SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich


A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at .

Available on


1546 episodes

ISC StormCast for Friday, August 12th, 2022

InfoStealer Script Based on Curl and NSudo Cisco Breach Details Ivanti Pulse Connect Secure Privilege Escalation Vulnerability Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software RSA Private Key Leak Vulnerablity

Aug 12
ISC StormCast for Thursday, August 11th, 2022

And Here They Come Again: DNS Reflection Attacks Rapid 7 Defaultinator Zimbra Mass Compromise VMWare vRealize Vulnerability Microsoft Vulnerability and IPS/Snort

Aug 11
ISC StormCast for Wednesday, August 10th, 2022

Microsoft August 2022 Patch Tuesday AEPIC Leak Adobe security bulletins

Aug 10
ISC StormCast for Tuesday, August 9th, 2022

JSON All the Logs! Microsoft Edge Enhanced Security Malicious Python Packages New Orchard Botnet

Aug 09
ISC StormCast for Monday, August 8th, 2022

Exim Vulnerability Silently Patched DuckDuckGo Stopping Microsoft Tracking Code Emergency Broadcast Messaging System Vulnerabilities Slack Leaks Hashed Passwords Zimbra Flaw Exploited

Aug 08
ISC StormCast for Friday, August 5th, 2022

TLP 2.0 is Here Hijacking email with Cloudflare Email Routing rsync arbitrary file write vulnerablity Local privilege escalation in Kaspersky VPN

Aug 05
ISC StormCast for Thursday, August 4th, 2022

l9explore and LeakIX Internet Wide Recon Scans Arris / Arris Variant DSL/Fiber Router Critical Vulnerability 35,000 Malicious Repo Forks Flood GitHub Palo Alto Master Key Laravel Unserialize RCE Unuathenticated Remote Code Execution in DrayTek Vigor Routers

Aug 04
ISC StormCast for Wednesday, August 3rd, 2022

Increase in Chinese "Hacktivism" Attacks Zoho Password Manager Exploit VMWare Updates Manjusaka: A Chinese sibling of Sliver and Cobalt Strike

Aug 03
ISC StormCast for Tuesday, August 2nd, 2022

A Little DDoS in the Morning Exposed Twitter API Keys TCL LinkHub Serialization Issues Jenkins Plugin Updates

Aug 02
ISC StormCast for Monday, August 1st, 2022

PDF Analysis Introduction and OpenActions Entries IPFS The New Hotbed of Phishing Mail Stealing Browser Extension Lofylife Malicious NPM Packages IP Camera Vulnerability Nuki Smart Lock Vulnerabilities Foxit PDF Reader

Aug 01
ISC StormCast for Friday, July 29th, 2022

Exfiltrating Data with Bookmarks Critical Samba Bug Could Let Anyone Become Domain Admin Apple IP Address Range Hijacked by Rostelecom Veritas Patches IBM Patches

Jul 29
ISC StormCast for Thursday, July 28th, 2022

IcedID (BokBot) with Dark VNC and Cobalt Strike Web Assembly Crypto Miners Subzero and Knotweed

Jul 28
ISC StormCast for Wednesday, July 27th, 2022

How is Your macOS Security Posture Registry file with Executable Payload Targeted Phishing of Facebook Business Users Forwarding Address is Hard

Jul 27
ISC StormCast for Tuesday, July 26th, 2022

PowerShell Script with Fileless Capability With Management Comes Risk: Finding Flaws in Filewave MDM CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit

Jul 26
ISC StormCast for Monday, July 25th, 2022

An Analysis of a Discerning Phishing Website Sonicwall Vulnerability Sh*load Exploids Episdoe V: Return of the Error

Jul 25
ISC StormCast for Friday, July 22nd, 2022

Maldoc with non-ASCII VBA Identifiers Cisco Security Updates Outlook 365 Odd Supicious Login Attempt Warnings Windows RDP Brute Force Protection Microsoft resuming blocking macros

Jul 22
ISC StormCast for Thursday, July 21st, 2022

Malicious Python Script Behaving Like a Rubber Ducky Apple Patches Everything Confluence Atlasian Hard Coded Password Zyxel Vulnerablity DNS over HTTP/3

Jul 21
ISC StormCast for Wednesday, July 20th, 2022

Beacon Request Oracle July 2022 CPU CloudMensis MacOS Spyware GPS Tracker Vulnerabilities

Jul 20
ISC StormCast for Tuesday, July 19th, 2022

Adding Your Own Keywords to My PDF Tools Tor Improvements Trojan Horse Malware Password Cracker CVE-2022-33891 Apache Spark Shell Command Injection Vulnerability Juniper Junos Vulnerabilities[Security%20Advisories]

Jul 19
ISC StormCast for Monday, July 18th, 2022

Python: Files in Use By Another Process Google Removing App Permissions List for Data Safety Google Play Malware Faking Github Metadata

Jul 18
ISC StormCast for Friday, July 15th, 2022

Debugging Broadcast Storms Targeted Deanonymization via Side Channel Attacks Cookie Theft to BEC VMWare Patch

Jul 15
ISC StormCast for Thursday, July 14th, 2022

Using Referrers to Detect Phishing Attacks Callback Phishing Campaigns Impersonating Security Companies Retbleed Spectre Attack Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 Buffer Overflow Vulnerabilities in UEFI firmware of several Lenovo Notebook

Jul 14
ISC StormCast for Wednesday, July 13th, 2022

Microsoft Patch Tuesday Adobe Updates SAP Patches IBM Patches

Jul 13
ISC StormCast for Tuesday, July 12th, 2022

Rogers Outage Rolling Pwn GitHub Runners mine Cryptocoins SANSFIRE Keynote Stream

Jul 12
ISC StormCast for Monday, July 11th, 2022

SANSFIRE Keynote Stream Extracting URLs from Emotet with Cyberchef Microsoft rolling Back Macro Policy Change Checkmate Ransomware Affected Poorly Configured QNAP NAS PyPi Requires 2FA for critical packages

Jul 11
ISC StormCast for Thursday, July 7th, 2022

How Many SANs are Insane Fortinet July Updates Phishing Attacks Getting Trickier Quantum Safe Ciphers Apple Proposes Lockdown Mode

Jul 07
ISC StormCast for Wednesday, July 6th, 2022

EternalBlue 5 Years After WannaCry and NotPetya OpenSSL Patches Two Vulnerabilities Iconburst NPM Software Supply Chain Attack

Jul 06
ISC StormCast for Tuesday, July 5th, 2022

7Zip Mark of the Web For Office Files SessionManager Backdoor Seen with IIS Googe Chrome Stable Channel Update

Jul 05
ISC StormCast for Friday, July 1st, 2022

Case Study: Cobalt Strike Server Lives on After its Domain is Suspended CVE-2022-28219: Unauthenticated XXE to RCE and Domain Compromise in ManageEngine ADAudit Plus CWE Top 25 Update

Jul 01
ISC StormCast for Thursday, June 30th, 2022

Its New Phone Day: Time to Migrate Your MFA Managing Human Risk Security Awareness Report Microsoft Azure Service Fabric Container Elevation of Privilege Vulnerability Zimbra RCE Vulnerability FBI Warns of Deep Fakes Beeing Used in Job Interviews

Jun 30