security.didici.cc
ISC StormCast for Wednesday, January 19th, 2022
2 hours agoPhishing E-Mail With an Advertisement
https://isc.sans.edu/foru
ms/diary/Phishing+email+w
ithan+advertisement/28250
/
Virustotal Credential
https://www.safebreach.co
m/blog/2022/the-perfect-c
yber-crime/
Oracle Quarterly Critical Patch Update
https://www.or ...
SN 854: Anatomy of a Log4j Exploit - Buggy KCode, WordPress Security
3 hours agoPicture of the Week "Hack the Pentagon" with Log4j Open Source Software Security Summit Microsoft's January Patch Tuesday Review: The GOOD News Microsoft's January Patch Tuesday Review: The Not So Good News Check Your Router Firmware Updates Chrome to Imp ...
Serious Security: Apple Safari leaks private data via database API – what you need to know
11 hours agoResearchers at browser identification company FingerprintJS recently found and disclosed a fascinating data leakage bug in Apple’s web browser software. Technically, the bug exists in Apple’s open source WebKit “browser engine”, which means it aff ...
SeeYouCM-Thief: Exploiting common misconfigurations in Cisco phone systems
14 hours ago1.1 Intro I spent my early IT career working for a Cisco partner that specialized in Cisco phone systems. My work wasn’t directly with the phone systems, but it was usually in an adjacent field like route/switch and security. I did, however ...
ISC StormCast for Tuesday, January 18th, 2022
1 day agoLog4Shell Attacks Getting Smarter
https://isc.sans.edu/foru
ms/diary/Log4Shell+Attack
s+Getting+Smarter/28246/
Microsoft Releases Special Update to Deal with January Update Fail
https://www.bleepingcompu
ter.com/news/microsoft/mi
crosoft-releases-oob-upda
te ...
Romance scammer who targeted 670 women gets 28 months in jail
1 day agoFound love online? Sending them money? Friends and family warning you it could be a scam? Don't be too quick to dismiss their concerns...
Ep. 162 - Security Awareness Series - What Cows Can Teach You About Infosec with John Strand
1 day agoThis month Chris Hadnagy and Ryan MacDougall are joined by John Strand from Black Hills Information Security. John has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing. He is ...
ISC StormCast for Monday, January 17th, 2022
2 days agoUse of Alternate Data Streams in Research Scans
https://isc.sans.edu/foru
ms/diary/Use+of+Alternate
+Data+Streams+in+Research
+Scans+for+indexjsp/28240
/
Microsoft Resumes Windows Server 2019 Cumulative Updates
https://www.bleepingcompu
ter.com/news/microsof ...
Ep. Special Edition 001 - Human Element Series - Covid-19 Test Site Scams
2 days agoThis is a special edition of Social-Engineer's Human Element Series Podcast. Chris Hadnagy will discuss Covid-19 testing site scams, and how you can protect yourself against them. [January 14, 2022] 00:00 – Intro social-engineer.com/ social-engine ...
Serious Security: Linux full-disk encryption bug fixed – patch now!
4 days agoImagine if someone who didn't have your password could sneakily modify data that was encrypted with it.
REvil ransomware crew allegedly busted in Russia, says FSB
4 days agoThe Russian Federal Security Bureau has just published a report about the investigation and arrest of the infamous "REvil" ransomware crew.
ISC StormCast for Friday, January 14th, 2022
5 days agoMSFT Patch Issues
https://borncity.com/win/
2022/01/12/patchday-windo
ws-8-1-server-2012-r2-upd
ates-11-januar-2022-mglic
he-boot-probleme/
https://support.microsoft
.com/en-us/topic/january-
11-2022-kb5009624-monthly
-rollup-23f4910b-6bdd-475
c-bb4d-c0e961aff0 ...
Risky Biz Soap Box: Rolling your own threat intelligence with Steve Miller
5 days agoIn this edition of the soap box we’re chatting with Steve Miller, the head of threat intelligence at Stairwell. Steve has a long history doing this sort of stuff. He worked inside various bits of the US government doing cyber things, and also spent a de ...
Risky Biz Soap Box: Rolling your own threat intelligence with Steve Miller
5 days agoIn this edition of the soap box we’re chatting with Steve Miller, a senior researcher at Stairwell. Steve has a long history doing this sort of stuff. He worked inside various bits of the US government doing cyber things, and also spent a decent chunk o ...
S3 Ep65: Supply chain conniption, NetUSB hole, Honda flashback, FTC muscle [Podcast + Transcript]
5 days agoLatest episode -listen to it or read it now!
Real or Fake? Spoof-Proofing Email With SPF, DKIM, and DMARC
5 days agoI briefly mentioned using DKIM to verify an email’s sender in a previous blog post that described the steps I took to determine whether a suspicious email was legitimate or a phishing attempt. In this post, we will take a deeper dive into how organizati ...
ISC StormCast for Thursday, January 13th, 2022
6 days agoA Quick CVE-2022-21907 FAQ
https://isc.sans.edu/foru
ms/diary/A+Quick+CVE20222
1907+FAQ+work+in+progress
/28234/
Details Released Regarding Patched Sonicwall Vulnerabilities
https://www.rapid7.com/bl
og/post/2022/01/11/cve-20
21-20038-42-sonicwall-sma
-100-mu ...
Wormable Windows HTTP hole – what you need to know
6 days agoOne bug in the January 2022 Patch Tuesday list is getting lots of attention: "HTTP Protocol Stack Remote Code Execution Vulnerability".
ISC StormCast for Wednesday, January 12th, 2022
1 week agoMicrosoft Patch Tuesday - January 2022
https://isc.sans.edu/foru
ms/diary/Microsoft+Patch+
Tuesday+January+2022/2823
0/
Adobe Updates
https://helpx.adobe.com/s
ecurity.html
SN 853: URL Parsing Vulnerabilities - US CISA on Log4J, WordPress Security Update, What Is a Pluton
1 week agoPicture of the Week. The US CISA Log4J status update. The H2 Database Console vulnerability. The Federal Trade Commission gets into the act! Chrome fixed 37 known problems last week. The Privacy-first Brave browser. WordPress 5.8.3 security update. What, ...
Risky Business #650 -- USG drops Russia advisory as Ukraine tensions mount
1 week agoOn this week’s show Patrick Gray, Katie Nickels and Joe Slowik discuss the week’s security news, including: US Government warns of impending critical infrastructure hacks Log4j bug in VMWare gets a workout Ex Uber CSO Joe Sullivan facing wire ...
Home routers with NetUSB support could have critical kernel hole
1 week agoGot a router that supports USB access across the network? You might need a kernel update...
Real or Fake? How to Spoof Email
1 week agoI briefly mentioned how easy it is to forge email sender addresses in a previous blog post that described the steps I took to determine whether a suspicious email was legitimate or a phishing attempt. In this post, we will take a deeper dive into why emai ...
ISC StormCast for Tuesday, January 11th, 2022
1 week agoNew MacOS Vulnerability Could Lead to Unauthorized User Data Access
https://www.microsoft.com
/security/blog/2022/01/10
/new-macos-vulnerability-
powerdir-could-lead-to-un
authorized-user-data-acce
ss
Exploiting URL Parsers
https://claroty.com/wp-co
ntent/upl ...
JavaScript developer destroys own projects in supply chain “lesson”
1 week agoTwo popular open source JavaScript packages recently got "hacked" in a smbolic gesture by the original project creator.
Ep. 161 - Human Element Series - Do You Want To Go Fast Or Far with Amy Herman
1 week agoThis month Chris Hadnagy is joined by the fascinating Amy Herman. Amy is a lawyer and an art historian who uses works of art to sharpen observation, analysis, and communication skills. She developed her Art of Perception seminar in 2000 and since then ha ...
ISC StormCast for Monday, January 10th, 2022
1 week agoExtracting Cobalt Strike Beacons from MSBuild Scripts
https://isc.sans.edu/foru
ms/diary/Extracting+Cobal
t+Strike+Beacons+from+MSB
uild+Scripts/28200/
The JNDI Strikes Back: Unauthenticated RCE in H2 Database Console
https://jfrog.com/blog/th
e-jndi-strike ...
Honda cars in flashback to 2002 – “Can’t Get You Out Of My Head”
1 week agoWhere were YOU on the night of 17 May 2002? And what about the day after that?
Log4Shell-like security hole found in popular Java SQL database engine H2
1 week ago"It's Log4Shell, Jim, but not as we know it." How to find and fix a JNDI-based vuln in the H2 Database Engine.
ISC StormCast for Friday, January 7th, 2022
1 week agoMalicious Python Script Targeting Chinese People
https://isc.sans.edu/foru
ms/diary/Malicious+Python
+Script+Targeting+Chinese
+People/28220/
Google Docs Comment Exploit Allows for Distribution of Phishing and Malware
https://www.avanan.com/bl
og/google-doc ...
An ‘Attack Path’ Mapping Approach to CVEs 2021-42287 and 2021-42278
1 week ago1.0 Introduction On Friday, December 10, 2021, Charlie Clark (@exploitph) published a blog post detailing the weaponization of CVEs 2021-42287 and 2021-42278. In the blog post, Charlie extensively covered the background of the vulnerabilities, how the ...
S3 Ep64: Log4Shell again, scammers keeping busy, and Apple Home bug [Podcast + Transcript]
1 week agoWe're back for 2022 - listen now!
ISC StormCast for Thursday, January 6th, 2022
1 week agoCode Reuse in the Malware Landscape
https://isc.sans.edu/foru
ms/diary/Code+Reuse+In+th
e+Malware+Landscape/28216
/
ZLoader Campaign Exploiting Signature Verification Bug
https://research.checkpoi
nt.com/2022/can-you-trust
-a-files-digital-signatur
e-new-zloa ...
FTC threatens “legal action” over unpatched Log4j and other vulns
1 week agoRemember the Equifax breach? Remember the $700m penalty? In case you'd forgotten, here's the FTC to refresh your memory!
ISC StormCast for Wednesday, January 5th, 2022
2 weeks agoA Simple Batch File That Blocks People
https://isc.sans.edu/foru
ms/diary/A+Simple+Batch+F
ile+That+Blocks+People/28
212/
Windows Server Remote Desktop Emergency Update
https://docs.microsoft.co
m/en-us/windows/release-h
ealth/windows-message-cen
ter#2772
Mal ...
SN 852: December 33rd - Log4j Update, RSA Postponed, Hack the DHS Expanded, Cyber Insurance Cost Rising
2 weeks agoPicture of the Week. Log4j's 5th update. Microsoft's Log4j scanner triggers false positives. Chinese government is annoyed with Alibaba. "Hack the DHS" Bug Bounty Expanded. COVID postpones the RSA Conference. DuckDuckGo continues to grow. The cost of cybe ...
Risky Business #649 -- Java being a fiddly mess saves the day
2 weeks agoOn this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: The log4j bug wrap The ransomware wrap The human rights and surveillance industry wrap Research and carnage wrap This week’s show is brought t ...
Apple Home software bug could lock you out of your iPhone
2 weeks agoThe finder of this bug insists it "poses a serious risk". We're not so sure, but we recommend you take steps to avoid it anyway.
ISC StormCast for Tuesday, January 4th, 2022
2 weeks agoMcAfee Phishing Campaign with a Nice Fake Scanhttps://isc.sans.edu/
forums/diary/McAfee+Phish
ing+Campaign+with+a+Nice+
Fake+Scan/28208/
Trend Micro Apex One Patchhttps://success.tren
dmicro.com/solution/00028
9996
E-commerce Bots Using Cheap Domain Registrati ...
ISC StormCast for Monday, January 3rd, 2022
2 weeks agoExchange Server Year 2022 Bughttps://isc.sans.edu/f
orums/diary/Exchange+Serv
er+Email+Trapped+in+Trans
port+Queues/28204/https:/
/techcommunity.microsoft.
com/t5/exchange-team-blog
/email-stuck-in-exchange-
on-premises-transport-que
ues/ba-p/3049447
Agent Tesla ...
Instagram copyright infringment scams – don’t get sucked in!
2 weeks agoWe deconstructed a copyright phish so you don't have to. Be warned: the crooks are getting better at these scams...
ISC StormCast for Thursday, December 30th, 2021
2 weeks agoLog4j 2 Security Vulnerabilities Update Guidehttps://isc.sans.edu
/forums/diary/Log4j+2+Sec
urity+Vulnerabilities+Upd
ate+Guide/28188/
Microsof
t Defender Log4j False Positiveshttps://www.blee
pingcomputer.com/news/mic
rosoft/microsoft-defender
-log4j-scanner-tr ...
Log4Shell vulnerability Number Four: “Much ado about something”
2 weeks agoIt's a Log4j bug, and you ought to patch it. But we don't think it's a critical crisis like the last one.
ISC StormCast for Wednesday, December 29th, 2021
3 weeks agoLog4j Vulnerablity CVE-2021-44832https://log
ging.apache.org/log4j/2.x
/security.html#CVE-2021-4
4832
LotL Classifiershttps://isc.sa
ns.edu/forums/diary/LotL+
Classifier+tests+for+shel
ls+exfil+and+miners/28184
/
LastPass Credential Stuffinghttps://www.bleep
ingc ...
SN 851: Best of 2021 - The Year's Best Stories on Security Now
3 weeks agoLeo Laporte walks through some of the highlights of the show and most impactful stories of 2021. Stories include: SolarWinds Hack Detailed By Microsoft Crispy Subtitles from Lay's Remembering Dan Kaminsky REvil Hacks Apple Supplier Quanta Computer The "D ...
ISC StormCast for Tuesday, December 28th, 2021
3 weeks agoAttackers are Abusing MSBuild to Evade Defenses and Implant Cobalt Strike Beaconshttps://isc.sans.e
du/forums/diary/Attackers
+are+abusing+MSBuild+to+e
vade+defenses+and+implant
+Cobalt+Strike+beacons/28
180/
Bypassing File Quarantine, Gatekeeper and Notarizat ...
ISC StormCast for Monday, December 27th, 2021
3 weeks agoLog4j/Log4Shell and Cloud Internal Meta Data Serviceshttps://isc.sans.
edu/forums/diary/log4shel
l+and+cloud+provider+inte
rnal+meta+data+services+I
MDS/28168/https://isc.san
s.edu/forums/diary/Defend
ing+Cloud+IMDS+Against+lo
g4shell+and+more/28170/
L
og4j/Log4S ...
SFW! The Top N Cybersecurity Stories of 2021 (for small positive integer values of N)
3 weeks agoHappy Holidays! Our Top N stories, all totally SFW!
The cool retro phone with a REAL DIAL… plus plenty of IoT problems
3 weeks agoYou know you want one, because this retro phone is NOT A TOY... except when it comes to cybersecurity.
ISC StormCast for Thursday, December 23rd, 2021
3 weeks agoForensics Challenge Solutionhttps://isc.sans.
edu/forums/diary/December
+2021+Forensic+Contest+An
swers+and+Analysis/28160/
CAB-less 40444https://news.sophos.
com/en-us/2021/12/21/atta
ckers-test-cab-less-40444
-exploit-in-a-dry-run/
El
lume COVID Home Test Weak ...
Plundered bitcoins recovered by FBI – all 3,879-and-one-sixth of them!
3 weeks agoPhew! An audacious crime... that didn't work out.
ISC StormCast for Wednesday, December 22nd, 2021
4 weeks agoMore Undetected PowerShell Droppershttps://isc.sans.
edu/forums/diary/More+Und
etected+PowerShell+Droppe
r/28158/
Apache Patcheshttps://httpd.apac
he.org/security/vulnerabi
lities_24.html
Auerswald COMpact Multiple Backdoorshttps://www.redt
eam-pentesting.de/en ...
SN 850: It's a Log4j Christmas - Another Chrome 0-Day, Cloud Clipboard Disabled, Wi-Fi/Bluetooth Leakage
4 weeks agoPicture of the Week. Google's 16th exploited Chrome 0-day of the year. Firefox refuses to do Microsoft.com! Firefox disabled Microsoft's Cloud Clipboard. Weaknesses in all cellular networks since 2G. Cross Wi-Fi / Bluetooth leakage. "The Matrix Resurrecti ...
Apache’s other product: Critical bugs in ‘httpd’ web server, patch now!
4 weeks agoThe Apache web server just got an update - this one is nothing to do with Log4j!
ISC StormCast for Tuesday, December 21st, 2021
4 weeks agoPowerPoint Atachments: Agent Tesla and Code Reuse in Malwarehttps://isc.sans.e
du/forums/diary/PowerPoin
t+attachments+Agent+Tesla
+and+code+reuse+in+malwar
e/28154/
VMWare Workspace ONE Patch / log4j statushttps://www.vmware.
com/security/advisories.h
tml
Atta ...
Log4Shell: The Movie… a short, safe visual tour for work and home
4 weeks agoBe happy that your sysadmins are taking one (three, actually!) for the team right now... here's why!
Ep. 160 - Security Awareness Series - Go To The Source So There's No Remorse with Adam Levin
4 weeks agoThis month, Chris Hadnagy and Ryan MacDougall are joined by Adam Levin. Adam is a nationally recognized expert on cybersecurity, privacy, identity theft, fraud, and personal finance and has distinguished himself as a fierce consumer advocate for the p ...
ISC StormCast for Monday, December 20th, 2021
1 month agoDisaster Recovery Automation Using Public DNS APIshttps://isc.sans.edu/
forums/diary/DR+Automatio
n+Using+Public+DNS+APIs/2
8146/
Office 2021: VBA Project Versionhttps://isc.sans.e
du/forums/diary/Office+20
21+VBA+Project+Version/28
150/
Log4j Updateshttps://ww ...
Serious Security: OpenSSL fixes “error conflation” bugs – how mixing up mistakes can lead to trouble
1 month agoHave you ever seen the message "An error occurred"? Even worse, the message "This error cannot occur"? Facts matter!
ISC StormCast for Friday, December 17th, 2021
1 month agoHow the "Contact Forms" Campaign Tricks Peoplehttps://isc.sans.ed
u/forums/diary/How+the+Co
ntact+Forms+campaign+tric
ks+people/28142/
Bluetoot
h Used to Extract WiFi Secretshttps://arxiv.org/
pdf/2112.05719.pdf
Lenovo Privilege Escalation Vulnerabilityhttps:/ ...
S3 Ep63: Log4Shell (what else?) and Apple kernel bugs [Podcast+Transcript]
1 month agoLatest episode - listen now! (Yes, there are plenty of critical things to go along with Log4Shell.)
ISC StormCast for Thursday, December 16th, 2021
1 month agoUndetected Powershell Backdoorhttps://isc.sans.
edu/forums/diary/Simple+b
ut+Undetected+PowerShell+
Backdoor/28138/
Adobe Security Updateshttps://helpx.adob
e.com/security.html
Remot
e Deserialization Bug in Microsoft RDP Client Through Smart Card Extensionhtt ...
ISC StormCast for Wednesday, December 15th, 2021
1 month agoMicrosoft Patcheshttps://isc.sans.e
du/forums/diary/Microsoft
+December+2021+Patch+Tues
day/28132/
Log4j Updateshttps://isc.sans.e
du/forums/diary/Log4j+215
0+and+previously+suggeste
d+mitigations+may+not+be+
enough/28134/
Log4j Scannerhttps://github.com
/dtact/d ...
SN 849: Log4j & Log4Shell - Apple AirTag Abuse, Amazon Outage and Cloud Dependence, New WordPress Threats
1 month agoPicture of the Week.
Amazon outage and cloud dependence.
AirTag Abuse.
Windows 11 vs Your Browser of Choice.
WordPress once again in the crosshairs.
Closing the Loop.
Sci-Fi.
SpinRite.
L
og4j & Log4Shell.
We invite you to read our show notes at https://www ...
Apple security updates are out – and not a Log4Shell mention in sight
1 month agoGet 'em while they're hot!
ISC StormCast for Tuesday, December 14th, 2021
1 month agoLog4Shell Becoming Part of the Day to Day Grindhttps://isc.sans.edu
/forums/diary/Log4Shell+e
xploited+to+implant+coin+
miners/28124/https://www.
youtube.com/watch?v=oC2PZ
B5D3Ys
Google Chrome Updatehttps://chromerelea
ses.googleblog.com/2021/1
2/stable-channel- ...
Log4j Detection and Response Playbook
1 month agoOn December 09, 2021, a severe vulnerability for Apache Log4j was released (CVE-2021-44228). This vulnerability, also known as Log4Shell, allows remote code execution in many applications through web requests and without authentication. Almost immediately ...
Ep. 159 - Human Element Series - Can You Fly A Helicopter with Anne-Maartje Oud
1 month agoThis month Chris Hadnagy is joined by our good friend, Anne-Maartje Oud. For 20 years Anne-Maartje has been a behavioral advisor, consultant, chairwoman, and keynote speaker. On top of that she is the CEO and founder of The Behavior Company based in Amste ...
ISC StormCast for Monday, December 13th, 2021
1 month agoRemote Code Execution in log4j2https://isc.sans.ed
u/forums/diary/RCE+in+log
4j+Log4Shell+or+how+thing
s+can+get+bad+quickly/281
20/
Log4j Zero Dayhttps://www.lunasec.io
/docs/blog/log4j-zero-day
/
Log4j2/Log4Shell Followup: What we see and how to defend and ho ...
Log4Shell explained – how it works, why you need to know, and how to fix it
1 month agoFind out how to deal with the Log2Shell vulnerability right across your estate. Yes, you need to patch, but that helps everyone else along with you!
“Log4Shell” Java vulnerability – how to safeguard your servers
1 month agoJust when you thought it was safe to relax for the weekend... a critical bug showed up in Apache's Log4j product
ISC StormCast for Friday, December 10th, 2021
1 month agoPhishing Direct Messages via Discordhttps://isc.sans.e
du/forums/diary/Phishing+
Direct+Messages+via+Disco
rd/28114/
Vulnerable Microtik Routershttps://eclypsium.
com/2021/12/09/when-honey
-bees-become-murder-horne
ts/
log4j RCE 0-dayhttps://www.lunasec.
io/docs ...
Risky Biz Soap Box: Why Thinkst gives its honeytoken tech away for free
1 month agoThis isn’t the normal weekly news episode of the show, if you’re looking for the regular weekly Risky Business podcast, scroll one back in your podcast feed. This is a Soap Box edition, a wholly sponsored podcast brought to you in this instance by Thi ...
S3 Ep62: The S in IoT stands for security (and much more) [Podcast+Transcript]
1 month agoListen now or read as an article! (Full transcript inside.)
Hacking the My Arcade Contra Pocket Player – Part I
1 month agoIntro I was at my local Target recently and spotted the section near the video games, where there were some little collectable arcade systems and handhelds that play games like Pac-Man, Galaga, and Contra. Figure 1 – Target Arcade Games and Handhe ...
ISC StormCast for Thursday, December 9th, 2021
1 month agoDecember 2021 Forensic Challengehttps://isc.sans
.edu/forums/diary/Decembe
r+2021+Forensic+Challenge
/28108/
Microsoft and GitHub OAuth Implementation Vulnerabilities Lead to Redirection Attackshttps://www.proofp
oint.com/us/blog/cloud-se
curity/microsoft-and- ...
ISC StormCast for Wednesday, December 8th, 2021
1 month agoWebshells, Webshells everywhere!https://isc.sa
ns.edu/forums/diary/Websh
ells+Webshells+everywhere
/28106/
AWS Outagehttps://status.aws.
amazon.com
Misconfigured Kafdrop Puts Companies' Apache Kafka Completely Exposedhttps://spectralop
s.io/blog/misconfigured- ...
SN 848: XSinator - NSS Has a Bug, Botnet on the Blockchain, HP's Vulnerable Printers, Microsoft Edge Relief
1 month agoPicture of the Week. Tavis finds a bad bug in NSS. Cheap Smartwatches for kids and babies? Additional VPN vendors just say no to Roskomnadzor! Windows 11 loosens its grip on Edge. RTF Templates being used to inject malicious content. A Malicious Botnet us ...
Risky Business #648 -- Adios, 2021, it's been real
1 month agoOn this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: NSO Group tools found on US embassy staff phones in Uganda Mitto is up to shady bidnez Ubiquiti “whistleblower” charged over hack Hounds everywhe ...
Firefox update brings a whole new sort of security sandbox
1 month agoFirefox 95.0 is out, with the usual security fixes... plus some funky new ones.
ISC StormCast for Tuesday, December 7th, 2021
1 month agoThe Importance of Out of Band Networkshttps://isc.sans.
edu/forums/diary/The+Impo
rtance+of+OutofBand+Netwo
rks/28102/
Kaseya Unitrends Backup Appliance Updateshttps://helpdesk.k
aseya.com/hc/en-gb/articl
es/4412762258961
Is KAX17 Performing De-Anonymization A ...
Cryptocurrency startup fails to subtract before adding, loses $31m
1 month agoThink of a number, any number. Take away 42. Add 42 back in. Then pretend you didn't take away 42. How much is left?
ISC StormCast for Monday, December 6th, 2021
1 month agoThe UPX Packer will never diehttps://isc.sans.edu/f
orums/diary/The+UPX+Packe
r+Will+Never+Die/28096/
S
urvey of Airgap Attackshttps://www.welive
security.com/2021/12/01/j
umping-air-gap-15-years-n
ation-state-effort/
Ubiqu
ity Victim of Insider Extortionhttps:/ ...
Mozilla patches critical “BigSig” cryptographic bug: Here’s how to track it down and fix it
1 month agoMozilla's cryptographic code had a critical bug. Problem is that numerous apps are affected and may need patching individually.
ISC StormCast for Friday, December 3rd, 2021
1 month agoTA551 (Shathak) Pushes IcedID (Bokbot)https://isc.sans.
edu/forums/diary/TA551+Sh
athak+pushes+IcedID+Bokbo
t/28092/
pip-audit scanning Python packages for known vulnerabilitieshttps://py
pi.org/project/pip-audit/
Wifi Router Flawshttps://www.iot-insp
ector.co ...
S3 Ep61: Call scammers, cloud insecurity, and facial recognition creepiness [Podcast]
1 month agoLatest episode - listen now!
IoT devices must “protect consumers from cyberharm”, says UK government
1 month ago"Must be at least THIS tall to go on ride" seems to be the starting point. Too little, too late? Or better than nothing?
ISC StormCast for Thursday, December 2nd, 2021
1 month agoInfo-Stealer Using webhook.site to Exfiltrate Datahttps://isc.sans.edu/
forums/diary/InfoStealer+
Using+webhooksite+to+Exfi
ltrate+Data/28088/
Mozill
a NSS Library Vulnerabilityhttps://bugs
.chromium.org/p/project-z
ero/issues/detail?id=2237
EwDoor Botnet is At ...
ISC StormCast for Wednesday, December 1st, 2021
1 month agoHunting for PHPUnit Installed via Composerhttps://isc.sans.
edu/forums/diary/Hunting+
for+PHPUnit+Installed+via
+Composer/28084/
Microsof
t Defender Scares Admins with Emotet False Positivieshttps://www.ble
epingcomputer.com/news/mi
crosoft/microsoft-defende
r-s ...
SN 847: Bogons Begone! - 0-Day Windows Exploit, Major MediaTek Flaw, Super Duper Secure Mode
1 month agoPicture of the Week. "Super Duper Secure Mode" 37% of the world's smartphones are vulnerable. The RAT Dispenser. The Entirely Predictable 0-Day Windows Exploit. "The Frontiers Saga: Fringe Worlds" Closing the Loop. Bogons Begone! We invite you to read our ...
Risky Business #647 -- Israel slashes cyber exports, Interpol takes down 1,000 crooks
1 month agoOn this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Israel slashes number of countries it will export cyber tools to Interpol takes down 1,000 Internet fraudsters Ransomware crews lying low? When the t ...
Controversial face matchers Clearview set to be fined over $20m
1 month agoScraping data for a facial recognition service? "That's unlawful", concluded both the British and the Australians.
ISC StormCast for Tuesday, November 30th, 2021
1 month agoWireshark 3.6.0 Releasedhttps://isc.sans.
edu/forums/diary/Wireshar
k+360+Released/28076/
Goo
gle Cloud Security Reporthttps://services.go
ogle.com/fh/files/misc/gc
at_threathorizons_full_no
v2021.pdf
Zoom Patchhttps://explore.zoom
.us/en/trust/security/sec
urity ...
ISC StormCast for Monday, November 29th, 2021
1 month agoPhishing Pages Hiding Itself Using Dynamically Adjusted IP Based Allow Listhttps://isc.sans.edu/
forums/diary/Phishing+pag
e+hiding+itself+using+dyn
amically+adjusted+IPbased
+allow+list/28070/
Trickb
ot Phishing Checks Screen Resolution to Evade Researchersht ...
Cloud Security: Don’t wait until your next bill to find out about an attack!
1 month agoCloud security is the best sort of altruism: you need to do it to protect yourself, but you help to protect everyone else at the same time.
S3 Ep60: Exchange exploit, GoDaddy breach and cookies made public [Podcast]
1 month agoLatest episode - listen now! Solid cybersecurity advice in plain English.
US government securities watchdog spoofed by investment scammers – don’t fall for it!
1 month agoThose numbers that show up on your phone to tell you who's calling? Treat them as SUGGESTIONS, never as PROOF.
ISC StormCast for Wednesday, November 24th, 2021
1 month agoYARA Rule for OOXML Maldocs: Less False Positiveshttps://isc.sans
.edu/forums/diary/YARA+Ru
le+for+OOXML+Maldocs+Less
+False+Positives/28066/
Z
ero-Day Windows Installer Exploithttps://www.bleepi
ngcomputer.com/news/secur
ity/malware-now-trying-to
-exploit-new-w ...
SN 846: HTTP Request Smuggling - NetGear Routers 0-Day, The Most Brute Forced Passwords, GoDaddy Breach
1 month agoPicture of the Week. An idea whose time has passed... The stats of brute force password attacks. The Most Common Passwords. GoDaddy Breached Bigtime! A heads-up about NetGear routers. HTTP Request Smuggling. We invite you to read our show notes at https:/ ...
Risky Business #646 -- Apple cracks the sads, sues NSO Group
1 month agoOn this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Apple sues NSO Group and it’s all a bit weird Israel charges defence minister’s house cleaner with Iranian hacker collusion (really) USA charges tw ...