Daily Information Security Podcast ("StormCast")

Stormcasts are daily 5-10 minute information security threat updates. The podcast is produced each work day, and typically released late in the day to be ready for your morning commute.
To subscribe, use one of the following URLs:
RSS feed: https://isc.sans.edu/dailypodcast.xml (any podcast
player should support this in some way)
Recent Episodes
- ISC StormCast for Wednesday, January 27th, 2021sudo vulnerability; Quakbot Update; Targeting Security Researchers; Apple Updates
- ISC StormCast for Tuesday, January 26th, 2021Hunting DoH Endpoints; Malicious NPM; Mitigating $I30; Proton VPN BSOD
- ISC StormCast for Monday, January 25th, 2021JNLP Malware; SonicWall Breach/Vuln; iObit Breach/Ransomware
- ISC StormCast for Friday, January 22nd, 2021PS RunSpaces and REvil; SAP Exploit; Oracle Patches; RDP DDoS; High Performance Computing @sans_edu
- ISC StormCast for Thursday, January 21st, 2021SolarWinds Updates; Cisco Advisories; WebRTC State Issues; Oracle BI XSS
- ISC StormCast for Wednesday, January 20th, 2021Qakbot Back From Holiday; dnsmasq vulnerabilities; Freakout Malware; Kids Break Screensaver
- ISC StormCast for Tuesday, January 19th, 2021Malicious Document; CIS Cisco NX-OS Benchmark; Shazam Geolocation; Social Engineering via VoIP/Messaging
- ISC StormCast for Monday, January 18th, 2021DNS over HTTPs; Netlogon DC Encforcement Mode; Apple Removing Firewall Bypass
- ISC StormCast for Friday, January 15th, 2021Dynamic Excel 4 Analysis; NTFS Corruption; Cisco Vulnerabilities
- ISC StormCast for Thursday, January 14th, 2021Hancitor is Back; Intel Anti Ransomware; Clouds Rain; SAP Patches
- ISC StormCast for Wednesday, January 13th, 2021MSFT Patches; Adobe Patches; Mimecast Cert Stolen; Leaking Silhouettes
- ISC StormCast for Tuesday, January 12th, 2021NVD CVEScan; Sysinternals Update; Ubiquity Breach; Run-Only AppleScript Reversing
- ISC StormCast for Monday, January 11th, 2021String Analysis; CVSS Reliability; Trump Video Malware; Covid Vacine Smishing; dnsrecon
- ISC StormCast for Friday, January 8th, 2021NIST NVD API; Titan Security Key; Great Suspender Malware; Gnome Desktop Forensics @sans_edu
- ISC StormCast for Thursday, January 7th, 2021Zyxel Exploitation; Fortinet Patches; Foxit PhatomPDF; Firefox Android Updates
- ISC StormCast for Wednesday, January 6th, 2021Netfox Detective; ElectroRAT; Chrome to Prefer https; Android Patches; Telegram Location bug/feature
- ISC StormCast for Tuesday, January 5th, 2021From Small BAT to Infostealer; Citrix DTLS Flaw; Zend Deserialization
- ISC StormCast for Monday, January 4th 2021Traffic Analysis Quiz; Zyxel Backdoor; Microsoft Source Code Leak
- ISC StormCast for Wednesday, December 30th 2020Simple AV Priv Escalation; Go Miner Malware; AutoHotKey Credential Stealer
- ISC StormCast for Tuesday, December 29th 2020Android vs Let's Encrypt; Insufficient Windows Patch; Google Docs Vuln
- ISC StormCast for Monday, December 28th 2020Quick Weekend Diaries;
- ISC StormCast for Wednesday, December 23rd 2020Wifi Geolocation Malware; New Treck IP Stack Vulns; Detecting Treck IP Stack
- ISC StormCast for Tuesday, December 22nd 2020OpenPortStats.com; Dell Wyse Vuln; More Solarwinds
- ISC StormCast for Monday, December 21st 2020Citrix ADC: One Year Later; VirusTotal vs. PE Explorer; Kasachstan TLS; 5G Vuln; Bouncy Castle
- ISC StormCast for Friday, December 18th 2020No Password Github; Android Updates; Trend Micro InterScan Vuln; Malicious Browser Extensions
- ISC StormCast for Thursday, December 17th 2020Cloud DNS Logs; Solarwinds Update; HPE SIM Vuln; SAP HANA SAML Weakness @martingalloar
- ISC StormCast for Wednesday, December 16th 2020FireEye Maldoc; Difference Maker; F5 Big-IP; Google Outage; GoLang XML
- ISC StormCast for Tuesday, December 15th 2020SolarWinds Followup; Apple Updates Everything; SOREL-20M
- ISC StormCast for Monday, December 14th 2020SolarWinds Compromise; Fireeye Yara Rules; Flash Player EOL; Subway UK Spreads Trickbot
- ISC StormCast for Friday, December 11th 2020ngrok Python Backdoor; Cisco Jabber Patches; SANS Holiday Hackchallenge; Desierailization; @sans_edu
- ISC StormCast for Thursday, December 10th 2020Oblivious DNS over HTTPs; @httparchive almanach; IoT TCP/IP Stacks; Fireeye
- ISC StormCast for Wednesday, December 9th 2020Microsoft Patches; Adobe Patches; OpenSSL Patches; and more Patches
- ISC StormCast for Tuesday, December 8th 2020BASE64 Tricks; MSFT Teamcs RCE; PlayStation Now RCE; Cisco Security Manager RCE
- ISC StormCast for Monday, December 7th 2020Proxy Scanner; De-Pixalating Passwords; Tomcat Info Leak; Google Updates
- ISC StormCast for Friday, December 4th 2020Packet Challenge; iOS Zero Click to Exploit; GitHub Report; Implementing CIS Benchmark @sans_edu
- ISC StormCast for Thursday, December 3rd 2020DNS Spoofing; Bladabindi via npm; DarkIRC vs. WebLogic
- ISC StormCast for Wednesday, December 2nd 2020Xanthe Docker Aware Miner; Ocean Lotus Mac Backdoor; OpenClinic vs OpenClinic GA; Cyberstart
- ISC StormCast for Tuesday, December 1st 2020Decrypting PowerShell; TrendMicro Vuln; WebKit Update; New Skimmer JS
- ISC StormCast for Monday, November 30th 2020Powershell Patching Windows API; Dangers of IoT Gifts; MobileIron Vuln Exploited
- ISC StormCast for Wednesday, November 25th 2020TCP RST; VMware Advisory; Holiday Hack Challenge; @KringleCon
- ISC StormCast for Tuesday, November 24th 2020Cobalt Strike Beacon; Godaddy Social Engineering; FBI Domain Spoofing
- ISC StormCast for Monday, November 23rd 2020VMWare Update; DB2 Vuln; Fortinet SSL VPN
- ISC StormCast for Friday, November 20th 2020PowerShell Drops Formbook; Google Phish; JARM TLS Fingerprint; ICS and IDS @sans_edu
- ISC StormCast for Thursday, November 19th 2020More Controls Less Security; Google Chrome Update; Firefox HTTPS Only; Windows Kerberos
- ISC StormCast for Wednesday, November 18th 2020MacOS 11 FW Bypass; Apple OCSP Changes; Cisco Security Manager @frycos
- ISC StormCast for Tuesday, November 17th 2020Old Vulnerabilities; XenApp/Desktop Update; Anti Zoombombing; Firefox Vuln Details
- ISC StormCast for Monday, November 16th 2020Oledump Update; Old Malware New Clothes; MacOS OCSP Woes; VoltPillager SGX Attack
- ISC StormCast for Friday, November 13th 2020Exposed Azure Blobs; MacOS Security Updates; DNS Cache Poisoning Again; Poisoned Postman @sans_edu
- ISC StormCast for Thursday, November 12th 2020Traffic Analysis Quiz; OSS Security Scorecards; Bitdefender UPX Issues;
- ISC StormCast for Wednesday, November 11th 2020Microsoft Patch Tuesday; Platypus; Adobe/Firefox Updates; Fingerprinting ADS-B
- ISC StormCast for Tuesday, November 10th 2020How Attackers Improve; Linux Ransomware; Malicious MSFT Teams; NPM Malware; RPKI Update
- ISC StormCast for Monday, November 9th 2020WebLogic Coin Mining; Extract VBA; Let's Encrypt Updates; set_fs(); BigIP
- ISC StormCast for Friday, November 6th 2020Find "Invoke-Expression"; Apple Updates; VoIP Fraud; Replacing WINS @sans_edu
- ISC StormCast for Thursday, November 5th 2020Cisco AnyConnect Vuln; Chrome Root CA Policy; Android Security Bulletin
- ISC StormCast for Wednesday, November 4th 2020Cobalt Strike and WebLogic; SaltSack; Adobe; Twilio NPM Brandjacking; GitHub Workflows
- ISC StormCast for Tuesday, November 3rd 2020Emotet :hearts: Qakbot; WebLogic Bad News; Google Chrome Udpate
- ISC StormCast for Monday, November 2nd 2020CAA Records; Unpatched Windows Bug Exploited; Operation Kitsone
- ISC StormCast for Friday, October 30th 2020WebLogic CVE-2020-14882 Exploit; ZoneAlarm Update; Ransomware and Healthcare; OpenEMR Vulns; @sans_edu: Serverless
- ISC StormCast for Thursday, October 29th 2020Reminder: SMBGhost; MSFT Defender ATP False Positives; QNAP; Linux Trickbot; Abuse.ch
- ISC StormCast for Wednesday, October 28th 2020SonarQube Exploited; MSFT Edge/Chrome Updates; Flash Removal Tool; MSFT Teams
- ISC StormCast for Tuesday, October 27th 2020Excel 4 Visibility; HP Revoked Cert; Link Preview Privacy
- ISC StormCast for Monday, October 26th 2020Censys vs Shodan; Sooty; ML Attacks; #Samsung #S20 RCE; #VMWare Patches
- ISC StormCast for Friday, October 23rd 2020BazarLoader Samples; Secure Boot Reviews Stalled; Cisco Advisories
- ISC StormCast for Thursday, October 22nd 2020Agent Tesla Shipping Emails; CN Exploits Usual Vulns; URL Bar Spoofing; Oracle CPU
- ISC StormCast for Wednesday, October 21st 2020Mirai in Python; Chrome Urgent Patch; QNAP ZeroLogon Patch; GravityRat; US Census Spoof
- ISC StormCast for Tuesday, October 20th 2020Out of Band #MSFT Patches; #SS7 Attacks; Adobe #Magento Patches
- ISC StormCast for Monday, October 19th 2020CVE-2020-5135 #SonicWall RCE Vuln; Malspammer Mistakes; Traffic Analysis Quiz; Qualcom; Discord
- ISC StormCast for Friday, October 16th 2020Obfuscated #Python RAT; #BadNeighbor Update; BlueZ Vuln; Zoom E2EE
- ISC StormCast for Thursday, October 15th 2020TA511 Shathak Update; MSFT Patch Followup; Apple T2 Vuln Update; SAP Updates
- ISC StormCast for Wednesday, October 14th 2020Microsoft Patch Tuesday; Adobe Updates
- ISC StormCast for Tuesday, October 13th 2020Nested MSG Files; Trickbot Takedown Attempt; Chrome Improving Cache Privacy
- ISC StormCast for Monday, October 12th 2020Phishing Kits; Open Packaging; Analyzing MSGs; Cisco Flaws; Apple Flaws
- ISC StormCast for Friday, October 9th 2020Hashicorp Vault Vuln; Ryuk Writeup; Ricky Tan (@sans_edu) Zeek and Maltego Casefile
- ISC StormCast for Thursday, October 8th 2020Nobody Attacking You Today; Google Chrome/Android Patches; QNAP Patches; Comcast Remote Vuln.
- ISC StormCast for Wednesday, October 7th 2020Apple T2 Chip Vulnerability; NVIDIA; Cloudflare; Gavatar Privacy
- ISC StormCast for Tuesday, October 6th 2020Repetition Obfuscation; UEFI Malware; AV Priv Escalation Flaw; Rapid7 SMTP Scan
- ISC StormCast for Monday, October 5th 2020Phishing Kit; Huawei Botnet; SQL Server CU 8; Telstra BGP; Raccine @cyb3rops
- ISC StormCast for Friday, October 2nd 2020Azure AD Logs; Outdated Intel; Apple Pulls Patches; EMOTET Check Service
- ISC StormCast for Thursday, October 1st 2020FPURL.xml Scanning; HP Device Manager Backdoor; KensingtonWorks RCE
- ISC StormCast for Wednesday, September 30th 2020Contractor/Partner Remote Access; Microsoft ZeroLogon Update; Cisco Patches; Foxit PDF Patches
- ISC StormCast for Tuesday, September 29th 2020Tyler Breach; Obfuscated PowerShell Backdoor; QNAP Patch; TrendMicro Apex One Vulnerability
- ISC StormCast for Monday, September 28th 2020Exchange Online; Corrupt BASE64; Fortinet VPNs; Single Use CC Numbers
- ISC StormCast for Friday, September 25th 2020PowerShell Debugging; Zerologon Exploited; Instagram Vulnerability; Apple Patches
- ISC StormCast for Thursday, September 24th 2020Dynamic Maldocs; SAMBA and ZeroLogon; Google Chrome Update; QNAP Devices
- ISC StormCast for Wednesday, September 23rd 2020Citrix ADC Updates; Firefox Update; RDP vs. Ransomware; iOS 14 Jailbreak
- ISC StormCast for Tuesday, September 22nd 2020Overlay Phishing; MacOS Code Injection; Snort/ClamAV and Cobalt Strike
- ISC StormCast for Monday, September 21st 2020Python in Word Docs; Salesforce Phish; Google Appspot Phish; Sysmon Clipboard monitor
- ISC StormCast for Friday, September 18th 2020OSSEC Active Response; MSFT Mac Office Patch; VMWare Patch; Secure Boot; End of Flash
- ISC StormCast for Thursday, September 17th 2020Mirai vs Amanda; Apple Updates iOS/iPadOS/WatchOS and Safari
- ISC StormCast for Wednesday, September 16th 2020Malware Quiz; Magento 1 Attacks; Adobe Media Enc. Patch; Zerologin/Finger Reminders
- ISC StormCast for Tuesday, September 15th 2020.well-known; BLE Lock Replay Vulnerability; Mobile Iron MDM Exploit
- ISC StormCast for Monday, September 14th 2020Pillaging the Clipboard; PANOS Patch; Softswitch VoIP Malware; Zerologon
- ISC StormCast for Friday, September 11th 2020Dridex Update; Zoom 2FA; AMD CPU Lock; BLURtooth
- ISC StormCast for Thursday, September 10th 2020MacOS 11 Network Traffic; Azure Auto Patching Windows; WeaveScope Used for Docker Attack
- ISC StormCast for Wednesday, September 9th 2020Patch Tuesday: Microsoft, Adobe, Intel
- ISC StormCast for Tuesday, September 8th 2020XXE/VB 6.0 Malware; OLE and ZIP; Golang XSS; "Baka" Skimmer
- ISC StormCast for Friday, September 4th 2020Anti-Sandbox via NTP; Android DoH; DDoS Extortion; Cisco Jabber Followup
- ISC StormCast for Thursday, September 3rd 2020Evil Windows Python; iOS 13.7; Cisco Jabber Patch; MoFi Vulnerabilities
- ISC StormCast for Wednesday, September 2nd 2020Exposed DC Used for DDoS Attacks; Edge Reviving SHA1; Trend Micro Patch; Is isn't a Breach if the data is public
- ISC StormCast for Tuesday, September 1st 2020Finding Original Maldocs; Slack Vuln; Apple Approved Malware; Cisco DoS Bug Exploited
This podcast is also available via various podcast sites. Please let us know if we forgot one.
Amazon Echo
