Shows
Génération ISCISC Paris Stratégie 2025-2030 - Jean-Christophe Hauguel - Directeur Général Groupe ISCDans cet épisode de Génération ISC, nous accueillons exceptionnellement Jean‑Christophe Hauguel, Directeur Général de l’ISC Paris depuis 2019. Il revient sur les défis relevés et expose la feuille de route de la stratégie « Réinventer » 2025‑2030 : triple couronne d’accréditations, passage à 3 000 étudiants, budget de 35 M€, 4 campus (dont un digital) et un modèle indépendant. Il évoque aussi l’impact de l’IA, la modularisation des compétences, l’engagement alumni et l’esprit « action learning ». Au programme : transparence, vision, et invitation à participer.🎙️ Génération ISC, le podcast des alumni de l’ISC Par...
2025-11-181h 07
Génération ISCL’art de changer de vie (et de métier) sans se perdre - Jérôme Girardeau - ISC 2002De la Défense à Saint-Tropez, de l’audit chez Mazars à l’événementiel, du coaching à la pépinière haut de gamme, Jérôme Girardot (promo 2002) a vécu mille vies. Dans cet épisode sincère et captivant, il raconte ses virages professionnels, ses rencontres décisives, ses échecs assumés et son ikigai retrouvé. Une conversation dense, drôle, humaine — et une ode à la liberté de choisir son chemin. À écouter si vous aimez les parcours non linéaires et les leçons de vie sans langue de bois.🎙️ Géné...
2025-11-1042 min
Génération ISCDu marketing Automobile à l’IA : Astride Darmon-Rouzin - ISC 2001Astrid Darmon-Rouzin (ISC Paris 2001) a lancé des modèles chez Renault, bousculé Mercedes, découvert la blockchain… avant de devenir une experte reconnue de l’IA. Aujourd’hui, elle forme les COMEX et les PME. Dans cet épisode, elle démystifie l’IA et partage son virage audacieux. Inspirant et concret.🎙️ Génération ISC, le podcast des alumni de l’ISC Paris.Chaque semaine, des parcours inspirants, des chemin de carrière et des histoires qui donnent envie d’oser.📲 Abonnez-vous pour ne rien manquer et partagez l’épisode autour de vous — le réseau, c’est vous qui...
2025-11-041h 03
Génération ISCData, IA et communautés : les piliers du business selon Pierre Morgat - ISC 1988Prof, auteur, entrepreneur, alumni engagé… Pierre Morgat coche toutes les cases. Dans cet épisode dense et passionnant, il partage sa vision de la transformation digitale, de l’IA, de la relation client, et du rôle central des communautés. Avec un ton à la fois pédagogique et sans langue de bois, il nous livre un concentré d’expérience, de méthode et de convictions. À écouter absolument si vous vous intéressez au marketing, à la tech ou à l’avenir des organisations.🎙️ Génération ISC, le podcast des alumni de l’ISC Paris.Chaque semaine, des parcours...
2025-10-281h 00
Génération ISC20 ans de Tac-Tic : les coulisses d'une aventure entrepreneuriale - Florian Gibault - ISC 2006Dans cet épisode, Florian Gibault (ISC 2006) revient sur son parcours d'entrepreneur audacieux. Fondateur de Tac-Tic Média, il a transformé les moments d'attente — ascenseurs, pauses café, dîners en famille — en opportunités de communication puissantes. De l’affichage dans les hôtels à l’invention de l’Affi'bike©, un vélo publicitaire RSE-friendly, Florian partage avec franchise les hauts, les bas, et les pirouettes stratégiques de sa trajectoire. Un épisode inspirant, concret, et sans langue de bois, pour tous ceux qui rêvent de se lancer (ou de se relancer)....
2025-10-2146 min
Génération ISCDe l’hologramme à la copropriété - Bertrand Rivière - ISC 2006Bertrand Rivière, promo 2006, nous emmène dans un parcours hors-norme entre Paris et Montréal. De l’événementiel traditionnel à l’holographie de rue, de l’art contemporain à l’animation japonaise, il a tout fait – même projeter un lion dans les arènes du Louvre ! Aujourd’hui installé à Montréal, il organise plus de 50 événements par an pour une organisation au cœur des enjeux de copropriété au Québec. Dans cet épisode, il partage ses hauts, ses galères, ses pivots, et cette passion ina...
2025-10-1454 min
Génération ISCItinéraire d'un boulanger hors normes - Philippe Torloting - ISC 2006Diplômé de l'ISC en 2006, Philippe Torloting a eu une carrière brillante dans le marketing digital chez Publicis et Havas. Mais un jour, il a tout quitté. Pour quoi ? Pour le pain. Littéralement. Dans cet épisode, il nous raconte son virage radical : de directeur général monde à boulanger bio dans l'Oise. Une reconversion audacieuse, nourrie par une passion d'enfance, un savoir-faire familial, et une envie de sens. Entre levain, feu de bois et réseaux sociaux, Philippe bouscule les codes du fournil avec l'esprit start-up...
2025-10-0854 min
Génération ISCL'art de créer des maisons d'édition - Moïse Kissous - ISC 1993Moïse Kissous (ISC 1993) dirige Steinkis Group, acteur majeur de la BD française. Son parcours entrepreneurial défie les conventions : premier échec en édition, rebond fulgurant, spécialisation dans les licences, puis pivot vers la création. Dans cet épisode, Moïse nous partage sa stratégie d'alliances, ses échecs formateurs, et sa vision d'un marché en pleine mutation. Un témoignage brut sur l'entrepreneuriat.🎙️ Génération ISC, le podcast des alumni de l’ISC Paris.Chaque semaine, des parcours inspirants, des chemin de carrière et des histoires qui donnent envie d’oser.📲 Abon...
2025-09-301h 09
Génération ISCOser l’expatriation et tracer son chemin – Hajar Ouali, ISC 2021Hajar Ouali (promo 2021) partage son parcours depuis son départ pour le Canada jusqu’à son rôle actuel chez Potloc à Montréal. Elle revient sur ses expériences en Corée et en Amérique du Nord, l’importance de saisir les opportunités, de demander sans crainte et de toujours documenter ses réussites. Elle parle aussi des réalités de l’expatriation, de la vie à Montréal et de son engagement auprès des jeunes issus de quartiers populaires. Un échange riche et inspirant sur l’audace, la persévérance et la capacité à ouvrir des portes pour soi et pour les...
2025-09-231h 01
Génération ISCMarketing et Banque : les défis de Jérémie Berthon chez AXA - ISC 2014Jérémie Berthon, Directeur Marketing d'AXA Banque, partage son parcours impressionnant : de New York à la stratégie d’AXA, jusqu’au Comex de la filiale bancaire. Un épisode inspirant sur la curiosité, l’innovation, et la force du réseau ISC Paris.🎙️ Génération ISC, le podcast des alumni de l’ISC Paris.Chaque semaine, des parcours inspirants, des chemin de carrière et des histoires qui donnent envie d’oser.📲 Abonnez-vous pour ne rien manquer et partagez l’épisode autour de vous — le réseau, c’est vous qui le faites vivre !Hébergé...
2025-09-1640 min
Génération ISCManager audit FSI : méthodes, responsabilités, résultats — Albéric Demarquet - ISC 2019Ancien de la JE de l’ISC Paris, Albéric Demarquet (promo 2019) raconte son passage du campus aux missions d’audit FSI chez Deloitte.Parcours, formation continue et leadership : HEC Executive Education pendant un mois, MOOCs internationaux, curiosité comme moteur. On décortique son quotidien de manager et la chaîne de valeur côté fonds : private equity, venture, biotech, restructuring, immobilier et infrastructures. Albéric détaille aussi le Board Talent et la façon dont les sujets RH évoluent : télétravail, parité, parentalité, évaluation, baisse du turnover et montée...
2025-09-0944 min
Génération ISCComment capter l’attention dans un monde saturé – Virginie Leprat - Promo 1995Dans cet épisode de Génération ISC, nous recevons Virginie Leprat (promo 95), cofondatrice de ViewPay, la solution publicitaire qui réconcilie internautes, médias et annonceurs.Avec son mari Marc, Virginie a relevé le pari audacieux d’entreprendre en couple, de lever des fonds auprès de business angels et de convaincre des géants comme Société Générale et les grands médias de presse.Elle revient sur :son premier parcours entrepreneurial avec l’agence Principe Actif,la genèse et l’évolution de...
2025-09-0243 min
Génération ISCLa vie en haute intensité - Jean-Noël Gressot - Promo 2019Jean-Noël Gressot n’a pas suivi un parcours classique. D’abord tenté par la médecine, il bifurque vers la comptabilité, gravit les échelons en alternance, puis intègre l’ISC Paris pour donner une nouvelle dimension à son profil financier. Aujourd’hui manager senior chez RSM France, il pilote des missions de transformation financière, de migration d’ERP, et de conseil stratégique auprès de directions générales et financières. Passionné par son métier, Jean-Noël se définit comme un « conseiller de dirigeants », capable de gérer les crises comme les transitions complexes, tout en gardant un...
2025-07-0856 min
Génération ISCCe que ChatGPT ne vous dira jamais sur le futur - Philippe Cahen - Promo 1974Quel est le point commun entre la géothermie ultra-profonde, les signaux faibles, Halloween, et la curiosité intellectuelle ? Philippe Cahen, promo 74 de l’ISC Paris. Prospectiviste, conférencier, auteur et éternel curieux, il nous embarque dans une réflexion sans filtre sur notre avenir incertain. Dans cet épisode, il nous partage sa méthode (non prédictive mais stimulante), ses sources d’inspiration, et des conseils pour muscler notre cerveau face à un monde en rupture. Un voyage captivant entre passé, présent et possibles.🎙️ Génération ISC, le podcast des alumni de l’ISC Paris.Chaque sem...
2025-07-041h 00
Génération ISCEpisode 0 - L’Étincelle ISC - Edouard Level - Promo 2000Pour ce premier épisode, Génération ISC frappe fort en recevant Edouard Level, président de l'association des alumni ISC Paris. Entre souvenirs de promos, coups d’audace entrepreneuriaux et anecdotes , Edouard partage sa conviction profonde : dans la vie pro, comme perso, le réseau est votre meilleur allié.Pourquoi il s'est engagé à la tête des alumni ? Quels projets fous pour connecter les générations ISC ? Quelles leçons retenir d’une carrière riche d'expériences ? Et surtout : comment l’ISC a marqué son parcours à vie ?Un épi...
2025-05-1643 min
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)SANS ISC Stormcast, Jan 13, 2025: Defender Updates, Ivanti RCE, Apple USB-C Hack and moreIn today's episode, we cover the latest updates in cybersecurity:
Windows Defender Enhances Chrome Extension Detection
Microsoft's Defender now catalogs Chrome extensions to identify malicious ones. Learn how this improves enterprise security.
https://isc.sans.edu/diary/Windows%20Defender%20Chrome%20Extension%20Detection/31574
Multi-OLE Analysis in Malicious Documents
A look at how attackers embed OLE files in Office documents to evade detection and the tools to combat it.
https://isc.sans.edu/diary/Multi-OLE/31580
Ivanti Connect Secure RCE Vulnerability (CVE-2025-0282)
Details of a critical vulnerability affecting Ivanti products and the patching timelines.
2025-01-1306 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, January 6th, 2025In this episode of the SANS Internet Storm Center's Stormcast, we cover the latest cybersecurity threats and defenses, including Python-delivered malware, goodware hash sets, SSL/TLS protocol updates, and critical vulnerabilities in ASUS routers and Paessler PRTG. Stay informed and secure your systems!
Full details and links to all stories:
SwaetRAT via Python: https://isc.sans.edu/diary/SwaetRAT%20Delivery%20Through%20Python/31554
Goodware Hash Sets: https://isc.sans.edu/diary/Goodware%20Hash%20Sets/31556
SSL/TLS Updates: https://isc.sans.edu/diary/Changes%20in%20SSL%20and%20TLS%20support%20in%202024/31550
Cyberhaven Extension Compromise: https://secureannex.com/blog...
2025-01-0608 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Thursday, December 12th, 2024Vulnerability Symbiosis: vSphere's CVE-2024-38812 and CVE-2024-38813
https://isc.sans.edu/diary/Vulnerability%20Symbiosis%3A%20vSphere%3Fs%20CVE-2024-38812%20and%20CVE-2024-38813%20%5BGuest%20Diary%5D/31510
Apple Updates Everything (iOS, iPadOS, macOS, watchOS, tvOS, visionOS)
https://isc.sans.edu/diary/Apple+Updates+Everything+iOS+iPadOS+macOS+watchOS+tvOS+visionOS/31514/
Widespread exploitation of Cleo file transfer software (CVE-2024-50623)
https://www.huntress.com/blog/threat-advisory-oh-no-cleo-cleo-software-actively-being-exploited-in-the-wild
https://labs.watchtowr.com/cleo-cve-2024-50623/
2024-12-1205 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, December 2nd, 2024AWS DShield Sensor + DShield SIEM
https://isc.sans.edu/diary/SANS%20ISC%20Internship%20Setup%3A%20AWS%20DShield%20Sensor%20%2B%20DShield%20SIEM%20%5BGuest%20Diary%5D/31480
From a Regular Infostealer to its Obfuscated Version
https://isc.sans.edu/diary/From%20a%20Regular%20Infostealer%20to%20its%20Obfuscated%20Version/31484
Credit Card Skimmer Malware Targeting Magento Checkout Pages
https://blog.sucuri.net/2024/11/credit-card-skimmer-malware-targeting-magento-checkout-pages.html
LogoFAIL Exploited to Deploy Bootkitty, the first UEFI bootkit for Linux
https://www.binarly.io/blog/logofail-exploited-to-deploy-bootkitty-the-first-uefi-bootkit-for-linux
Stickers:
https://isc.sans.edu/stickers.html (code PODCAST)
2024-12-0205 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Tuesday, November 26th, 2024Quick & Dirty Obfuscated JavaScript Analysis
https://isc.sans.edu/diary/Quick%20%26%20Dirty%20Obfuscated%20JavaScript%20Analysis/31468
Decrypting a PDF With a User Password
https://isc.sans.edu/diary/Decrypting%20a%20PDF%20With%20a%20User%20Password/31466
The strange case of disappearing Russian servers
https://isc.sans.edu/diary/The%20strange%20case%20of%20disappearing%20Russian%20servers/31476
QNAP Buggy Firmware Update
https://community.qnap.com/t/firmware-qts-5-2-2-2950-build-20241114-released/254
7-ZIP Zstandard Decompression Integer Underflow
https://www.zerodayinitiative.com/advisories/ZDI-24-1532/
https://7-zip.org/download.html
2024-11-2604 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, November 4th, 2024October Activity with Username chenzilong
https://isc.sans.edu/diary/October%202024%20Activity%20with%20Username%20chenzilong/31400
qpdf Extracting PDF Streams
https://isc.sans.edu/diary/qpdf%3A%20Extracting%20PDF%20Streams/31406
Okta bcrypt issue
https://trust.okta.com/security-advisories/okta-ad-ldap-delegated-authentication-username/
https://medium.com/@rajat29gupta/how-bcrypts-limitations-contributed-to-okta-s-vulnerability-a-lesson-for-developers-39425c644ed5
Synology Vulnerabilities
https://www.synology.com/de-de/security/advisory/Synology_SA_24_19
https://www.synology.com/de-de/security/advisory/Synology_SA_24_18
Lastpass Fake Reviews
https://blog.lastpass.com/posts/fake-web-store-reviews-attempting-to-steal-customer-data
2024-11-0405 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Tuesday, October 29th, 2024Apple Update Everything
https://isc.sans.edu/diary/Apple%20Updates%20Everything/31390
Selfcontained HTML Phishing Attachment Using Telegram to Exfiltrate Credentials
https://isc.sans.edu/diary/Selfcontained+HTML+phishing+attachment+using+Telegram+to+exfiltrate+stolen+credentials/31388/
ChatGPT-4o Guardrail Jailbreak: Hex Encoding for Writing CVE Exploits
https://0din.ai/blog/chatgpt-4o-guardrail-jailbreak-hex-encoding-for-writing-cve-exploits
2024-10-2905 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, September 30th, 2024CUPS Vulnerability
https://isc.sans.edu/diary/Patch%20for%20Critical%20CUPS%20vulnerability%3A%20Don%27t%20Panic/31302
PHP Updates
https://www.php.net/ChangeLog-8.php#8.1.30
DNS And Big Chinese Firewall
https://www.assetnote.io/resources/research/insecurity-through-censorship-vulnerabilities-caused-by-the-great-firewall
https://isc.sans.edu/diary/Are+You+Piratebay+thepiratebayorg+Resolving+to+Various+Hosts/19175
HPE Aruba Networking Vulnerabilities
https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04712en_us&docLocale=en_US
2024-09-3007 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, September 9th, 2024Password Cracking Energy: More Details
https://isc.sans.edu/diary/Password%20Cracking%20%26%20Energy%3A%20More%20Dedails/31242
Python Notpad ++
https://isc.sans.edu/diary/Python%20%26%20Notepad%2B%2B/31240
Fake LinkedIn Job Ads
https://cloud.google.com/blog/topics/threat-intelligence/examining-web3-heists/
Android Crypto Passphrase Stealer with OCR
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/new-android-spyagent-campaign-steals-crypto-credentials-via-image-recognition/
Sextortion Scam Now use Your Chating Spouses Name as a Lure
https://www.bleepingcomputer.com/news/security/sextortion-scam-now-use-your-cheating-spouses-name-as-a-lure/
2024-09-0906 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, August 5th, 2024Current Secure Boot Certifiate Authority Expires in 2026
https://isc.sans.edu/diary/Even+Linux+users+should+take+a+look+at+this+Microsoft+KB+article/31140
OOXML Spreadsheets Protected by Verifier Hashes
https://isc.sans.edu/diary/OOXML%20Spreadsheets%20Protected%20By%20Verifier%20Hashes/31072
StormBamboo Compromises ISP to Abuse Insecure Software Update Mechanisms
https://www.volexity.com/blog/2024/08/02/stormbamboo-compromises-isp-to-abuse-insecure-software-update-mechanisms/
DARPA TRACTOR Program for Translating C to Rust
https://www.darpa.mil/news-events/2024-07-31a
2024-08-0506 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, July 29th, 2024ExelaStealer Delivered "From Russia With Love"
https://isc.sans.edu/diary/31118
Create Your Own BSOD: NotMyFault
https://isc.sans.edu/diary/Create%20Your%20Own%20BSOD%3A%20NotMyFault/31120
PKFail Vulnerability
https://pk.fail/
CrowdStrike Recovery
https://arstechnica.com/information-technology/2024/07/97-of-crowdstrike-systems-are-back-online-microsoft-suggests-windows-changes/
2024-07-2906 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, July 15th, 202416-Bit Hash Collisions in XLS Spreadsheets
https://isc.sans.edu/diary/16-bit%20Hash%20Collisions%20in%20.xls%20Spreadsheets/31066
Attacks against the "Nette" PHP framework CVE-2020-15227
https://isc.sans.edu/forums/diary/Attacks+against+the+Nette+PHP+framework+CVE202015227/31076/
Squarespace Hijacked Domains
https://github.com/security-alliance/advisories/blob/main/2024-07-squarespace.pdf
2024-07-1506 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, July 8th, 2024OpenSSH RegreSSHion Vulnerability
https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt
https://isc.sans.edu/diary/SSH%20%22regreSSHion%22%20Remote%20Code%20Execution%20Vulnerability%20in%20OpenSSH./31046
Overlooked Domain Name Resliency Issues: Registrar Communications
https://isc.sans.edu/diary/Overlooked%20Domain%20Name%20Resiliency%20Issues%3A%20Registrar%20Communications/31048
Cloudflare 1.1.1.1 incident on Juine 27th 2024
https://blog.cloudflare.com/cloudflare-1111-incident-on-june-27-2024
2024-07-0809 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Friday, June 21st, 2024No Excuses: Free Tools to Help Secure Authentication in Ubuntu
https://isc.sans.edu/diary/No%20Excuses%2C%20Free%20Tools%20to%20Help%20Secure%20Authentication%20in%20Ubuntu%20Linux%20%5BGuest%20Diary%5D/31024
Handling BOM MIME Files
https://isc.sans.edu/diary/Handling+BOM+MIME+Files/31022
Atlasiun Confluence Data Center and Server Vuln
https://confluence.atlassian.com/security/security-bulletin-june-18-2024-1409286211.html
Beyond the @ Symbol: Exploiting the Flexibility of Email Addresses For Offensive Purposes
https://modzero.com/en/blog/beyond_the_at_symbol/
VMWare Patches
https://support.broadcom.com/web/ecx/support-content-notification/-/external...
2024-06-2105 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Tuesday, May 28th, 2024Files with TGZ Extension used as malspam attachements
https://isc.sans.edu/diary/Files%20with%20TXZ%20extension%20used%20as%20malspam%20attachments/30958
Google 0-Day
https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_23.html
Google Stops Trusting Globaltrust CA
https://groups.google.com/a/ccadb.org/g/public/c/wRs-zec8w7k/m/G_9QprJ2AQAJ
Checkpoint warns of password bruteforcing
https://blog.checkpoint.com/security/enhance-your-vpn-security-posture?campaign=checkpoint&eid=guvrs&advisory=1
SEC522: Defending Web Applications
isc.sans.edu/j/sec522
2024-05-2806 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Friday, May 24th, 2024Analysis of 'redtail' file uploads to ISC Honeypot
https://isc.sans.edu/diary/Analysis%20of%20%3Fredtail%3F%20File%20Uploads%20to%20ICS%20Honeypot%2C%20a%20Multi-Architecture%20Coin%20Miner%20%5BGuest%20Diary%5D/30950
Veeam Vulnerablity
https://www.veeam.com/kb4581
C-Root Server Lost Touch With Peers
https://arstechnica.com/security/2024/05/dns-glitch-that-threatened-internet-stability-fixed-cause-remains-unclear/
Ivanti Vulnerabilities
https://forums.ivanti.com/s/article/Avalanche-6-4-3-602-additional-security-hardening-and-CVE-fixed?language=en_US
Justice AV Solutions Software Backdoor
https://www.rapid7.com/blog/post/2024/05/23/cve-2024-4978-backdoored-justice-av-solutions-viewer-software-used-in-apparent-supply-chain-attack/
2024-05-2407 min
Heads UpEdtech for admin: Problems solved, and challenges posedEdtech is no longer a ‘nice to have’ for international schools, it is embedded in every aspect of school operations, supporting both administrative and pedagogical needs. Choosing the right edtech product can greatly improve administrative efficiency for staff, giving them more time to focus on the learning outcomes of their students. In this episode, join Elena Mora, International Schools Field Researcher at ISC Research, as she discusses insights from the latest white paper by ISC Research with a panel of experts. They explore how edtech products can help solve administrative problems for international schools, and also look at so...
2024-05-1645 min
Heads UpInternational School Awards spotlight: Lincoln Community School’s Model United Nations conferenceIn this episode, join Janelle Torres, South East Asia Research Manager at ISC Research, as she speaks with two representatives from Lincoln Community School in Ghana. This school recently achieved a prestigious International School Award for their remarkable initiative. They hosted the West African International Schools Activities League Model United Nations, a student-led conference that saw the participation of over 150 students. Explore the invaluable opportunities this initiative provided for students to cultivate leadership and collaboration skills, alongside the challenges faced and advice for future schools looking to apply to the International School Awards. Join us in applauding Lincoln Community...
2024-04-1829 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Tuesday, April 2nd, 2024The amazingly scary xz sshd backdoor
https://isc.sans.edu/diary/The%20amazingly%20scary%20xz%20sshd%20backdoor/30802
The xz-utils backdoor in security advisories by national CSIRTs
https://isc.sans.edu/diary/The+xzutils+backdoor+in+security+advisories+by+national+CSIRTs/30800
Checking CSV Files
https://isc.sans.edu/diary/Checking%20CSV%20Files/30796
Infostealers Pose Threat to macOS
https://www.jamf.com/blog/infostealers-pose-threat-to-macos/
2024-04-0207 min
Heads UpInternational School Awards spotlight: Floating Village in HanoiIn this episode hosted by Luke Walduck, School Development Manager at ISC Research, we shine a spotlight on an inspiring initiative recognised at the 2024 International School Awards. Join us as we applaud the British Vietnamese International School Hanoi for their outstanding community service project, which has made a significant impact on the residents of the Floating Village in Hanoi. Our panellist, Piers Roderick, Assistant Head of Secondary at the school, provides an in-depth look into this inspiring endeavour. He discusses the challenges encountered, outlines plans for further development, and shares invaluable advice for international schools contemplating future International School...
2024-03-2820 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Tuesday, March 26th, 2024Tool updates: le-hex-to-ip.py and sigs.py
https://isc.sans.edu/diary/Tool%20updates%3A%20le-hex-to-ip.py%20and%20sigs.py/30772
Apple Updates for MacOS, iOS/iPadOS, visionOS;
https://isc.sans.edu/diary/Apple%20Updates%20for%20MacOS%2C%20iOS%20iPadOS%20and%20visionOS/30778
Fake Python Infrastructure
https://checkmarx.com/blog/over-170k-users-affected-by-attack-using-fake-python-infrastructure/
OpenVPN Update
https://openvpn.net/community-downloads/
2024-03-2606 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, March 18th, 20245GHoul Revisted: Thress Months Later
https://isc.sans.edu/diary/5Ghoul%20Revisited%3A%20Three%20Months%20Later/30746
Obfuscated Hexadecimal Payload
https://isc.sans.edu/diary/Obfuscated%20Hexadecimal%20Payload/30750
ChatGPT Related OAUTH Issues
https://salt.security/blog/security-flaws-within-chatgpt-extensions-allowed-access-to-accounts-on-third-party-websites-and-sensitive-data?utm_source=social&utm_medium=reddit
RedCanary Threat Detection Report
https://redcanary.com/threat-detection-report/
CRL/OCSP Changes
https://github.com/cabforum/servercert/blob/main/docs/BR.md
2024-03-1806 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Friday, March 8th, 2024AWS Deploymnet Risks - Configuration and Credential File Targeting
https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20AWS%20Deployment%20Risks%20-%20Configuration%20and%20Credential%20File%20Targeting/30722
Apple Updates
https://isc.sans.edu/diary/MacOS%20Patches%20%28and%20Safari%2C%20TVOS%2C%20VisionOS%2C%20WatchOS%29/30726
NSA/CISA Secure Cloud Guides
https://media.defense.gov/2024/Mar/07/2003407866/-1/-1/0/CSI-CloudTop10-Identity-Access-Management.PDF
https://media.defense.gov/2024/Mar/07/2003407858/-1/-1/0/CSI-CloudTop10-Key-Management.PDF
https://media.defense.gov/2024/Mar/07/2003407859/-1/-1/0/CSI-CloudTop10-Managed-Service-Providers.PDF
https://media.defense.gov/2024/Mar/07/2003407862/-1/-1/0/CSI-CloudTop10-Secure-Data.PDF
https://media.defense...
2024-03-0805 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Wednesday, March 6th, 2024iOS/iPadOS Updates with Zero Day Fixes
https://isc.sans.edu/diary/Apple%20Releases%20iOS%20iPadOS%20Updates%20with%20Zero%20Day%20Fixes./30716
Why Your Firewall Will Kill You
https://isc.sans.edu/diary/Why+Your+Firewall+Will+Kill+You/30714/
QEMU Tunnel
https://securelist.com/network-tunneling-with-qemu/111803/
VMware Vulnerabilities Patched
https://www.vmware.com/security/advisories/VMSA-2024-0006.html
2024-03-0606 min
Heads UpBalancing recruitment and retention in international schoolsIn this episode, Luke Walduck, School Development Manager at ISC Research, joins forces with Tony Atkinson, International Field Researcher at ISC Research, and Matthew Peck, Senior Business Manager at Teachanywhere, to delve into the recruitment and retention cycle within international schools. Together, they shed light on the myriad of challenges faced and underscore the importance of adaptive strategies in meeting recruitment demands. They explore the evolving landscape of recruitment tactics, advocating for a diversified approach leveraging multiple channels. Tune in for valuable insights and much more as they navigate through this essential aspect of school management. Thank y...
2024-02-2928 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, February 26th, 2024Update MGLNDD * Scans
https://isc.sans.edu/forums/diary/Update%3A%20MGLNDD_*%20Scans/30686/
Simple Anti-Sandbox Technique: Where's the Mouse
https://isc.sans.edu/diary/Simple%20Anti-Sandbox%20Technique%3A%20Where%27s%20The%20Mouse%3F/30684
Security Vulnerabilities in Apex Code Could Leak Salesforce Data
https://www.varonis.com/blog/apex-code-vulnerabilities
IBM Operation Decision Manager Exploit CVE-2024-22319 CVE-2024-22320
https://labs.watchtowr.com/double-k-o-rce-in-ibm-operation-decision-manager/
Linux Kernel TLS Vulnerability CVE-2024-26582
https://lore.kernel.org/linux-cve-announce/2024022139-spruce-prelude-c358@gregkh/
2024-02-2605 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Friday, February 23rd, 2024Friend, Foe or Something In Between
https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Friend%2C%20foe%20or%20something%20in%20between%3F%20The%20grey%20area%20of%20%27security%20research%27/30670
Large AT&T Wireless Network Outage
https://isc.sans.edu/diary/Large%20AT%26T%20Wireless%20Network%20Outage%20%23att%20%23outage/30680
Connect Wise Screenconnect Userd by LockBit
https://www.bleepingcomputer.com/news/security/screenconnect-servers-hacked-in-lockbit-ransomware-attacks/
SSH Snake Abused in the Wild
https://github.com/MegaManSec/SSH-Snake
2024-02-2305 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Tuesday, January 23rd, 2024Apple Updates Everything
https://isc.sans.edu/forums/diary/Apple%20Updates%20Everything%20-%20New%200%20Day%20in%20WebKit/30578/
Atlassian Confluence RCE Vulnerability Exploits CVE-2023-22527
https://isc.sans.edu/forums/diary/Scans%20Exploit%20Attempts%20for%20Atlassian%20Confluence%20RCE%20Vulnerability%20CVE-2023-22527/30576/
Updated Ivanti Mitigation Advise
https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US
Czech Republic Sets IPv4 Shutdown date
https://konecipv4.cz/en/
2024-01-2307 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, January 8th, 2024Netstat But Better and in PowerShell
https://isc.sans.edu/diary/Netstat%2C%20but%20Better%20and%20in%20PowerShell/30532
Double Phishing Submission
https://isc.sans.edu/diary/Are%20you%20sure%20of%20your%20password%3F/30534
Suspicious Prometei Botnet Activity
https://isc.sans.edu/diary/Suspicious%20Prometei%20Botnet%20Activity/30538
Spectral Blur Mac Malware
https://g-les.github.io/yara/2024/01/03/100DaysofYARA_SpectralBlur.html
Google Malware Abusing API is Standard Token Theft not an API Issue
https://www.bleepingcomputer.com/news/security/google-malware-abusing-api-is-standard-token-theft-not-an-api-issue/
2024-01-0805 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Tuesday, January 2nd, 2024Shall We Play a Game
https://isc.sans.edu/diary/Shall+We+Play+a+Game/30510
Mailtrap.io Exfiltration
https://isc.sans.edu/diary/Python%20Keylogger%20Using%20Mailtrap.io/30512
Pi Hole Docker
https://isc.sans.edu/forums/diary/Pi-Hole%20Pi4%20Docker%20Deployment/30516/
Mirai Update
https://isc.sans.edu/diary/Unveiling%20the%20Mirai%3A%20Insights%20into%20Recent%20DShield%20Honeypot%20Activity%20%5BGuest%20Diary%5D/30514
Barracuda 0-Day Vulnerability
https://www.barracuda.com/company/legal/esg-vulnerability
Apache OFBiz 0-Day Exploited against Atlassian (and possibly others)
https://blog.sonicwall.com/en-us/2023/12/sonicwall-discovers-critical-apache-ofbiz-zero-day-authbiz/
2024-01-0206 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, December 18th, 2023An Example of a RocketMQ Exploit Scanner
https://isc.sans.edu/diary/An%20Example%20of%20RocketMQ%20Exploit%20Scanner/30492
C# Payload Phoning to a Cobalt Strike Server
https://isc.sans.edu/diary/CSharp%20Payload%20Phoning%20to%20a%20CobaltStrike%20Server/30490
3CX SQL Injection Vulnerability
https://www.3cx.com/blog/news/sql-database-integration/
QNAP Viostor 0-Day Vulnerablity
https://www.akamai.com/blog/security-research/qnap-viostor-zero-day-vulnerability-spreading-mirai-patched
PFSense Vulnerability
https://www.sonarsource.com/blog/pfsense-vulnerabilities-sonarcloud/
SANS Holiday Hack Challenge
https://sans.org/holidayhack
2023-12-1810 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Tuesday, December 12th, 2023What is Sitemap.xml and Why a Pentester Should Care
https://isc.sans.edu/diary/What%20is%20sitemap.xml%2C%20and%20Why%20a%20Pentester%20Should%20Care/30472
Apple Patches Everything
https://isc.sans.edu/forums/diary/Apple%20Patches%20Everything/30474/
Android Password Manager Auto Spill
https://i.blackhat.com/EU-23/Presentations/EU-23-Gangwal-AutoSpill-Zero-Effort-Credential-Stealing.pdf
2023-12-1205 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, December 11th, 2023IPv4 Mapped IPv6 Addresses
https://isc.sans.edu/diary/IPv4-mapped%20IPv6%20Address%20Used%20For%20Obfuscation/30466
Honeypots From the Skeptical Beginner to the Tactical Enthusiast
https://isc.sans.edu/diary/Honeypots%3A%20From%20the%20Skeptical%20Beginner%20to%20the%20Tactical%20Enthusiast/30468
Bluetooth Weakness CVE-2023-45866
https://github.com/skysafe/reblog/tree/main/cve-2023-45866
Syrus 4 IoT Gateway Vulnerability CVE-2023-6248
https://socradar.io/syrus4-iot-gateway-vulnerability-could-allow-code-execution-on-thousands-of-vehicles-simultaneously-cve-2023-6248/
Microsoft Edge Vulnerability CVE-2023-35618
https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#december-7-2023
2023-12-1106 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Friday, December 8th, 20235G Vulnerabilities
https://isc.sans.edu/diary/5Ghoul%3A%20Impacts%2C%20Implications%20and%20Next%20Steps/30462
Revealing the hidden Risks of QR Codes
https://isc.sans.edu/diary/Revealing%20the%20Hidden%20Risks%20of%20QR%20Codes%20%5BGuest%20Diary%5D/30458
Window 10 End of Support
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/plan-for-windows-10-eos-with-windows-11-windows-365-and-esu/ba-p/4000414
Apache Struts 2 Vulnerability CVE-2023-50164
https://cwiki.apache.org/confluence/display/WW/S2-066
2023-12-0806 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Friday, December 1st, 2023Apple Updates
https://isc.sans.edu/diary/Apple+Patches+Exploited+WebKit+Vulnerabilitiues+in+iOSiPadOSmacOS/30444
Prophetic Post by Intern on CVE-2023-1389 Foreshadows Mirai Botnet Expansion Today
https://isc.sans.edu/forums/diary/Prophetic+Post+by+Intern+on+CVE20231389+Foreshadows+Mirai+Botnet+Expansion+Today/30442/
Zyxel Vulnerabilities
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-authentication-bypass-and-command-injection-vulnerabilities-in-nas-products
Solarwinds Update
https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-4_release_notes.htm#link3
DNS Looking Glass
https://isc.sans.edu/tools/dnslookup/
2023-12-0105 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, November 27th, 2023DShield Birthday
https://isc.sans.edu/diary/Happy%20Birthday%20DShield/30420
Mirai uses CVE-2023-1389
https://isc.sans.edu/diary/CVE-2023-1389%3A%20A%20New%20Means%20to%20Expand%20Botnets/30418
More Mirai Vulnerabilities
https://www.akamai.com/blog/security-research/new-rce-botnet-spreads-mirai-via-zero-days
Analyzing OVA Files
https://isc.sans.edu/diary/OVA%20Files/30424
Static Code Injections in OpenCart (CVE-2023-47444)
https://github.com/opencart/opencart/issues/12947
Holiday Hackchallenge
https://www.sans.org/mlp/holiday-hack-challenge-2023/
2023-11-2706 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, October 30th, 2023Size Matters for Many Security Controls
https://isc.sans.edu/diary/Size%20Matters%20for%20Many%20Security%20Controls/30352
Spam or Phishing? Looking for Credentials and Passwords
https://isc.sans.edu/diary/Spam%20or%20Phishing%3F%20Looking%20for%20Credentials%20%26%20Passwords/30354
iOS Leaks MAC Address
https://www.youtube.com/watch?v=T3XABxNogTA
Zero Day Initiative Pwn2Own Summary
https://www.zerodayinitiative.com/blog/2023/10/24/pwn2own-toronto-2023-day-one-results
https://www.zerodayinitiative.com/blog/2023/10/25/pwn2own-toronto-2023-day-two-results
https://www.zerodayinitiative.com/blog/2023/10/26/pwn2own-toronto-2023-day-three-results
Microsoft Octo Tempest Writeup
https://www.microsoft.com/en-us...
2023-10-3006 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Thursday, October 26th, 2023Apple Updates
https://isc.sans.edu/diary/Apple%20Patches%20Everything.%20Releases%20iOS%2017.1%2C%20MacOS%2014.1%20and%20updates%20for%20older%20versions%20fixing%20exploited%20vulnerability/30344
Confluence Server Scans CVE-2023-22515
https://isc.sans.edu/diary/30342
Critical VMVware vCenter Patch CVE-2023-34048
https://www.vmware.com/security/advisories/VMSA-2023-0023.html
2023-10-2606 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, October 16th, 2023What's Normal: Odd Mac Addresses
https://isc.sans.edu/forums/diary/What's%20Normal%3A%20MAC%20Addresses/30310/
Domain Name Used as Password Captured by DShield Sensor
https://isc.sans.edu/forums/diary/Domain%20Name%20Used%20as%20Password%20Captured%20by%20DShield%20Sensor/30312/
PoC Exploit for CVE-2023-41993
https://github.com/po6ix/POC-for-CVE-2023-41993
AvosLocker Ransomware Details
https://www.cisa.gov/sites/default/files/2023-10/aa23-284a-joint-csa-stopransomware-avoslocker-ransomware-update.pdf
DarkGate Spreading via Skype and Teams
https://www.trendmicro.com/en_ph/research/23/j/darkgate-opens-organizations-for-attack-via-skype-teams.html
2023-10-1605 min
Heads UpRethinking systems to empower student agencyDoes learner agency require system change? How are international schools developing a community culture that empowers all students with the current, rigid educational paradigm? Answers to these questions and more will be discussed in this episode, where Nalini Cook, Head of Global Research at ISC Research, speaks to a panel of three international school experts. Thank you to Nalini and our three representatives from international schools: Naheed Bardai, Principal at UWC Atlantic College. Nneka Johnson, Director of Innovation and Strategic Development at International School of Dakar (ISD) Alan Phan, Head of School at North London Collegiate Scho...
2023-10-051h 00SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Thursday, October 5th, 2023Normal Connections
https://isc.sans.edu/diary/Whats+Normal+Connection+Sizes/30278/
Apple Patches
https://isc.sans.edu/diary/Apple%20fixes%20vulnerabilities%20in%20iOS%20and%20iPadOS./30280
Looney Tunables Linux Privilege Escalation
https://blog.qualys.com/vulnerabilities-threat-research/2023/10/03/cve-2023-4911-looney-tunables-local-privilege-escalation-in-the-glibcs-ld-so
Atlasian Confluence Server Vulnerability
https://jira.atlassian.com/browse/CONFSERVER-92475
2023-10-0505 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, October 2nd, 2023Analyzing MIME Files: a Quick Tip
https://isc.sans.edu/diary/Analyzing%20MIME%20Files%3A%20a%20Quick%20Tip/30266
Infostealers Looking for Password Files
https://isc.sans.edu/diary/Are+You+Still+Storing+Passwords+In+Plain+Text+Files/30262/
Simple Netcat Backdoor
https://isc.sans.edu/diary/Simple+Netcat+Backdoor+in+Python+Script/30264/
EXIM Response to the ZDI Release
https://exim.org/static/doc/security/CVE-2023-zdi.txt
Exploit for WS_FTP Vulnerability
https://www.assetnote.io/resources/research/rce-in-progress-ws-ftp-ad-hoc-via-iis-http-modules-cve-2023-40044
2023-10-0205 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Wednesday, September 27th, 2023A new spint on the ZeroFont phishing technique
https://isc.sans.edu/diary/A%20new%20spin%20on%20the%20ZeroFont%20phishing%20technique/30248
macOS Sonoma Updates
https://isc.sans.edu/diary/Apple%20Releases%20MacOS%20Sonoma%20Including%20Numerous%20Security%20Patches/30252
2023-09-2706 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Friday, September 8th, 2023Apple Patches 0-Days
https://isc.sans.edu/diary/30200
https://support.apple.com/en-us/HT201222
iOS Fleezeware/Scareware
https://isc.sans.edu/diary/Fleezeware%20Scareware%20Advertised%20via%20Facebook%20Tags%3B%20Available%20in%20Apple%20App%20Store/30198
Aruba Vulnerabilities
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-014.txt
TP Link Vulnerabilities
https://jvn.jp/en/vu/JVNVU99392903/
2023-09-0805 min
Heads UpFostering multilingualism from the early yearsBeginning in the earliest years, international schools facilitate self-management and personalised learning journeys by encompassing language, culture, values, and choice. In this episode, Janelle Torres, South East Asia Research Manager at ISC Research, speaks to a panel of three international school experts to discuss how initiatives in the early years can impact students of all ages.Thank you to Janelle and our three representatives from international schools: Jessica Davis, ES EAL Teacher at Saigon South International School, Vietnam. Matt Hajdun, Assistant Director of Learning - Language Development at TCS, Colombia.Helen Avetisyan, Whole School Multilingualism Lead Te...
2023-09-0751 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Tuesday, September 5th, 2023What is the Origin of Passwords Submitted to Honeypots
https://isc.sans.edu/diary/What%20is%20the%20origin%20of%20passwords%20submitted%20to%20honeypots%3F/30182
Creating a YARA Rule to Detect Obfuscated Strings
https://isc.sans.edu/diary/Creating%20a%20YARA%20Rule%20to%20Detect%20Obfuscated%20Strings/30186
VMware Aria Operations for Networks Hardcoded Keys 2023-34039
https://summoning.team/blog/vmware-vrealize-network-insight-rce-cve-2023-34039/
https://github.com/sinsinology/CVE-2023-34039/
Windows will Disable TLS 1.0/1.1
https://learn.microsoft.com/en-us/windows/release-health/windows-message-center
2023-09-0506 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, August 28th, 2023Python Malware Using Postgresql for C2 Communications
https://isc.sans.edu/diary/Python%20Malware%20Using%20Postgresql%20for%20C2%20Communications/30158
macOS: Who is Behind This Network Connection?
https://isc.sans.edu/diary/macOS%3A%20Who%3Fs%20Behind%20This%20Network%20Connection%3F/30160
CVE-2020-19909 Is Everything that is Wrong with CVEs
https://daniel.haxx.se/blog/2023/08/26/cve-2020-19909-is-everything-that-is-wrong-with-cves/
Windows Certificate Confusion
https://arstechnica.com/security/2023/08/a-renegade-certificate-is-removed-from-windows-then-it-returns-confusion-ensues/
NPM E-Mail Validator Package Malware
https://blog.phylum.io/npm-emails-validator-package-malware/
2023-08-2806 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Wednesday, August 23rd, 2023Fernet Encryption in Malware
https://isc.sans.edu/forums/diary/Have%20You%20Ever%20Heard%20of%20the%20Fernet%20Encryption%20Algorithm%3F/30146/
Malware Triage With Inotify Tools
https://isc.sans.edu/diary/Quick+Malware+Triage+With+Inotify+Tools/30142/
Adobe Coldfusion Exploited
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Openfire Admin Console Vulnerability Exploited
https://vulncheck.com/blog/openfire-cve-2023-32315
XLoader Mac Malware Updates
https://www.sentinelone.com/blog/xloaders-latest-trick-new-macos-variant-disguised-as-signed-officenote-app/
2023-08-2306 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, July 31st, 2023USPS Phishing Scam Targeting iOS Users
https://isc.sans.edu/forums/diary/USPS+Phishing+Scam+Targeting+iOS+Users/30078/
Do Attackers Pay More Attention to IPv6
https://isc.sans.edu/diary/Do%20Attackers%20Pay%20More%20Attention%20to%20IPv6%3F/30076
Shell Code in Images
https://isc.sans.edu/diary/ShellCode%20Hidden%20with%20Steganography/30074
Ivanti Mobileiron Exploit Public
https://github.com/vchan-in/CVE-2023-35078-Exploit-POC/blob/main/cve_2023_35078_poc.py
2023-07-3105 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Tuesday, July 25th, 2023Apple Updates
https://isc.sans.edu/forums/diary/Apple%20Updates%20Everything%20%28again%29/30062/
https://support.apple.com/en-us/HT201222
Parsing Data with jq
https://isc.sans.edu/diary/JQ%3A%20Another%20Tool%20We%20Thought%20We%20Knew/30060
TETRA Radio Backdoor
https://www.wired.com/story/tetra-radio-encryption-backdoor/
2023-07-2506 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Thursday, July 20th, 2023Citrix ADC Vulneraiblity CVE-2023-3519, CVE-2023-3466, CVE-2023-3467
https://isc.sans.edu/forums/diary/Citrix%20ADC%20Vulnerability%20CVE-2023-3519%2C%203466%20and%203467%20-%20Patch%20Now!/30044/
HAM Radio Enigma Machine Challenge
https://isc.sans.edu/diary/HAM%20Radio%20%2B%20Enigma%20Machine%20Challenge/30042
Oracle Critical Patch Update
https://www.oracle.com/security-alerts/cpujul2023.html
Microsoft Expanding Cloud Logging
https://www.microsoft.com/en-us/security/blog/2023/07/19/expanding-cloud-logging-to-give-customers-deeper-security-visibility/
2023-07-2003 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Thursday, July 6th, 2023DShield pfSense Client Update
https://isc.sans.edu/diary/DShield%20pfSense%20Client%20Update/29994
Exposed Industrial Control Systems
https://isc.sans.edu/diary/Controlling%20network%20access%20to%20ICS%20systems/30000
Analysis Method for Custom Encoding
https://isc.sans.edu/diary/Analysis%20Method%20for%20Custom%20Encoding/29946
SNAPPY: Detecting Rogue WiFi Access Points
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/snappy-detecting-rogue-and-fake-80211-wireless-access-points-through-fingerprinting-beacon-management-frames/
RUSTBUCKET Mac Malware
https://www.elastic.co/security-labs/DPRK-strikes-using-a-new-variant-of-rustbucket
2023-07-0606 min
Heads UpHow influential is the student voice in international schools?In this episode, Pia Maske, East Asia Field Research Manager explores some of the findings from recent research conducted by ISC Research into student voices with a panel of experts. It discusses research conducted with international school students and alumni as well as separate research with international school teachers and leaders. Two international school consultants who contributed to the research report share their insights about the findings and offer practical solutions for international schools opening up student voice.Pia hosts the discussion with international school consultants:Matthew Savage, Independent Consultant and a former International School PrincipalJoel...
2023-06-2942 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, June 26th, 2023Email Spam With Modiloader Attached
https://isc.sans.edu/diary/Email%20Spam%20with%20Attachment%20Modiloader/29978
Word Document with an Online Attached Template
https://isc.sans.edu/diary/Word%20Document%20with%20an%20Online%20Attached%20Template/29976
Quakbot Activity Obama271 Distrubution Tag
https://isc.sans.edu/diary/Qakbot%20%28Qbot%29%20activity%2C%20obama271%20distribution%20tag/29968
Microsoft Teams External Tenant Confusion
https://labs.jumpsec.com/advisory-idor-in-microsoft-teams-allows-for-external-tenants-to-introduce-malware/
Free Smart Watches
https://www.darkreading.com/threat-intelligence/suspicious-smartwatches-mailed-us-army-personnel
2023-06-2606 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Tuesday, June 20th, 2023Formbook From Possible ModiLoaeder (DBatLoader)
https://isc.sans.edu/diary/Formbook%20from%20Possible%20ModiLoader%20%28DBatLoader%29%20/29958
Brute-Force ZIP Password Cracking with zipdump.py
https://isc.sans.edu/diary/Brute-Force%20ZIP%20Password%20Cracking%20with%20zipdump.py/29948
Malware Delivered Through .inf File
https://isc.sans.edu/diary/Malware%20Delivered%20Through%20.inf%20File/29960
FortiNAC - Just a few more RCEs
https://frycos.github.io/vulns4free/2023/06/18/fortinac.html
2023-06-2005 min
Heads UpAddressing EAL in international schoolsIn this episode, Janelle Torres, Field Research Consultant for South East Asia at ISC Research, and an EAL expert discuss the use of English as an Additional Language in international schools to support the education of students where English is not their first language. What challenges are presented by the language barrier and what provision is in place to support all school stakeholders? To learn about the essentials for effective EAL support, Janelle speaks to Deborah Perrin who shares with us some answers to these alongside many other questions. Panellist: Deborah Perrin, Head of English as an...
2023-05-1138 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, May 8th, 2023Quickly Finding Encoded Payloads in Office Documents
https://isc.sans.edu/forums/diary/Quickly+Finding+Encoded+Payloads+in+Office+Documents/29818/
Exploratory Data Analysis with CISSM Cyber Attacks Database Part 1
https://isc.sans.edu/forums/diary/Exploratory+Data+Analysis+with+CISSM+Cyber+Attacks+Database+Part+1/29816/
Guildma is now Abusing Colorcpl.exe LOLBIN
https://isc.sans.edu/forums/diary/Guildma+is+now+abusing+colorcplexe+LOLBIN/29814/
Leaked MSI Keys
https://github.com/binarly-io/SupplyChainAttacks/blob/main/MSI/ImpactedDevices.md
https://twitter.com/matrosov/status/1654560343295934464
PHP Packages Compromised
https://blog.packagist.com/packagist-org-maintainer-account-takeover/
2023-05-0806 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, April 10th, 2023Detecting Suspicious API Usage with YARA Rules
https://isc.sans.edu/diary/Detecting%20Suspicious%20API%20Usage%20with%20YARA%20Rules/29724
Apple Patching Two 0-Day Vulnerabilities in iOS and macOS
https://isc.sans.edu/diary/Apple%20Patching%20Two%200-Day%20Vulnerabilities%20in%20iOS%20and%20macOS/29726
VM2 Sandbox Escape
https://github.com/patriksimek/vm2/security/advisories/GHSA-7jxr-cg7f-gpgv
https://gist.github.com/seongil-wi/2a44e082001b959bfe304b62121fb76d
Microsoft Netlogon: Potential Upcoming Impacts of CVE-2022-38023
https://isc.sans.edu/diary/Microsoft%20Netlogon%3A%20Potential%20Upcoming%20Impacts%20of%20CVE-2022-38023/29728
2023-04-1006 min
Heads UpManaging crises in a schoolIn this episode, Nalini Cook, Head of Global Research at ISC Research, addresses the challenge of crises management in international schools with a panel of experts. How can schools identify what their risks are? How can school leaders be agile with their crises management strategy? What practical solutions and suggestions are there that may help the international schools community to prepare for a crisis? These questions and plenty more are discussed with our two panelists:- Samantha Gayfer, South East Asia Consultant at The Jane Group- Maya Nelson, Head of School a...
2023-04-0651 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, March 13th, 2023AsynRAT Trojan - Bill Payment (Pago de la factura)
https://isc.sans.edu/diary/AsynRAT+Trojan+Bill+Payment+Pago+de+la+factura/29626
Mirai Payload Generator
https://isc.sans.edu/diary/Overview%20of%20a%20Mirai%20Payload%20Generator/29624
Multi-Technology Script Leading to Browser Hijacking
https://isc.sans.edu/diary/Multi-Technology%20Script%20Leading%20to%20Browser%20Hijacking/29620
OneNote will warn users of embeded content
https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=OneNote%2CIn%20development&searchterms=122277
Google Removing Chrome Cleanup Tool
https://security.googleblog.com/2023/03/thank-you-and-goodbye-to-chrome-cleanup.html
2023-03-1305 min
Heads UpWhat's driving growth within the international schools market?In this episode, Pia Maske, East Asia Field Research Manager at ISC Research, focuses on some of the factors impacting demand within the international schools market that are influencing current growth trends. Pia talks to two senior leaders from international schools who share insights into the recent shifts they have seen in admissions enquiries and the reasons driving parents to select an international school for their child. Thank you to Pia and our two representatives from international schools:Julia Love, Director of Admissions at the International School of Kuala Lumpur, MalaysiaKatie Rigney-Zimmermann, Admissions and Marketing Director a...
2023-03-0146 min
Heads UpThe impact of global inflation on international schoolsIn this episode, Pia Maske, East Asia Field Research Manager at ISC Research, addresses the challenge of global inflation in international schools with a panel of experts. What new challenges are schools facing in this economic turmoil, and how are schools alleviating the risks to their teaching and learning and to their entire school community? What practical solutions and suggestions are there that may help the broader international schools community to unite in a time of crisis? These questions and plenty more are addressed in this episode. Thank you to Pia and our representatives from international schools: ...
2023-01-2643 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Wednesday, December 21st, 2022Linux File System Monitoring and Actions
https://isc.sans.edu/diary/Linux%20File%20System%20Monitoring%20%26%20Actions/29362
Feed of NTP Server IP Addresses
https://isc.sans.edu/api/threatlist/ntpservers?json
Feed of Mastodon Server IP Addresses
https://isc.sans.edu/api/threatlist/mastodon?json
Packet Tuesday TLS Server Hello
https://www.youtube.com/watch?v=2HymU4dxWEQ
Android Preparing Support for Updatable Root Certificates
https://blog.esper.io/android-14-updatable-certificates/
Elastic IP Hijacking
https://www.mitiga.io/blog/elastic-ip-hijacking-a-new-attack-vector-in-aws
Microsoft Fixes HyperV issues With Latest Patch
https...
2022-12-2107 min
Heads UpLife after school: the paths today’s international school students can takeISC Research recently conducted some research to find out if international schools are noticing any shifts in the choices that students are making for their life after school. In this episode, our host and Head of Global Research, Nalini Cook, discusses the results of the research with career guidance and college counsellors. Nalini gathers insights into how more students aged 13 to 15 are making alternative choices instead of continuing to senior final years, the alternative pathways to university chosen by students at age 18, the shifts in university destinations and subject choices, and more. Thank you to Nalini and o...
2022-12-2048 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, December 5th, 2022QBot Update
https://isc.sans.edu/forums/diary/obama224%20distribution%20Qakbot%20tries%20.vhd%20%28virtual%20hard%20disk%29%20images/29294/
Living of the Land: Unix tools in Windows
https://isc.sans.edu/diary/Linux%20LOLBins%20Applications%20Available%20in%20Windows/29296
https://isc.sans.edu/forums/diary/Fingerexe+LOLBin/29298/
CVE-2022-44721 Crowdstrike Falcon Uninstaller
https://github.com/purplededa/CVE-2022-44721-CsFalconUninstaller
Android Platform Key Leak
https://twitter.com/MishaalRahman/status/1598426974594433025
GitHub Pipeline Vulnerability
https://www.legitsecurity.com/blog/artifact-poisoning-vulnerability-discovered-in-rust
2022-12-0509 min
Heads UpA schoolwide approach to DEIJAlthough many international school teams are introducing the principles of Diversity, Equity, Inclusion and Justice (DEIJ) into their school practices, most are yet to make any authentic, sustainable change based on deep understanding. In this episode, Nalini Cook, Head of Global Research at ISC Research, leads an important discussion on centring staff recruitment and training around DEIJ. How can DEIJ in tandem with personal development strategies support the development of all international school staff? This episode offers some solutions for how schools can implement lifelong changes around DEIJ.Thank you to our panelists: - Joel Jr Ll...
2022-11-221h 00
Heads UpHow can governance effectively support international school leaders?In this episode, Nalini Cook, Head of Global Research at ISC Research, discusses governance practices in international schools with a panel of experts from the international schools community: Ian Hunt, CEO and Chair of Haileybury Kazakhstan, International Schools GroupDavid Axtell, former Parent Governor at St Christopher’s School, BahrainVanita Uppal OBE, Director of the British School New Delhi, India Who should be represented on the board? What should be their focus? Are school leaders supported? Let’s find out!This discussion draws upon research on governance practices in international schools produced by ISC Research in 2018 and in...
2022-10-2131 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, August 29th, 2022Dealing With False Positives when Scanning Memory Dumps for Cobalt Strike Beacons
https://isc.sans.edu/diary/Dealing+With+False+Positives+when+Scanning+Memory+Dumps+for+Cobalt+Strike+Beacons/28990
HTTP2 Packet Analysis with Wireshark
https://isc.sans.edu/diary/HTTP2+Packet+Analysis+with+Wireshark/28986
Paypal Phishing/Coinbase in One Image
https://isc.sans.edu/diary/Paypal+PhishingCoinbase+in+One+Image/28984
Sysinternals Updates: Sysmon v14.0 and ZoomIt v6.01
https://isc.sans.edu/diary/Sysinternals+Updates%3A+Sysmon+v14.0+and+ZoomIt+v6.01/28988
eth.link domain at risk
https://www.coindesk.com/tech/2022/08/26/web3...
2022-08-2906 min
Heads UpWhen innovation fosters community engagementThe ISC Research Edruptors@School conference, which took place in June, explored innovation and transformation in international school leadership. In this episode, we celebrate inspiring ideas shared by members of the international education community who took part in the conference discussions. This episode is all about the implementation of innovative school practices and the fostering of community engagement.Thank you to our panel of experts from the international school community:• Philippa Wraithmell, digital education specialist• Dr. Vandana Lulla, Principal at Podar International School• Matt Harris, co-founder and CEO at ChildSafeguarding.com• Bethan Eveleigh, Online e...
2022-07-2633 min
Heads UpBrand influence within the international school sectorIn this episode, Freddie Cloke, School Development Manager at ISC Research gathers insights from our very own field research team on influential school groups and brands within the international schools sector. Sam Fraser, Research Director at ISC Research and Pia Maske, East Asia Research Manager, talk about the ways school brands influence practices in international school campuses and highlight trends to watch.#intled #schoolleadership #internationalschools #schoolbrandsKeep in touch and follow us on Twitter, Facebook, Instagram, TikTok and LinkedIn Find out more about what we do at ISC ResearchWe w...
2022-06-0924 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, March 21st, 2022Scans for Movable Type Vulnerability (CVE-2021-20837)
https://isc.sans.edu/forums/diary/Scans+for+Movable+Type+Vulnerability+CVE202120837/28454/
SolarWinds Advisory: Unauahtneticated Access in Web Help Desk (12.7.5)
https://isc.sans.edu/forums/diary/SolarWinds+Advisory+Unauthenticated+Access+in+Web+Help+Desk+1275/28456/
MGLNDD_* Scans
https://isc.sans.edu/forums/diary/MGLNDD+Scans/28458/
CAPTCHA Phishing
https://www.avanan.com/blog/using-captcha-forms-to-bypass-filters
Browser in the Browser Templates
https://mrd0x.com/browser-in-the-browser-phishing-attack/
2022-03-2106 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Tuesday, March 15th, 2022Apple Updates Everything
https://isc.sans.edu/forums/diary/Apple+Updates+Everything+MacOS+123+XCode+133+tvOS+154+watchOS+85+iPadOS+154+and+more/28438/
Look Alike Accounts Used in Ukraine Dontation Scam Impersonating Olena Zelenska
https://isc.sans.edu/forums/diary/Look+Alike+Accounts+Used+in+Ukraine+Donation+Scam+impersonating+Olena+Zelenska/28440/
Curl on Windows
https://isc.sans.edu/forums/diary/Curl+on+Windows/28436/
Veeam Vulnerabilities
https://www.veeam.com/kb4288
Linux Netfilter Privilege Escalation
https://nickgregory.me/linux/security/2022/03/12/cve-2022-25636/
2022-03-1505 min
Heads UpInspiration from the International Education CommunityIn this episode hosted by our Research Consultant Janelle Torres, we celebrate inspiring ideas from the international education community. We talked to representatives of the International School of the Year 2022 and to some of the top social media influencers within international education.Thank you to our guests:- Vicki Davis, teacher and blogger aka Cool Cat Teacher- Kai Vacher, Principal of British School Muscat- Al Kingsley, CEO of NetSupport- Sophie Bailey, founder and host of The Edtech Podcast- Representatives of the International School of Zug and Luzern, #ISAwards 2022...
2022-02-1729 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, January 3rd, 2022Exchange Server Year 2022 Bug
https://isc.sans.edu/forums/diary/Exchange+Server+Email+Trapped+in+Transport+Queues/28204/
https://techcommunity.microsoft.com/t5/exchange-team-blog/email-stuck-in-exchange-on-premises-transport-queues/ba-p/3049447
Agent Tesla Updates
https://isc.sans.edu/forums/diary/Agent+Tesla+Updates+SMTP+Data+Exfiltration+Technique/28190/
https://isc.sans.edu/forums/diary/Do+you+want+your+Agent+Tesla+in+the+300+MB+or+8+kB+package/28202/
Forensics Issues and Techniques to Improve Security in SSD with Flex Capacity Feature
https://arxiv.org/ftp/arxiv/papers/2112/2112.13923.pdf
iLO Bleed Attack
https://threats.amnpardaz.com/en/2021/12/28/implant-arm-ilobleed-a/
2022-01-0307 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, December 27th, 2021Log4j/Log4Shell and Cloud Internal Meta Data Services
https://isc.sans.edu/forums/diary/log4shell+and+cloud+provider+internal+meta+data+services+IMDS/28168/
https://isc.sans.edu/forums/diary/Defending+Cloud+IMDS+Against+log4shell+and+more/28170/
Log4j/Log4Shell Pushing Crypto Miner
https://isc.sans.edu/forums/diary/Example+of+how+attackers+are+trying+to+push+crypto+miners+via+Log4Shell/28172/
Microsoft Vulnerable and Malicious Driver Reporting Center
https://www.microsoft.com/security/blog/2021/12/08/improve-kernel-security-with-the-new-microsoft-vulnerable-and-malicious-driver-reporting-center/
Azure Source Code Leak
https://blog.wiz.io/azure-app-service-source-code-leak/
2021-12-2705 min
Heads UpRecruitment and staff development in international schoolsAddressing the challenge of recruitment and staff development in international schools.In this episode, Nalini Cook, Head of EMEA Research at ISC Research discusses our latest research into recruitment and CPD in international schools with a panel of experts: - Pauline O’Brien, Director of Global Recruitment at International School Services. - Dr Vincent Chian, Principal of Fairview International School, Kuala Lumpur, Malaysia. - Dr Siobhan Mellor, HCPC Registered Chartered Educational Psychologist and Director of Real Group. - Dr Marianne Yong-Macdonald, Group Head, Teacher Professional Learning and Development at International Schools Partnership Limite...
2021-11-121h 01SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, October 25th, 2021Malware Quiz
https://isc.sans.edu/forums/diary/October+2021+Contest+Forensic+Challenge/27960/ Odd Zip Files https://isc.sans.edu/forums/diary/Phishing+ZIP+With+Malformed+Filename/27966/ Decrypting Cobalt Strike Configurations Using Known Secret Keys https://blog.nviso.eu/2021/10/21/cobalt-strike-using-known-private-keys-to-decrypt-traffic-part-1/ Tracking BLE Fingerprints https://cseweb.ucsd.edu/~nibhaska/papers/sp22_paper.pdf GPS Software Bug https://us-cert.cisa.gov/ncas/current-activity/2021/10/21/gps-daemon-gpsd-rollover-bug https://isc.sans.edu/forums/diary/Keeping+Track+of+Time+Network+Time+Protocol+and+a+GPSD+Bug/27886/
2021-10-2505 min
Heads UpDifferent perspectives on student pathways to higher educationInternational school students have faced significant challenges over the past couple of years. With COVID-19 and travel restrictions, their pathway to higher education has only become more challenging. Pia Maske, East Asia Researcher at ISC Research, discussed our latest research on the subject with Lucien Giordano, Group Director of International Outreach and Alumni Engagement at Education in Motion (EiM), Anne Kuijs, International Recruitment & Marketing Advisor at Tilburg University, and Caitlin Brennan, Partner Development Director at InvestIN.#highereducation #intled #admissionsKeep in touch and follow us on Twitter, Facebook, Instagram, TikTok and LinkedIn Find...
2021-09-2756 min
Heads UpTeaching and learning in international schoolsThe new Heads Up series hosted by ISC Research kicks off with an insightful discussion about shifts in teaching and learning practices at international schools. Research Director Sam Fraser talks to Dr Kristen Weatherby, a researcher and consultant in education technology and teacher policy, about the results released in the new Teaching and Learning in International Schools Report just published by ISC Research. Episode sponsored by Education Horizons Group.#TeachingAndLearning #blendedlearning #edtech #edchat #intledKeep in touch and follow us on Twitter, Facebook, Instagram, TikTok and LinkedIn Find out more about w...
2021-08-0552 min
ISC Paris Campus Orléans Au fil du temps#17 Fernanda Arreola - Doyenne de la Faculté et de la Recherche de l'ISC ParisConversation avec la doyenne de la Faculté et de la Recherche du groupe ISC Paris.
Nous y évoquons son parcours et ses ambitions pour l'ISC.
Retrouver son profil sur linkedin : https://www.linkedin.com/in/fernandaarreola/
2021-02-0436 min