SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brie...
A Deep Dive into TeamTNT and Spinning YARN
https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20A%20Deep%20Dive%20into%20TeamTNT%20and%20Spinning%20YARN/31530
Earth Koshchei Coopts Red Team Tools in Complex RDP Attacks
https://www.trendmicro.com/en_us/research/24/l/earth-koshchei.html
Okta Social Engineering Impersonation Report
https://sec.okta.com/articles/2024/okta-social-engineering-report-response-and-recommendation
US considers banning TP-Link routers over cybersecurity risks
https://www.bleepingcomputer.com/news/security/us-considers-banning-tp-link-routers-over-cybersecurity-risks/
CISA Releases Best Practice Guidance for Mobile Communications
https://www.cisa.gov/news-events/alerts/2024/12/18/cisa-releases-best-practice-guidance-mobile-communications
-------- Â
7:05
ISC StormCast for Wednesday, December 18th, 2024
Python Delivering AnyDesk Client as RAT
https://isc.sans.edu/diary/Python+Delivering+AnyDesk+Client+as+RAT/31524/
Vishing via Microsoft Teams Facilitates DarkGate Malware Intrusion
https://www.trendmicro.com/en_us/research/24/l/darkgate-malware.html
SS7 Attacks
https://www.404media.co/email/ac709882-1e4b-42fc-bcca-cf7ce4793716/
CrushFTP Vulnerability
https://crushftp.com/crush11wiki/Wiki.jsp?page=Update
-------- Â
5:15
ISC StormCast for Tuesday, December 17th, 2024
MUT-1244 Targeting Offensive Actors
https://securitylabs.datadoghq.com/articles/mut-1244-targeting-offensive-actors/
Golang Crypto Vulnerability
https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909
Meeten Malware: A Cross-Platform Threat to Crypto Wallets on macOS and Windows
https://www.cadosecurity.com/blog/meeten-malware-threat
-------- Â
6:16
ISC StormCast for Monday, December 16th, 2024
Exploit Attempts Inspired by Recent Struts 2 File Upload Vulnerability
https://isc.sans.edu/diary/Exploit%20attempts%20inspired%20by%20recent%20Struts2%20File%20Upload%20Vulnerability%20%28CVE-2024-53677%2C%20CVE-2023-50164%29/31520
Citrix Netscaler Password Spraying Mitigation
https://www.citrix.com/blogs/2024/12/13/password-spraying-attacks-netscaler-december-2024/
Let's Encrypt Six Day Certifiates
https://letsencrypt.org/2024/12/11/eoy-letter-2024/
Devices in Germany Arrived Pre-Pw0n3d
https://cybersecuritynews.com/30000-devices-in-germany-discovered-with-pre-installed-malware-badbox/
-------- Â
5:29
ISC StormCast for Friday, December 13th, 2024
Windows 11 and TPM
https://techcommunity.microsoft.com/blog/windows-itpro-blog/tpm-2-0-%E2%80%93-a-necessity-for-a-secure-and-future-proof-windows-11/4339066
https://www.forbes.com/sites/zakdoffman/2024/12/12/microsoft-warns-400-million-windows-users-do-not-update-your-pc/
Microsoft Azure MFA Bypass
https://www.oasis.security/resources/blog/oasis-security-research-team-discovers-microsoft-azure-mfa-bypass
Struts 2 Arbitrary File Upload CVE-2024-53677
https://cwiki.apache.org/confluence/display/WW/S2-067
Russian actor Secret Blizzard using tools of other groups to attack Ukraine
https://www.microsoft.com/en-us/security/blog/2024/12/11/frequent-freeloader-part-ii-russian-actor-secret-blizzard-using-tools-of-other-groups-to-attack-ukraine/
About SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
Listen to SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast), Diggnation (rebooted) and many other podcasts from around the world with the radio.net app
USA