Sans Internet Storm Center Daily Network/cyber Security And Information Security Podcast
- Autor: Vários
- Narrador: Vários
- Editora: Podcast
- Duração: 220:59:20
- Mais informações
Informações:
Sinopse
Daily update on current cyber security threats
Episódios
-
![ISC StormCast for Wednesday, August 10th 2016]()
ISC StormCast for Wednesday, August 10th 2016
10/08/2016 Duração: 05minMSFT Patch Tuesday Summary https://isc.sans.edu/forums/diary/Microsoft+Patch+Tuesday+August+2016/21357/ Adobe Patch for Adobe Experience Manager https://helpx.adobe.com/security/products/experience-manager/apsb16-27.html Avast Anti Virus Conflict With Windows 10 Anniversary Update https://forum.avast.com/index.php?topic=189403.0
-
![ISC StormCast for Tuesday, August 9th 2016]()
ISC StormCast for Tuesday, August 9th 2016
08/08/2016 Duração: 06minUsing File Entropy to Identify "Ransomwared" Files https://isc.sans.edu/forums/diary/Using+File+Entropy+to+Identify+Ransomwared+Files/21351/ Bypassing Windows Digital Signatures https://www.blackhat.com/docs/us-16/materials/us-16-Nipravsky-Certificate-Bypass-Hiding-And-Executing-Malware-From-A-Digitally-Signed-Executable-wp.pdf Quadrooter Android Vulnerability http://blog.checkpoint.com/2016/08/07/quadrooter/ Defcon Slides Online https://media.defcon.org/DEF%20CON%2024/DEF%20CON%2024%20presentations/ Philips Hue Exploit (Video) http://colinoflynn.com/wp-content/uploads/2016/08/us-16-OFlynn-A-Lightbulb-Worm-wp.pdf
-
![ISC StormCast for Monday, August 8th 2016]()
ISC StormCast for Monday, August 8th 2016
08/08/2016 Duração: 05minAnalyzing Malicious RTF Files https://isc.sans.edu/forums/diary/rtfdump/21347/ Monitors Vulnerable To Remote Code Execution http://motherboard.vice.com/read/hackers-could-break-into-your-monitor-to-spy-on-you-and-manipulate-your-pixels Brute Forcing Encrypted Hard drive Protections https://www.blackhat.com/docs/us-16/materials/us-16-OFlynn-Brute-Forcing-Lockdown-Harddrive-PIN-Codes.pdf What is Using Your Webcam http://www.welivesecurity.com/2016/08/04/afraid-someone-misusing-webcam/
-
![ISC StormCast for Friday, August 5th 2016]()
ISC StormCast for Friday, August 5th 2016
05/08/2016 Duração: 06minSurge in Scans for Netis Router https://isc.sans.edu/forums/diary/Surge+in+Exploit+Attempts+for+Netis+Router+Backdoor+UDP53413/21337/ iPhone Thieves Use Targeted Phishing https://hackernoon.com/this-is-what-apple-should-tell-you-when-you-lose-your-iphone-8f07cf73cf82#.spgmbaejk NUUO/ReadyNAS Video Recorder Vulnerabilities https://raw.githubusercontent.com/pedrib/PoC/master/advisories/nuuo-nvr-vulns.txt mixed-blend-mode Browser History Leak https://lcamtuf.blogspot.com/2016/08/css-mix-blend-mode-is-bad-for-keeping.html
-
![ISC StormCast for Thursday, August 4th 2016]()
ISC StormCast for Thursday, August 4th 2016
04/08/2016 Duração: 06minThe Dark Side of Certificate Transparency https://isc.sans.edu/forums/diary/The+Dark+Side+of+Certificate+Transparency/21329/ Ouch Security Awareness Newsletter https://securingthehuman.sans.org/resources/newsletters/ouch/2016 HTTP/2 Vulnerabilities http://www.imperva.com/docs/Imperva_HII_HTTP2.pdf
-
![ISC StormCast for Wednesday, August 3rd 2016]()
ISC StormCast for Wednesday, August 3rd 2016
03/08/2016 Duração: 05minWindows 10 Aniversary Update Feedback https://kc.mcafee.com/corporate/index?page=content&id=KB87536 Android Updates https://source.android.com/security/bulletin/2016-08-01.html Unlocking Murder Victim Phone With Printed Fingerprint http://msutoday.msu.edu/news/2016/accessing-a-murder-victims-smartphone-to-help-solve-a-crime/ signout.live.com remote code execution vulnerability http://www.kernelpicnic.net/2016/07/24/Microsoft-signout.live.com-Remote-Code-Execution-Write-Up.html Edge/IE Still Leak NTLM Credentials (since 1997!) hxxp://witch.valdikss.org.ru (careful: test site will try to grab credentials)
-
![ISC StormCast for Tuesday, August 2nd 2016]()
ISC StormCast for Tuesday, August 2nd 2016
02/08/2016 Duração: 06minAre You Getting I-CANNED? https://isc.sans.edu/forums/diary/Are+you+getting+ICANNED/21323/ Windows 10 Anniversary Edition https://blogs.windows.com/windowsexperience/2016/06/29/windows-10-anniversary-update-available-august-2/ Pangu Jailbreak Leading To Compromised Accounts? https://www.reddit.com/r/jailbreak/comments/4v9cju/discussion_is_pangus_jailbreak_safe_an_hour_after/ https://twitter.com/PanguTeam/status/759729314577342468 SANS Boston "Security Impact of IPv6" https://www.sans.org/event/boston-2016/bonus-sessions/9392/#bonus-box
-
![ISC StormCast for Monday, August 1st 2016]()
ISC StormCast for Monday, August 1st 2016
31/07/2016 Duração: 05minrtfobj Update https://isc.sans.edu/forums/diary/rtfobj/21317/ Comodo SSL Certificates Mixup https://thehackerblog.com/keeping-positive-obtaining-arbitrary-wildcard-ssl-certificates-from-comodo-via-dangling-markup-injection/index.html SwiftKey Keyboard May Leak Private Data to Other Users https://blog.swiftkey.com/important-information-relating-to-the-status-of-our-sync-services/ New Version of OPNSense Released https://forum.opnsense.org/index.php?topic=3428.0 WhatsApp Does Not Delete All Chats http://www.zdziarski.com/blog/?p=6143
-
![ISC StormCast for Friday, July 29th 2016]()
ISC StormCast for Friday, July 29th 2016
29/07/2016 Duração: 05minVerifying SSL/TLS Certificates Manually https://isc.sans.edu/forums/diary/Verifying+SSLTLS+certificates+manually/21311/ LastPass Security Updates https://blog.lastpass.com/2016/07/lastpass-security-updates.html/ Android Linux Kernel Defenses https://security.googleblog.com/2016/07/protecting-android-with-more-linux.html Update to ISC Suspicious Domain List https://isc.sans.edu/suspicious_domains.html
-
![ISC StormCast for Thursday, July 28th 2016]()
ISC StormCast for Thursday, July 28th 2016
28/07/2016 Duração: 05minLinux Bot Analysis https://isc.sans.edu/forums/diary/Analyze+of+a+Linux+botnet+client+source+code/21305/ Critical XEN PV Guests Vulnerability https://isc.sans.edu/forums/diary/Critical+Xen+PV+guests+vulnerabilities/21307/ LastPass Vulnerability https://labs.detectify.com/2016/07/27/how-i-made-lastpass-give-me-all-your-passwords/ Chimera Ransomware Keys Leaked https://blog.malwarebytes.com/cybercrime/2016/07/keys-to-chimera-ransomware-leaked/ Fiat/Chrysler Software Recall http://www.thecarconnection.com/news/1105198_2015-chrysler-200-jeep-renegade-2014-2015-jeep-cherokee-recalled-410000-vehicles-affected?preview=true Defending Web Applications Security Essentials (DEV522) in Vegas! https://www.sans.org/event/network-security-2016/course/defending-web-applications-security-essentials
-
![ISC StormCast for Wednesday, July 27th 2016]()
ISC StormCast for Wednesday, July 27th 2016
27/07/2016 Duração: 06minDNS Cmd and Ctrl via AAAA Records https://isc.sans.edu/forums/diary/Command+and+Control+Channels+Using+AAAA+DNS+Records/21301/ Microsoft Authenticator https://blogs.technet.microsoft.com/enterprisemobility/2016/07/25/microsoft-authenticator-coming-august-15th/ WPAD May Leak HTTPS URLs http://arstechnica.com/security/2016/07/new-attack-that-cripples-https-crypto-works-on-macs-windows-and-linux/ HOnions: Tor Servers To Discover Snooping Tor Nodes https://regmedia.co.uk/2016/07/25/10_honions-sanatinia.pdf
-
![ISC StormCast for Tuesday, July 26th 2016]()
ISC StormCast for Tuesday, July 26th 2016
26/07/2016 Duração: 05minPython Malware - Part 4 https://isc.sans.edu/forums/diary/Python+Malware+Part+4/21297/ Powerware Decrypter https://github.com/pan-unit42/public_tools/blob/master/powerware/powerware_decrypt.py No More Ransomware https://www.nomoreransom.org Pangu iOS 9.3.3 Jailbrake http://en.pangu.io Safe Skies TSA Keys Duplicated http://www.3ders.org/articles/20160725-hackers-create-3d-printed-tsa-safe-skies-master-key-for-luggage-release-blueprints.html
-
![ISC StormCast for Monday, July 25th 2016]()
ISC StormCast for Monday, July 25th 2016
25/07/2016 Duração: 05minNIST Digital Authentication Guide Preview https://github.com/usnistgov/800-63-3 Powerware Ransomware Spoofing Locky http://researchcenter.paloaltonetworks.com/2016/07/unit42-powerware-ransomware-spoofing-locky-malware-family/ SAP HANA Security Advisory http://www.onapsis.com/research/security-advisories Pokemon Go Forensics https://www.gillware.com/forensics/blog/mobile-forensics/oh-no-pokemon-go-forensic-artifacts
-
![ISC StormCast for Friday, July 22nd 2016]()
ISC StormCast for Friday, July 22nd 2016
22/07/2016 Duração: 04minA Practice ntds.dit File For Hash Extraction and Password Cracking https://isc.sans.edu/forums/diary/Practice+ntdsdit+File/21287/ Mozilla Further Reducing Flash Content https://blog.mozilla.org/futurereleases/2016/07/20/reducing-adobe-flash-usage-in-firefox/ Little Snitch Update https://www.obdev.at/products/littlesnitch/releasenotes.html PHP 7.0.9 / 5.6.24 Released (fixes httpoxy vulnerability) http://php.net/ChangeLog-7.php#7.0.9 http://www.php.net/ChangeLog-5.php#5.6.24 Google Chrome Update http://googlechromereleases.blogspot.com/search/label/Stable%20updates
-
![ISC StormCast for Thursday, July 21st 2016]()
ISC StormCast for Thursday, July 21st 2016
21/07/2016 Duração: 05minOracle Critical Patch Update http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html DNS Root Key Rotation http://schd.ws/hosted_files/icann562016/60/Matt%20Larson%20ICANN56%20KSK%20roll%20briefing.pdf Anti-Malware Codehooking Vulnerabilities http://breakingmalware.com/vulnerabilities/captain-hook-pirating-avs-bypass-exploit-mitigations/ More Details Regaring Apple's Image I/O Vulnerablity http://www.talosintelligence.com/reports/TALOS-2016-0171/ Hidden Backdoor in Dell Security Software https://www.digitaldefense.com/ddi-six-discoveries/
-
![ISC StormCast for Wednesday, July 20th 2016]()
ISC StormCast for Wednesday, July 20th 2016
20/07/2016 Duração: 05minObjective Systems ASN1C Compiler Creates Vulnerable Code https://github.com/programa-stic/security-advisories/tree/master/ObjSys/CVE-2016-5080 Office Maldoc Analysis https://isc.sans.edu/forums/diary/Office+Maldoc+Lets+Focus+on+the+VBA+Macros+Later/21275/ Defeating GMail's Malicious Macro Signatures https://warroom.securestate.com/bypassing-gmails-malicious-macro-signatures/
-
![ISC StormCast for Tuesday, July 19th 2016]()
ISC StormCast for Tuesday, July 19th 2016
19/07/2016 Duração: 06minhttpoxy Vulnerability https://isc.sans.edu/forums/diary/HTTP+Proxy+Header+Vulnerability+httpoxy/21271/ Apple Security Updates https://support.apple.com/en-us/HT201222 Toll Number Calling via Two Factor Authentication https://www.arneswinnen.net/2016/07/how-i-could-steal-money-from-instagram-google-and-microsoft/
-
![ISC StormCast for Monday, July 18th 2016]()
ISC StormCast for Monday, July 18th 2016
18/07/2016 Duração: 05minMore Python Malware Critical Juniper Vulnerability https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10755&actp=search MS16-053 Included in Neutrino Exploit Kit https://www.fireeye.com/blog/threat-research/2016/07/exploit_kits_quickly.html SSH Username Disclosure http://seclists.org/fulldisclosure/2016/Jul/51
-
![ISC StormCast for Friday, July 15th 2016]()
ISC StormCast for Friday, July 15th 2016
15/07/2016 Duração: 05minThe Power of Web Shells https://isc.sans.edu/forums/diary/The+Power+of+Web+Shells/21257/ Airtel India Intercepting Cloudflare Traffic https://medium.com/@karthikb351/airtel-is-sniffing-and-censoring-cloudflares-traffic-in-india-and-they-don-t-even-know-it-90935f7f6d98#.g78ucnpo6 WordPress SEO Pack Plugin Persistent Cross Site Scripting https://sumofpwn.nl/advisory/2016/persistent_cross_site_scripting_in_all_in_one_seo_pack_wordpress_plugin.html Github Releases synsanity SYN Flood Defense http://githubengineering.com/syn-flood-mitigation-with-synsanity/ MS16-094 Prevents Booting Linux On Microsoft Surface http://www.theregister.co.uk/2016/07/15/windows_fix_closes_rt_unlock_loophole/
-
![ISC StormCast for Thursday, July 14th 2016]()
ISC StormCast for Thursday, July 14th 2016
14/07/2016 Duração: 04minHunting for Malicious Files with MISP + OSSEC https://isc.sans.edu/forums/diary/Hunting+for+Malicious+Files+with+MISP+OSSEC/21251/ Drupal: Patch released today to fix a highly critical RCE in contributed modules https://isc.sans.edu/forums/diary/Drupal+Patch+released+today+to+fix+a+highly+critical+RCE+in+contributed+modules/21255/ Riffle anonymity network trying to compete with tor http://people.csail.mit.edu/devadas/pubs/riffle.pdf
