SANS Internet Storm Center's Daily Network Security News Podcast

Episodes

Network Security News Summary for Monday August 19th, 2024

Aug 18 2024

Summarizing WebHpot Logs; Exposed env files; Chrome Auto Redaction; Google Ad Scammers; Hacking Bike Shifters; Summarizing Web Honeypot Logs https://isc.sans.edu/diary/%5BGuest%20Diary%5D%207%20minutes%20and%204%20steps%20to%20a%20quick%20win%3A%20A%20write-up%20on%20custom%20tools/31170 Large Scale Cloud Extortion Operation https://unit42.paloaltonetworks.com/large-scale-cloud-extortion-operation/ Chrome Redacting Credit Cards and Passwords when you share Android Screens https://www.bleepingcomputer.com/news/google/chrome-will-redact-credit-cards-passwords-when-you-share-android-screen/ Google Products Targeted by Search Ad Scammers https://www.malwarebytes.com/blog/scams/2024/08/dozens-of-google-products-targeted-by-scammers-via-malicious-search-ads MakeShift: Security Analysis of Shimano Di2 Wireless Gear Shifting in Bicyles https://www.usenix.org/system/files/woot24-motallebighomi.pdf keywords: shimano; bike; shifter; google; ads; scams; chrome; cloud; env; honeypot
Show more Show less

6 mins

Failed to add items

Sorry, we are unable to add the item because your shopping cart is already at capacity.

Add to Cart failed.

Please try again later

Add to Wish List failed.

Please try again later

Remove from wishlist failed.

Please try again later

Adding to library failed

Please try again

Follow podcast failed

Please try again

Unfollow podcast failed

Please try again

Listen for free
Network Security News Summary for Friday August 16th, 2024

Aug 15 2024

Wireshark 4.4rc1; Github Aritfact Token Leaks; Bitlocker Fix Issues; Solarwinds Hotfix; Ed Skoudis: The Code of Honor @sans_edu Wireshark 4.4.0 rc 1 Custom Columns https://isc.sans.edu/diary/Wireshark%204.4.0rc1%27s%20Custom%20Columns/31174 Github Repo Artifact Leak Tokens https://unit42.paloaltonetworks.com/github-repo-artifacts-leak-tokens/ BitLocker Security Feature Bypass Vulnerability https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-38058 Solarwindws Hotfix https://support.solarwinds.com/SuccessCenter/s/article/WHD-12-8-3-Hotfix-1 Ed Skoudis, Paul Maurer: The Code of Honor https://cybercodeofhonor.com/ keywords: honor; code; ethids; skoudis; sans.edu;
Show more Show less

17 mins

Failed to add items

Sorry, we are unable to add the item because your shopping cart is already at capacity.

Add to Cart failed.

Please try again later

Add to Wish List failed.

Please try again later

Remove from wishlist failed.

Please try again later

Adding to library failed

Please try again

Follow podcast failed

Please try again

Unfollow podcast failed

Please try again

Listen for free
Network Security News Summary for Thursday August 15th, 2024

Aug 14 2024

MSI Malware; Windows IPv6 Vuln; Critical Ivanti Patch; Adobe Patches; MSI Malware https://isc.sans.edu/diary/Multiple%20Malware%20Dropped%20Through%20MSI%20Package/31168 Microsoft IPv6 Vulnerablity CVE-2024-38063 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38063 https://x.com/XiaoWei___/status/1823532146679799993/photo/1 Critical Ivanti Virtual Traffic Manager Patch CVE-2024-7593 https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Virtual-Traffic-Manager-vTM-CVE-2024-7593?language=en_US Adobe Patches https://helpx.adobe.com/security/security-bulletin.html keywords: ivanti; adobe; traffic manager; microsoft; ipv6; msi; malware;
Show more Show less

7 mins

Failed to add items

Sorry, we are unable to add the item because your shopping cart is already at capacity.

Add to Cart failed.

Please try again later

Add to Wish List failed.

Please try again later

Remove from wishlist failed.

Please try again later

Adding to library failed

Please try again

Follow podcast failed

Please try again

Unfollow podcast failed

Please try again

Listen for free
Network Security News Summary for Wednesday August 14th, 2024

Aug 13 2024

Microsoft Patches; Post Quantum Encryption; Zabbix Vulns; Microsoft August 2024 Patch Tuesday https://isc.sans.edu/diary/Microsoft%20August%202024%20Patch%20Tuesday/31164 NIST Finalizes Post Quantum Encryption Standards https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards Zabbix Network Monitoring Updates https://support.zabbix.com/browse/ZBX-25016 https://support.zabbix.com/browse/ZBX-25013 (and others) keywords: zabbix; nist; microsoft; patches;
Show more Show less

6 mins

Failed to add items

Sorry, we are unable to add the item because your shopping cart is already at capacity.

Add to Cart failed.

Please try again later

Add to Wish List failed.

Please try again later

Remove from wishlist failed.

Please try again later

Adding to library failed

Please try again

Follow podcast failed

Please try again

Unfollow podcast failed

Please try again

Listen for free
Network Security News Summary for Tuesday August 13th, 2024

Aug 12 2024

Quick Share Vulns; Chrome/Edge Malicious Extensions; AMD Vuln Patched; QuickShell: Sharing is Caring about an RCE Attack Chain on Quick Share https://www.safebreach.com/blog/rce-attack-chain-on-quick-share Chrome, Edge users beset by malicious extensions that can’t be easily removed https://www.helpnetsecurity.com/2024/08/12/chrome-edge-malicious-browser-extensions/ AMD Guest Memory Vulnerabilities https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html keywords: amd; flaw; smm; chrome; edge; extension; quckshell; quick share; google; android
Show more Show less

6 mins

Failed to add items

Sorry, we are unable to add the item because your shopping cart is already at capacity.

Add to Cart failed.

Please try again later

Add to Wish List failed.

Please try again later

Remove from wishlist failed.

Please try again later

Adding to library failed

Please try again

Follow podcast failed

Please try again

Unfollow podcast failed

Please try again

Listen for free
Network Security News Summary for Monday August 12th, 2024

Aug 12 2024

CORS/SameOrigin Video; E-Mail Parser Issues; Apache HTTP Confusion Attacks; Office Spoofing 0-Day; CORS/SameOrigin Video https://isc.sans.edu/forums/diary/Video%3A%20Same%20Origin%2C%20CORS%2C%20DNS%20Rebinding%20and%20Localhost/31158/ Splitting the email atom: exploiting parsers to bypass access controls https://portswigger.net/research/splitting-the-email-atom#parser-discrepancies Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server! https://blog.orange.tw/2024/08/confusion-attacks-en.html GL-Inet Patches https://www.gl-inet.com/security-updates/security-advisories-vulnerabilities-and-cves-aug-1-2024/ Microsoft Office Spoofing Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38200 keywords: microsoft; office; gl-inet; confusion; apache; http; email; parsing; cors; sameorgin;
Show more Show less

6 mins

Failed to add items

Sorry, we are unable to add the item because your shopping cart is already at capacity.

Add to Cart failed.

Please try again later

Add to Wish List failed.

Please try again later

Remove from wishlist failed.

Please try again later

Adding to library failed

Please try again

Follow podcast failed

Please try again

Unfollow podcast failed

Please try again

Listen for free
Network Security News Summary for Friday August 09th, 2024

Aug 8 2024

Disabling Phish Warning; SSHAMBLE; macOS Permission Prompts; .internal Domain Exploring Anti-Phishing Measures in Microsoft 365 https://certitude.consulting/blog/en/o365-anti-phishing-measures/ SSHamble Security Testing Tool https://www.runzero.com/blog/sshamble-unexpected-exposures-in-the-secure-shell/ macOS Sequoia Weekly Permission Prompts https://9to5mac.com/2024/08/06/macos-sequoia-screen-recording-privacy-prompt/ .internal domain https://www.icann.org/en/public-comment/proceeding/proposed-top-level-domain-string-for-private-use-24-01-2024 keywords: internal, macos; sequoia; sshamble; microsoft; phishing
Show more Show less

6 mins

Failed to add items

Sorry, we are unable to add the item because your shopping cart is already at capacity.

Add to Cart failed.

Please try again later

Add to Wish List failed.

Please try again later

Remove from wishlist failed.

Please try again later

Adding to library failed

Please try again

Follow podcast failed

Please try again

Unfollow podcast failed

Please try again

Listen for free
Network Security News Summary for Friday August 09th, 2024

Aug 8 2024

0.0.0.0 Requests; Apple Gatekeeper Changes; Windows Downgrade 0.0.0.0 Day Exploiting Localhost APIs from the Browser https://www.oligo.security/blog/0-0-0-0-day-exploiting-localhost-apis-from-the-browser Apple Hardens Gatekeeper https://developer.apple.com/news/?id=saqachfa Downgrade Attacks Using Windows Updates https://www.safebreach.com/blog/downgrade-attacks-using-windows-updates/ keywords: windows; updates; apple; gatekeeper; APIs; 0.0.0.0; loopback
Show more Show less

6 mins

Failed to add items

Sorry, we are unable to add the item because your shopping cart is already at capacity.

Add to Cart failed.

Please try again later

Add to Wish List failed.

Please try again later

Remove from wishlist failed.

Please try again later

Adding to library failed

Please try again

Follow podcast failed

Please try again

Unfollow podcast failed

Please try again

Listen for free

Get Started

Popular Lists

Explore Audible

Episodes

Network Security News Summary for Monday August 19th, 2024

Failed to add items

Add to Cart failed.

Add to Wish List failed.

Remove from wishlist failed.

Adding to library failed

Follow podcast failed

Unfollow podcast failed

Network Security News Summary for Friday August 16th, 2024

Failed to add items

Add to Cart failed.

Add to Wish List failed.

Remove from wishlist failed.

Adding to library failed

Follow podcast failed

Unfollow podcast failed

Network Security News Summary for Thursday August 15th, 2024

Failed to add items

Add to Cart failed.

Add to Wish List failed.

Remove from wishlist failed.

Adding to library failed

Follow podcast failed

Unfollow podcast failed

Network Security News Summary for Wednesday August 14th, 2024

Failed to add items

Add to Cart failed.

Add to Wish List failed.

Remove from wishlist failed.

Adding to library failed

Follow podcast failed

Unfollow podcast failed

Network Security News Summary for Tuesday August 13th, 2024

Failed to add items

Add to Cart failed.

Add to Wish List failed.

Remove from wishlist failed.

Adding to library failed

Follow podcast failed

Unfollow podcast failed

Network Security News Summary for Monday August 12th, 2024

Failed to add items

Add to Cart failed.

Add to Wish List failed.

Remove from wishlist failed.

Adding to library failed

Follow podcast failed

Unfollow podcast failed

Network Security News Summary for Friday August 09th, 2024

Failed to add items

Add to Cart failed.

Add to Wish List failed.

Remove from wishlist failed.

Adding to library failed

Follow podcast failed

Unfollow podcast failed

Network Security News Summary for Friday August 09th, 2024

Failed to add items

Add to Cart failed.

Add to Wish List failed.

Remove from wishlist failed.

Adding to library failed

Follow podcast failed

Unfollow podcast failed