SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich


A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at .

Available on


1812 episodes

ISC StormCast for Friday, September 15th, 2023

DShield and eqmu Sitting in a Tree: L-O-G-G-I-N-G Uncursing the ncurses memory corruption vulnerabilities Arbitrary code execution via Windows Themes (CVE-2023-38146) 3AM Ransomware used if LockBit Fails

Sep 15
ISC StormCast for Thursday, September 14th, 2023

Backdoored Free DownloadManager Foxit PDF Reader Updates macOS MetaStealer: New Family of Obfuscated Go Infostealers Windows 11 to Support Blocking SMB NTLM Hashes

Sep 14
ISC StormCast for Wednesday, September 13th, 2023

Microsoft Patch Tuesday OpenSSL 1.1.1 End of Life Adobe Updates

Sep 13
ISC StormCast for Tuesday, September 12th, 2023

Apple Patches Older Operating Systems Wi-Fi Enabled Practical Keystroke Eavesdropping Phishing via Google Looker Studio HPE One View Authentication Bypass

Sep 12
ISC StormCast for Monday, September 11th, 2023

Augmenting Honeypot Logs!%3F%3A%20Creating%20a%20PowerShell%20Function%20to%20Make%203rd%20Party%20API%20Calls%20for%20Extending%20Honeypot%20Information%20%5BGuest%20Diary%5D/30204 More details about Apple 0-day Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Access VPN Unauthorized Access Vulnerability Odd Password Solution

Sep 11
ISC StormCast for Friday, September 8th, 2023

Apple Patches 0-Days iOS Fleezeware/Scareware Aruba Vulnerabilities TP Link Vulnerabilities

Sep 08
ISC StormCast for Thursday, September 7th, 2023

Security Related DNS Records Microsoft Reveleas Details about Key Loss September Android Updates Google Chrome Update Atlas VPN Tunnel Termination Vulnerability

Sep 07
ISC StormCast for Wednesday, September 6th, 2023

Common Usernames Submitted to Honeypots TPM LUKS Bypass Cross Tenant Impersonation Prevention and Detection

Sep 06
ISC StormCast for Tuesday, September 5th, 2023

What is the Origin of Passwords Submitted to Honeypots Creating a YARA Rule to Detect Obfuscated Strings VMware Aria Operations for Networks Hardcoded Keys 2023-34039 Windows will Disable TLS 1.0/1.1

Sep 05
ISC StormCast for Friday, September 1st, 2023

The low, low cost of (committing) cybercrime Unpinnable Github Actions Exploitation of Cisco ASA SSL VPNs Splunk Vulnerabilities Top Level Domain Issues

Sep 01
ISC StormCast for Thursday, August 31st, 2023

Home Office/Small Business Hurricane Prep Notepad++ Vulnerabilities 7-Zip Vulnerability BGP Error Handling Issues

Aug 31
ISC StormCast for Wednesday, August 30th, 2023

Survival Time for Web Sites PDF/ActiveMime Polyglot Maldocs RocketMQ Vulnerability Exploited ManageEngine Vulnerabilty

Aug 30
ISC StormCast for Tuesday, August 29th, 2023

Analysis of RAR Exploit Files (CVE-2023-38831) Juniper Exploit CVE-2023-36844 , CVE-2023-36845 , CVE-2023-36846 , CVE-2023-36847 Microsoft Will Enabled Extended Protection for Exchange Server by Default Rust Malware Stages on SANS Community Night London Signup

Aug 29
ISC StormCast for Monday, August 28th, 2023

Python Malware Using Postgresql for C2 Communications macOS: Who is Behind This Network Connection? CVE-2020-19909 Is Everything that is Wrong with CVEs Windows Certificate Confusion NPM E-Mail Validator Package Malware

Aug 28
ISC StormCast for Friday, August 25th, 2023

How I made a "QWERTY" Keyboard Walk Password Generator with ChatGPT FBI Warns of Persistent Barracuda Backdoors Ivanti Sentry Athentication Bypass Deep Diver CVE-2023-38035 Smoke Loader Drops Whiffy Recon WiFi Scanning and Geolocation Malware

Aug 25
ISC StormCast for Thursday, August 24th, 2023

More Exotic Excel Files Dropping AgentTesla CVE-2023-38831 WinRAR Vulnerability Exploited Aruba Vulnerabilities

Aug 24
ISC StormCast for Wednesday, August 23rd, 2023

Fernet Encryption in Malware Malware Triage With Inotify Tools Adobe Coldfusion Exploited Openfire Admin Console Vulnerability Exploited XLoader Mac Malware Updates

Aug 23
ISC StormCast for Tuesday, August 22nd, 2023

SystemBC Scans and ProxyNation Exchange Server Security Update Re-Release Ivanti Sentry Vulnerability Exploited DUO Security Outage mTLS Vulnerabilities

Aug 22
ISC StormCast for Monday, August 21st, 2023

From a Zalando Phish to a RAT RARLAB WinRAR Recovery Volume Vulnerability Hotmail SPF Record Error Leads to spam false positives Chinese Entanglement | DLL Hijacking in the Asian Gambling Sector Google Chrome to Warn Users of Malicious Extensions

Aug 21
ISC StormCast for Friday, August 18th, 2023

Command Line Parsing - Are These Really Unique Strings? iOS 16 Fake Airplane Mode LinkedIn Attacks Robot Vacuum Privacy Issues

Aug 18
ISC StormCast for Thursday, August 17th, 2023

PowerShell Gallery Prone to Typosqatting, Other Sypply Chain Attacks Windows Random Time Issues Energy Company Targeted in QR Code Campaign New Citrix Scanner from Mandiant

Aug 17
ISC StormCast for Wednesday, August 16th, 2023

macOS Background Task Manager Bypass Ivanti Avalanche Vulnerability Exploiting Synology NAS Cloud Connectivity Fake Crypto Currency Apps Offered as "Beta" versions

Aug 16
ISC StormCast for Tuesday, August 15th, 2023

PDFiD False Positives Revisited CVE-2023-32019 Fix Enabled by Default; CyberPower and Dataprobe Vulnerabilities Ford WiFi Driver Vulnerability

Aug 15
ISC StormCast for Monday, August 14th, 2023

Show Me All Your Windows!/30116 Zero Touch Pwn Maginot DNS Spoofing Attack

Aug 14
ISC StormCast for Friday, August 11th, 2023

Some things never change, such as SQL Authentication "Encryption" Defender Pretender: When Windows Defender Updates Become a Security Risk Dell Compellent Hardcoded Key Vulnerabilities in Sogou Keyboard

Aug 11
ISC StormCast for Thursday, August 10th, 2023

Tunnelcrack VPN Vulnerability Mozilla VPN Vulnerablity Non English Exchange Server Patch Issues VSCode Token Security Weekly Updates for Google Chrome

Aug 10
ISC StormCast for Wednesday, August 9th, 2023

Microsoft Patch Tuesday Adobe Updates

Aug 09
ISC StormCast for Tuesday, August 8th, 2023

Update: Researchers Scanning the Internet Malicious OpenBullet Configuration Files Abusing Cloudflare Tunnels

Aug 08
ISC StormCast for Monday, August 7th, 2023

Are Leaked Credential Dumps Used by Attackers? New PaperCut RCE Vulnerability Microsoft mitigates Power Platform Custom Code information disclosure vulnerability Microsoft Publishes Token theft Playbook

Aug 07
ISC StormCast for Friday, August 4th, 2023

From small LNK to large malicious BAT file with zero VT score Social Engineering via Microsoft Teams Automating the Search for LOLBAS Sneaky Versioning Used to Bypass Scanners Aruba Patches Mitel Patches

Aug 04