21st 2020
Python in Word Docs; Salesforce Phish; Google Appspot Phish; Sysmon Clipboard monitor
ISC StormCast for Friday, September 18th 2020
OSSEC Active Response; MSFT Mac Office Patch; VMWare Patch; Secure Boot; End of Flash
ISC StormCast for Thursday, September 17th 2020
Mirai vs Amanda; Apple Updates iOS/iPadOS/WatchOS and Safari
ISC StormCast for Wednesday, September 16th 2020
Malware Quiz; Magento 1 Attacks; Adobe Media Enc. Patch; Zerologin/Finger Reminders
ISC StormCast for Tuesday, September 15th 2020
.well-known; BLE Lock Replay Vulnerability; Mobile Iron MDM Exploit
ISC StormCast for Monday, September 14th 2020
Pillaging the Clipboard; PANOS Patch; Softswitch VoIP Malware; Zerologon
ISC StormCast for Friday, September 11th 2020
Dridex Update; Zoom 2FA; AMD CPU Lock; BLURtooth
ISC StormCast for Thursday, September 10th 2020
MacOS 11 Network Traffic; Azure Auto Patching Windows; WeaveScope Used for Docker Attack
ISC StormCast for Wednesday, September 9th 2020
Patch Tuesday: Microsoft, Adobe, Intel
ISC StormCast for Tuesday, September 8th 2020
XXE/VB 6.0 Malware; OLE and ZIP; Golang XSS; "Baka" Skimmer
ISC StormCast for Friday, September 4th 2020
Anti-Sandbox via NTP; Android DoH; DDoS Extortion; Cisco Jabber Followup
ISC StormCast for Thursday, September 3rd 2020
Evil Windows Python; iOS 13.7; Cisco Jabber Patch; MoFi Vulnerabilities
ISC StormCast for Wednesday, September 2nd 2020
Exposed DC Used for DDoS Attacks; Edge Reviving SHA1; Trend Micro Patch; Is isn't a Breach if the data is public
ISC StormCast for Tuesday, September 1st 2020
Finding Original Maldocs; Slack Vuln; Apple Approved Malware; Cisco DoS Bug Exploited
ISC StormCast for Monday, August 31st 2020
CenturyLink Outage; NZX DDoS; Pulse Connect Secure Patch
ISC StormCast for Friday, August 28th 2020
security.txt; DNS Queries; MSFT Extends Win10 1803 Deadline; LemonDuck Tricks
ISC StormCast for Thursday, August 27th 2020
Twists and Turns of Excel; Autodesk Plugins; Firefox Update; Insider Bribe
ISC StormCast for Wednesday, August 26th 2020
LOLBins; Malicous iOS Ads; Apache Update; Google Chrome Update
ISC StormCast for Tuesday, August 25th 2020
VT Threat Hunting; Secure RDP! Zoom Outage; MSFT Application Guard; Safari Bug
ISC StormCast for Monday, August 24th 2020
Helping Cyber Stalking Victims; RDP/Telnet Probes; Cinterion Java Vuln; Google Drive Extension Spoofing
ISC StormCast for Friday, August 21st 2020
Enumerating O365 Rules; Gmail Spoofing; Disable DisableAntiSpyware; Acoustic Key Picking
ISC StormCast for Thursday, August 20th 2020
Obfuscated Qakbot URLs; Encrypted Email Bugs; Win8.1/2012 Patch; Fileless Worm
ISC StormCast for Wednesday, August 19th 2020
Dropbox Exfil; Jenkins Advisory; Chrome 86 Insecure Forms; Crypto Worm Hitting Docker/Kubernetes/Jenkins
ISC StormCast for Tuesday, August 18th 2020
Apache Struts; Emotet Bug;
ISC StormCast for Monday, August 17th 2020
SANS Incident IOCs; Obfuscation by Size; Mac XCode Malware; Citrix Flase Positive
ISC StormCast for Friday, August 14th 2020
ReVoLTE Attack; Alexa Patch; Drovorub Linux Malware
ISC StormCast for Thursday, August 13th 2020
Mordor & Brim; Tor Exit Nodes Steal Bitcoin; SAP/Intel Patches; SANS Incident
ISC StormCast for Wednesday, August 12th 2020
vBulletin 0 Day; MSFT Patches; Adobe Patches; Citrix Endpoint Mgmt Update
ISC StormCast for Tuesday, August 11th 2020
Word Maldoc Solution; Pentest Scoping; Chrome Extensions; PDF Mayhem; Teamviewer update
ISC StormCast for Monday, August 10th 2020
WIFICAM nc Exploits; Snapdragon Vulns; Chinese Firewall ESNI Blocking
ISC StormCast for Friday, August 7th 2020
FTCODE Ransomware Resurfaces; MSFT Defender vs hosts file; MSFT Print Spool Vulnerabilities
ISC StormCast for Thursday, August 6th 2020
Malware Analysis Quiz; MacOS PoC Exploit; iOS OAuth2 Vuln; NSA Location Privacy Guide
ISC StormCast for Wednesday, August 5th 2020
CVE-2020-3452 (Cisco ASA/FTD) Updates; DNS Concentration; Android Patches; iOS Jailbreak
ISC StormCast for Tuesday, August 4th 2020
Multi C2 Macro; Boothole Patch Problem; Disable MacOS TCC; TAIDOOR Malware
ISC StormCast for Monday, August 3rd 2020
Bad Bots; KeePassRCP Update; QNAP Malware Remover; Android Phone Updates
ISC StormCast for Friday, July 31st 2020
SQLi and Python; Google Allowing Office 365 Phishing; Netgear/Zoom Vulns; OPNsense Update
ISC StormCast for Thursday, July 30th 2020
Consumer VPNs; Tails 4.9; Browser Updates; GRUB2 Vuln; Facial Recognition and Masks
ISC StormCast for Wednesday, July 29th 2020
New Datafeeds; Emotet Tricks; Magento Update; Docker Attacks;
ISC StormCast for Tuesday, July 28th 2020
In Memory of Donald Smith; Decoding Metasploit Payloads; Emotet Vigilante; QNAP Advisory
ISC StormCast for Monday, July 27th 2020
Desktop Apps Using Web Tech; VBA Passwords; Cisco Treck IP Update; Ubiquity
ISC StormCast for Friday, July 24th 2020
Blocking with MISP; ISC Intel Feed; ASUS Vuln; DLink Lost Key; Cisco Vuln
ISC StormCast for Thursday, July 23rd 2020
F5 IoCs; Insecure PDF Signatures; Sharepoint PoC; Twilio Compromise
ISC StormCast for Wednesday, July 22nd 2020
Covid19 Network Exposures; Adobe Patch; Citrix Workspace Vuln; Procmon 4 Linux
ISC StormCast for Tuesday, July 21st 2020
Sextortion Wrapup; "BadPower" USB-C Firmware Weakness; Zoom Phishing
ISC StormCast for Monday, July 20th 2020
#SigRed Update; Cloutflare Outage; ZeroShell; Zone.Identifier; Forgotten tcpdump
ISC StormCast for Friday, July 17th 2020
Twitter Compromise; SIGRed PoC; Apple Updates; SAP PoC; @sans_edu : Aaron Elyard
ISC StormCast for Thursday, July 16th 2020
MSFT DNS Server Vulnerability #sigred; Outlook Patch Crashes; Oracle CPU; Cisco Backdoors
ISC StormCast for Wednesday, July 15th 2020
MSFT Patch Tuesday; Adobe Patches
ISC StormCast for Tuesday, July 14th 2020
VBA Details; Apple mount_apfs TCC Bypass
ISC StormCast for Monday, July 13th 2020
Excel Starts Formbook; Zoom Update; Digicert Mass Revoke; OAUTH Consent Phishing
ISC StormCast for Friday, July 10th 2020
Citrix Scanning; Juniper Patches; Google Releases Tsunami Scanner; @sans_edu student Billy Wilson: Securing Super Computers
ISC StormCast for Thursday, July 9th 2020
Obfuscated Malware; PAN-OS Vulnerability; Citrix Vuln Details; Mozilla Suspends Send
ISC StormCast for Wednesday, July 8th 2020
F5 BigIP Wrapup / New Exploit Bypassing Workaround (HT @nccgroupinfosec); Citrix ADC Patches; Microsoft Freta;

This podcast is also available via various podcast sites. Please let us know if we forgot one.

iTunes

MP3 Download

RSS Feed

Google Play

Stitcher

Podbean

Amazon Echo

YouTube

Spreaker

iOS App

Spotify

Top of page