security.didici.cc

ISC StormCast for Wednesday, January 19th, 2022

2 hours ago

Phishing E-Mail With an Advertisement https://isc.sans.edu/foru
ms/diary/Phishing+email+w
ithan+advertisement/28250
/ Virustotal Credential https://www.safebreach.co
m/blog/2022/the-perfect-c
yber-crime/ Oracle Quarterly Critical Patch Update https://www.or ...

SN 854: Anatomy of a Log4j Exploit - Buggy KCode, WordPress Security

3 hours ago

Picture of the Week "Hack the Pentagon" with Log4j Open Source Software Security Summit Microsoft's January Patch Tuesday Review: The GOOD News Microsoft's January Patch Tuesday Review: The Not So Good News Check Your Router Firmware Updates Chrome to Imp ...

Serious Security: Apple Safari leaks private data via database API – what you need to know

11 hours ago

Researchers at browser identification company FingerprintJS recently found and disclosed a fascinating data leakage bug in Apple’s web browser software. Technically, the bug exists in Apple’s open source WebKit “browser engine”, which means it aff ...

SeeYouCM-Thief: Exploiting common misconfigurations in Cisco phone systems

14 hours ago

1.1      Intro I spent my early IT career working for a Cisco partner that specialized in Cisco phone systems. My work wasn’t directly with the phone systems, but it was usually in an adjacent field like route/switch and security. I did, however ...

ISC StormCast for Tuesday, January 18th, 2022

1 day ago

Log4Shell Attacks Getting Smarter https://isc.sans.edu/foru
ms/diary/Log4Shell+Attack
s+Getting+Smarter/28246/
Microsoft Releases Special Update to Deal with January Update Fail https://www.bleepingcompu
ter.com/news/microsoft/mi
crosoft-releases-oob-upda
te ...

Romance scammer who targeted 670 women gets 28 months in jail

1 day ago

Found love online? Sending them money? Friends and family warning you it could be a scam? Don't be too quick to dismiss their concerns...

Ep. 162 - Security Awareness Series - What Cows Can Teach You About Infosec with John Strand

1 day ago

This month Chris Hadnagy and Ryan MacDougall are joined by John Strand from Black Hills Information Security. John has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing.  He is ...

ISC StormCast for Monday, January 17th, 2022

2 days ago

Use of Alternate Data Streams in Research Scans https://isc.sans.edu/foru
ms/diary/Use+of+Alternate
+Data+Streams+in+Research
+Scans+for+indexjsp/28240
/ Microsoft Resumes Windows Server 2019 Cumulative Updates https://www.bleepingcompu
ter.com/news/microsof ...

Ep. Special Edition 001 - Human Element Series - Covid-19 Test Site Scams

2 days ago

This is a special edition of Social-Engineer's Human Element Series Podcast.  Chris Hadnagy will discuss Covid-19 testing site scams, and how you can protect yourself against them. [January 14, 2022]   00:00 – Intro social-engineer.com/ social-engine ...

Serious Security: Linux full-disk encryption bug fixed – patch now!

4 days ago

Imagine if someone who didn't have your password could sneakily modify data that was encrypted with it.

REvil ransomware crew allegedly busted in Russia, says FSB

4 days ago

The Russian Federal Security Bureau has just published a report about the investigation and arrest of the infamous "REvil" ransomware crew.

ISC StormCast for Friday, January 14th, 2022

5 days ago

MSFT Patch Issues https://borncity.com/win/
2022/01/12/patchday-windo
ws-8-1-server-2012-r2-upd
ates-11-januar-2022-mglic
he-boot-probleme/ https://support.microsoft
.com/en-us/topic/january-
11-2022-kb5009624-monthly
-rollup-23f4910b-6bdd-475
c-bb4d-c0e961aff0 ...

Risky Biz Soap Box: Rolling your own threat intelligence with Steve Miller

5 days ago

In this edition of the soap box we’re chatting with Steve Miller, the head of threat intelligence at Stairwell. Steve has a long history doing this sort of stuff. He worked inside various bits of the US government doing cyber things, and also spent a de ...

Risky Biz Soap Box: Rolling your own threat intelligence with Steve Miller

5 days ago

In this edition of the soap box we’re chatting with Steve Miller, a senior researcher at Stairwell. Steve has a long history doing this sort of stuff. He worked inside various bits of the US government doing cyber things, and also spent a decent chunk o ...

Real or Fake? Spoof-Proofing Email With SPF, DKIM, and DMARC

5 days ago

I briefly mentioned using DKIM to verify an email’s sender in a previous blog post that described the steps I took to determine whether a suspicious email was legitimate or a phishing attempt. In this post, we will take a deeper dive into how organizati ...

ISC StormCast for Thursday, January 13th, 2022

6 days ago

A Quick CVE-2022-21907 FAQ https://isc.sans.edu/foru
ms/diary/A+Quick+CVE20222
1907+FAQ+work+in+progress
/28234/ Details Released Regarding Patched Sonicwall Vulnerabilities https://www.rapid7.com/bl
og/post/2022/01/11/cve-20
21-20038-42-sonicwall-sma
-100-mu ...

Wormable Windows HTTP hole – what you need to know

6 days ago

One bug in the January 2022 Patch Tuesday list is getting lots of attention: "HTTP Protocol Stack Remote Code Execution Vulnerability".

ISC StormCast for Wednesday, January 12th, 2022

1 week ago

Microsoft Patch Tuesday - January 2022 https://isc.sans.edu/foru
ms/diary/Microsoft+Patch+
Tuesday+January+2022/2823
0/ Adobe Updates https://helpx.adobe.com/s
ecurity.html

SN 853: URL Parsing Vulnerabilities - US CISA on Log4J, WordPress Security Update, What Is a Pluton

1 week ago

Picture of the Week. The US CISA Log4J status update. The H2 Database Console vulnerability. The Federal Trade Commission gets into the act! Chrome fixed 37 known problems last week. The Privacy-first Brave browser. WordPress 5.8.3 security update. What, ...

Risky Business #650 -- USG drops Russia advisory as Ukraine tensions mount

1 week ago

On this week’s show Patrick Gray, Katie Nickels and Joe Slowik discuss the week’s security news, including: US Government warns of impending critical infrastructure hacks Log4j bug in VMWare gets a workout Ex Uber CSO Joe Sullivan facing wire ...

Home routers with NetUSB support could have critical kernel hole

1 week ago

Got a router that supports USB access across the network? You might need a kernel update...

Real or Fake? How to Spoof Email

1 week ago

I briefly mentioned how easy it is to forge email sender addresses in a previous blog post that described the steps I took to determine whether a suspicious email was legitimate or a phishing attempt. In this post, we will take a deeper dive into why emai ...

ISC StormCast for Tuesday, January 11th, 2022

1 week ago

New MacOS Vulnerability Could Lead to Unauthorized User Data Access https://www.microsoft.com
/security/blog/2022/01/10
/new-macos-vulnerability-
powerdir-could-lead-to-un
authorized-user-data-acce
ss Exploiting URL Parsers https://claroty.com/wp-co
ntent/upl ...

JavaScript developer destroys own projects in supply chain “lesson”

1 week ago

Two popular open source JavaScript packages recently got "hacked" in a smbolic gesture by the original project creator.

Ep. 161 - Human Element Series - Do You Want To Go Fast Or Far with Amy Herman

1 week ago

This month Chris Hadnagy is joined by the fascinating Amy Herman. Amy is a lawyer and an art historian who uses works of art to sharpen observation, analysis, and communication skills. She developed her Art of Perception seminar in 2000 and since then ha ...

ISC StormCast for Monday, January 10th, 2022

1 week ago

Extracting Cobalt Strike Beacons from MSBuild Scripts https://isc.sans.edu/foru
ms/diary/Extracting+Cobal
t+Strike+Beacons+from+MSB
uild+Scripts/28200/ The JNDI Strikes Back: Unauthenticated RCE in H2 Database Console https://jfrog.com/blog/th
e-jndi-strike ...

Honda cars in flashback to 2002 – “Can’t Get You Out Of My Head”

1 week ago

Where were YOU on the night of 17 May 2002? And what about the day after that?

Log4Shell-like security hole found in popular Java SQL database engine H2

1 week ago

"It's Log4Shell, Jim, but not as we know it." How to find and fix a JNDI-based vuln in the H2 Database Engine.

ISC StormCast for Friday, January 7th, 2022

1 week ago

Malicious Python Script Targeting Chinese People https://isc.sans.edu/foru
ms/diary/Malicious+Python
+Script+Targeting+Chinese
+People/28220/ Google Docs Comment Exploit Allows for Distribution of Phishing and Malware https://www.avanan.com/bl
og/google-doc ...

An ‘Attack Path’ Mapping Approach to CVEs 2021-42287 and 2021-42278

1 week ago

1.0 Introduction On Friday, December 10, 2021, Charlie Clark (@exploitph) published a blog post detailing the weaponization of CVEs 2021-42287 and 2021-42278. In the blog post, Charlie extensively covered the background of the vulnerabilities, how the ...

ISC StormCast for Thursday, January 6th, 2022

1 week ago

Code Reuse in the Malware Landscape https://isc.sans.edu/foru
ms/diary/Code+Reuse+In+th
e+Malware+Landscape/28216
/ ZLoader Campaign Exploiting Signature Verification Bug https://research.checkpoi
nt.com/2022/can-you-trust
-a-files-digital-signatur
e-new-zloa ...

FTC threatens “legal action” over unpatched Log4j and other vulns

1 week ago

Remember the Equifax breach? Remember the $700m penalty? In case you'd forgotten, here's the FTC to refresh your memory!

ISC StormCast for Wednesday, January 5th, 2022

2 weeks ago

A Simple Batch File That Blocks People https://isc.sans.edu/foru
ms/diary/A+Simple+Batch+F
ile+That+Blocks+People/28
212/ Windows Server Remote Desktop Emergency Update https://docs.microsoft.co
m/en-us/windows/release-h
ealth/windows-message-cen
ter#2772 Mal ...

SN 852: December 33rd - Log4j Update, RSA Postponed, Hack the DHS Expanded, Cyber Insurance Cost Rising

2 weeks ago

Picture of the Week. Log4j's 5th update. Microsoft's Log4j scanner triggers false positives. Chinese government is annoyed with Alibaba. "Hack the DHS" Bug Bounty Expanded. COVID postpones the RSA Conference. DuckDuckGo continues to grow. The cost of cybe ...

Risky Business #649 -- Java being a fiddly mess saves the day

2 weeks ago

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: The log4j bug wrap The ransomware wrap The human rights and surveillance industry wrap Research and carnage wrap This week’s show is brought t ...

Apple Home software bug could lock you out of your iPhone

2 weeks ago

The finder of this bug insists it "poses a serious risk". We're not so sure, but we recommend you take steps to avoid it anyway.

ISC StormCast for Tuesday, January 4th, 2022

2 weeks ago

McAfee Phishing Campaign with a Nice Fake Scanhttps://isc.sans.edu/
forums/diary/McAfee+Phish
ing+Campaign+with+a+Nice+
Fake+Scan/28208/ Trend Micro Apex One Patchhttps://success.tren
dmicro.com/solution/00028
9996 E-commerce Bots Using Cheap Domain Registrati ...

ISC StormCast for Monday, January 3rd, 2022

2 weeks ago

Exchange Server Year 2022 Bughttps://isc.sans.edu/f
orums/diary/Exchange+Serv
er+Email+Trapped+in+Trans
port+Queues/28204/https:/
/techcommunity.microsoft.
com/t5/exchange-team-blog
/email-stuck-in-exchange-
on-premises-transport-que
ues/ba-p/3049447 Agent Tesla ...

Instagram copyright infringment scams – don’t get sucked in!

2 weeks ago

We deconstructed a copyright phish so you don't have to. Be warned: the crooks are getting better at these scams...

ISC StormCast for Thursday, December 30th, 2021

2 weeks ago

Log4j 2 Security Vulnerabilities Update Guidehttps://isc.sans.edu
/forums/diary/Log4j+2+Sec
urity+Vulnerabilities+Upd
ate+Guide/28188/ Microsof
t Defender Log4j False Positiveshttps://www.blee
pingcomputer.com/news/mic
rosoft/microsoft-defender
-log4j-scanner-tr ...

Log4Shell vulnerability Number Four: “Much ado about something”

2 weeks ago

It's a Log4j bug, and you ought to patch it. But we don't think it's a critical crisis like the last one.

ISC StormCast for Wednesday, December 29th, 2021

3 weeks ago

Log4j Vulnerablity CVE-2021-44832https://log
ging.apache.org/log4j/2.x
/security.html#CVE-2021-4
4832 LotL Classifiershttps://isc.sa
ns.edu/forums/diary/LotL+
Classifier+tests+for+shel
ls+exfil+and+miners/28184
/ LastPass Credential Stuffinghttps://www.bleep
ingc ...

SN 851: Best of 2021 - The Year's Best Stories on Security Now

3 weeks ago

Leo Laporte walks through some of the highlights of the show and most impactful stories of 2021. Stories include: SolarWinds Hack Detailed By Microsoft Crispy Subtitles from Lay's Remembering Dan Kaminsky REvil Hacks Apple Supplier Quanta Computer The "D ...

ISC StormCast for Tuesday, December 28th, 2021

3 weeks ago

Attackers are Abusing MSBuild to Evade Defenses and Implant Cobalt Strike Beaconshttps://isc.sans.e
du/forums/diary/Attackers
+are+abusing+MSBuild+to+e
vade+defenses+and+implant
+Cobalt+Strike+beacons/28
180/ Bypassing File Quarantine, Gatekeeper and Notarizat ...

ISC StormCast for Monday, December 27th, 2021

3 weeks ago

Log4j/Log4Shell and Cloud Internal Meta Data Serviceshttps://isc.sans.
edu/forums/diary/log4shel
l+and+cloud+provider+inte
rnal+meta+data+services+I
MDS/28168/https://isc.san
s.edu/forums/diary/Defend
ing+Cloud+IMDS+Against+lo
g4shell+and+more/28170/ L
og4j/Log4S ...

SFW! The Top N Cyber­security Stories of 2021 (for small positive integer values of N)

3 weeks ago

Happy Holidays! Our Top N stories, all totally SFW!

The cool retro phone with a REAL DIAL… plus plenty of IoT problems

3 weeks ago

You know you want one, because this retro phone is NOT A TOY... except when it comes to cybersecurity.

ISC StormCast for Thursday, December 23rd, 2021

3 weeks ago

Forensics Challenge Solutionhttps://isc.sans.
edu/forums/diary/December
+2021+Forensic+Contest+An
swers+and+Analysis/28160/
CAB-less 40444https://news.sophos.
com/en-us/2021/12/21/atta
ckers-test-cab-less-40444
-exploit-in-a-dry-run/ El
lume COVID Home Test Weak ...

Plundered bitcoins recovered by FBI – all 3,879-and-one-sixth of them!

3 weeks ago

Phew! An audacious crime... that didn't work out.

ISC StormCast for Wednesday, December 22nd, 2021

4 weeks ago

More Undetected PowerShell Droppershttps://isc.sans.
edu/forums/diary/More+Und
etected+PowerShell+Droppe
r/28158/ Apache Patcheshttps://httpd.apac
he.org/security/vulnerabi
lities_24.html Auerswald COMpact Multiple Backdoorshttps://www.redt
eam-pentesting.de/en ...

SN 850: It's a Log4j Christmas - Another Chrome 0-Day, Cloud Clipboard Disabled, Wi-Fi/Bluetooth Leakage

4 weeks ago

Picture of the Week. Google's 16th exploited Chrome 0-day of the year. Firefox refuses to do Microsoft.com! Firefox disabled Microsoft's Cloud Clipboard. Weaknesses in all cellular networks since 2G. Cross Wi-Fi / Bluetooth leakage. "The Matrix Resurrecti ...

Apache’s other product: Critical bugs in ‘httpd’ web server, patch now!

4 weeks ago

The Apache web server just got an update - this one is nothing to do with Log4j!

ISC StormCast for Tuesday, December 21st, 2021

4 weeks ago

PowerPoint Atachments: Agent Tesla and Code Reuse in Malwarehttps://isc.sans.e
du/forums/diary/PowerPoin
t+attachments+Agent+Tesla
+and+code+reuse+in+malwar
e/28154/ VMWare Workspace ONE Patch / log4j statushttps://www.vmware.
com/security/advisories.h
tml Atta ...

Log4Shell: The Movie… a short, safe visual tour for work and home

4 weeks ago

Be happy that your sysadmins are taking one (three, actually!) for the team right now... here's why!

Ep. 160 - Security Awareness Series - Go To The Source So There's No Remorse with Adam Levin

4 weeks ago

This month, Chris Hadnagy and Ryan MacDougall are joined by Adam Levin.  Adam is a nationally recognized expert on cybersecurity, privacy, identity theft, fraud, and personal finance and has distinguished himself as a fierce consumer advocate for the p ...

ISC StormCast for Monday, December 20th, 2021

1 month ago

Disaster Recovery Automation Using Public DNS APIshttps://isc.sans.edu/
forums/diary/DR+Automatio
n+Using+Public+DNS+APIs/2
8146/ Office 2021: VBA Project Versionhttps://isc.sans.e
du/forums/diary/Office+20
21+VBA+Project+Version/28
150/ Log4j Updateshttps://ww ...

Serious Security: OpenSSL fixes “error conflation” bugs – how mixing up mistakes can lead to trouble

1 month ago

Have you ever seen the message "An error occurred"? Even worse, the message "This error cannot occur"? Facts matter!

ISC StormCast for Friday, December 17th, 2021

1 month ago

How the "Contact Forms" Campaign Tricks Peoplehttps://isc.sans.ed
u/forums/diary/How+the+Co
ntact+Forms+campaign+tric
ks+people/28142/ Bluetoot
h Used to Extract WiFi Secretshttps://arxiv.org/
pdf/2112.05719.pdf Lenovo Privilege Escalation Vulnerabilityhttps:/ ...

S3 Ep63: Log4Shell (what else?) and Apple kernel bugs [Podcast+Transcript]

1 month ago

Latest episode - listen now! (Yes, there are plenty of critical things to go along with Log4Shell.)

ISC StormCast for Thursday, December 16th, 2021

1 month ago

Undetected Powershell Backdoorhttps://isc.sans.
edu/forums/diary/Simple+b
ut+Undetected+PowerShell+
Backdoor/28138/ Adobe Security Updateshttps://helpx.adob
e.com/security.html Remot
e Deserialization Bug in Microsoft RDP Client Through Smart Card Extensionhtt ...

ISC StormCast for Wednesday, December 15th, 2021

1 month ago

Microsoft Patcheshttps://isc.sans.e
du/forums/diary/Microsoft
+December+2021+Patch+Tues
day/28132/ Log4j Updateshttps://isc.sans.e
du/forums/diary/Log4j+215
0+and+previously+suggeste
d+mitigations+may+not+be+
enough/28134/ Log4j Scannerhttps://github.com
/dtact/d ...

SN 849: Log4j & Log4Shell - Apple AirTag Abuse, Amazon Outage and Cloud Dependence, New WordPress Threats

1 month ago

Picture of the Week. Amazon outage and cloud dependence. AirTag Abuse. Windows 11 vs Your Browser of Choice. WordPress once again in the crosshairs. Closing the Loop. Sci-Fi. SpinRite. L
og4j & Log4Shell. We invite you to read our show notes at https://www ...

ISC StormCast for Tuesday, December 14th, 2021

1 month ago

Log4Shell Becoming Part of the Day to Day Grindhttps://isc.sans.edu
/forums/diary/Log4Shell+e
xploited+to+implant+coin+
miners/28124/https://www.
youtube.com/watch?v=oC2PZ
B5D3Ys Google Chrome Updatehttps://chromerelea
ses.googleblog.com/2021/1
2/stable-channel- ...

Log4j Detection and Response Playbook

1 month ago

On December 09, 2021, a severe vulnerability for Apache Log4j was released (CVE-2021-44228). This vulnerability, also known as Log4Shell, allows remote code execution in many applications through web requests and without authentication. Almost immediately ...

Ep. 159 - Human Element Series - Can You Fly A Helicopter with Anne-Maartje Oud

1 month ago

This month Chris Hadnagy is joined by our good friend, Anne-Maartje Oud. For 20 years Anne-Maartje has been a behavioral advisor, consultant, chairwoman, and keynote speaker. On top of that she is the CEO and founder of The Behavior Company based in Amste ...

ISC StormCast for Monday, December 13th, 2021

1 month ago

Remote Code Execution in log4j2https://isc.sans.ed
u/forums/diary/RCE+in+log
4j+Log4Shell+or+how+thing
s+can+get+bad+quickly/281
20/ Log4j Zero Dayhttps://www.lunasec.io
/docs/blog/log4j-zero-day
/ Log4j2/Log4Shell Followup: What we see and how to defend and ho ...

Log4Shell explained – how it works, why you need to know, and how to fix it

1 month ago

Find out how to deal with the Log2Shell vulnerability right across your estate. Yes, you need to patch, but that helps everyone else along with you!

“Log4Shell” Java vulnerability – how to safeguard your servers

1 month ago

Just when you thought it was safe to relax for the weekend... a critical bug showed up in Apache's Log4j product

ISC StormCast for Friday, December 10th, 2021

1 month ago

Phishing Direct Messages via Discordhttps://isc.sans.e
du/forums/diary/Phishing+
Direct+Messages+via+Disco
rd/28114/ Vulnerable Microtik Routershttps://eclypsium.
com/2021/12/09/when-honey
-bees-become-murder-horne
ts/ log4j RCE 0-dayhttps://www.lunasec.
io/docs ...

Risky Biz Soap Box: Why Thinkst gives its honeytoken tech away for free

1 month ago

This isn’t the normal weekly news episode of the show, if you’re looking for the regular weekly Risky Business podcast, scroll one back in your podcast feed. This is a Soap Box edition, a wholly sponsored podcast brought to you in this instance by Thi ...

S3 Ep62: The S in IoT stands for security (and much more) [Podcast+Transcript]

1 month ago

Listen now or read as an article! (Full transcript inside.)

Hacking the My Arcade Contra Pocket Player – Part I

1 month ago

Intro I was at my local Target recently and spotted the section near the video games, where there were some little collectable arcade systems and handhelds that play games like Pac-Man, Galaga, and Contra. Figure 1 – Target Arcade Games and Handhe ...

ISC StormCast for Thursday, December 9th, 2021

1 month ago

December 2021 Forensic Challengehttps://isc.sans
.edu/forums/diary/Decembe
r+2021+Forensic+Challenge
/28108/ Microsoft and GitHub OAuth Implementation Vulnerabilities Lead to Redirection Attackshttps://www.proofp
oint.com/us/blog/cloud-se
curity/microsoft-and- ...

ISC StormCast for Wednesday, December 8th, 2021

1 month ago

Webshells, Webshells everywhere!https://isc.sa
ns.edu/forums/diary/Websh
ells+Webshells+everywhere
/28106/ AWS Outagehttps://status.aws.
amazon.com Misconfigured Kafdrop Puts Companies' Apache Kafka Completely Exposedhttps://spectralop
s.io/blog/misconfigured- ...

SN 848: XSinator - NSS Has a Bug, Botnet on the Blockchain, HP's Vulnerable Printers, Microsoft Edge Relief

1 month ago

Picture of the Week. Tavis finds a bad bug in NSS. Cheap Smartwatches for kids and babies? Additional VPN vendors just say no to Roskomnadzor! Windows 11 loosens its grip on Edge. RTF Templates being used to inject malicious content. A Malicious Botnet us ...

Risky Business #648 -- Adios, 2021, it's been real

1 month ago

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: NSO Group tools found on US embassy staff phones in Uganda Mitto is up to shady bidnez Ubiquiti “whistleblower” charged over hack Hounds everywhe ...

Firefox update brings a whole new sort of security sandbox

1 month ago

Firefox 95.0 is out, with the usual security fixes... plus some funky new ones.

ISC StormCast for Tuesday, December 7th, 2021

1 month ago

The Importance of Out of Band Networkshttps://isc.sans.
edu/forums/diary/The+Impo
rtance+of+OutofBand+Netwo
rks/28102/ Kaseya Unitrends Backup Appliance Updateshttps://helpdesk.k
aseya.com/hc/en-gb/articl
es/4412762258961 Is KAX17 Performing De-Anonymization A ...

Cryptocurrency startup fails to subtract before adding, loses $31m

1 month ago

Think of a number, any number. Take away 42. Add 42 back in. Then pretend you didn't take away 42. How much is left?

ISC StormCast for Monday, December 6th, 2021

1 month ago

The UPX Packer will never diehttps://isc.sans.edu/f
orums/diary/The+UPX+Packe
r+Will+Never+Die/28096/ S
urvey of Airgap Attackshttps://www.welive
security.com/2021/12/01/j
umping-air-gap-15-years-n
ation-state-effort/ Ubiqu
ity Victim of Insider Extortionhttps:/ ...

Mozilla patches critical “BigSig” cryptographic bug: Here’s how to track it down and fix it

1 month ago

Mozilla's cryptographic code had a critical bug. Problem is that numerous apps are affected and may need patching individually.

ISC StormCast for Friday, December 3rd, 2021

1 month ago

TA551 (Shathak) Pushes IcedID (Bokbot)https://isc.sans.
edu/forums/diary/TA551+Sh
athak+pushes+IcedID+Bokbo
t/28092/ pip-audit scanning Python packages for known vulnerabilitieshttps://py
pi.org/project/pip-audit/
Wifi Router Flawshttps://www.iot-insp
ector.co ...

IoT devices must “protect consumers from cyberharm”, says UK government

1 month ago

"Must be at least THIS tall to go on ride" seems to be the starting point. Too little, too late? Or better than nothing?

ISC StormCast for Thursday, December 2nd, 2021

1 month ago

Info-Stealer Using webhook.site to Exfiltrate Datahttps://isc.sans.edu/
forums/diary/InfoStealer+
Using+webhooksite+to+Exfi
ltrate+Data/28088/ Mozill
a NSS Library Vulnerabilityhttps://bugs
.chromium.org/p/project-z
ero/issues/detail?id=2237
EwDoor Botnet is At ...

ISC StormCast for Wednesday, December 1st, 2021

1 month ago

Hunting for PHPUnit Installed via Composerhttps://isc.sans.
edu/forums/diary/Hunting+
for+PHPUnit+Installed+via
+Composer/28084/ Microsof
t Defender Scares Admins with Emotet False Positivieshttps://www.ble
epingcomputer.com/news/mi
crosoft/microsoft-defende
r-s ...

SN 847: Bogons Begone! - 0-Day Windows Exploit, Major MediaTek Flaw, Super Duper Secure Mode

1 month ago

Picture of the Week. "Super Duper Secure Mode" 37% of the world's smartphones are vulnerable. The RAT Dispenser. The Entirely Predictable 0-Day Windows Exploit. "The Frontiers Saga: Fringe Worlds" Closing the Loop. Bogons Begone! We invite you to read our ...

Risky Business #647 -- Israel slashes cyber exports, Interpol takes down 1,000 crooks

1 month ago

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Israel slashes number of countries it will export cyber tools to Interpol takes down 1,000 Internet fraudsters Ransomware crews lying low? When the t ...

Controversial face matchers Clearview set to be fined over $20m

1 month ago

Scraping data for a facial recognition service? "That's unlawful", concluded both the British and the Australians.

ISC StormCast for Tuesday, November 30th, 2021

1 month ago

Wireshark 3.6.0 Releasedhttps://isc.sans.
edu/forums/diary/Wireshar
k+360+Released/28076/ Goo
gle Cloud Security Reporthttps://services.go
ogle.com/fh/files/misc/gc
at_threathorizons_full_no
v2021.pdf Zoom Patchhttps://explore.zoom
.us/en/trust/security/sec
urity ...

ISC StormCast for Monday, November 29th, 2021

1 month ago

Phishing Pages Hiding Itself Using Dynamically Adjusted IP Based Allow Listhttps://isc.sans.edu/
forums/diary/Phishing+pag
e+hiding+itself+using+dyn
amically+adjusted+IPbased
+allow+list/28070/ Trickb
ot Phishing Checks Screen Resolution to Evade Researchersht ...

Cloud Security: Don’t wait until your next bill to find out about an attack!

1 month ago

Cloud security is the best sort of altruism: you need to do it to protect yourself, but you help to protect everyone else at the same time.

S3 Ep60: Exchange exploit, GoDaddy breach and cookies made public [Podcast]

1 month ago

Latest episode - listen now! Solid cybersecurity advice in plain English.

US government securities watchdog spoofed by investment scammers – don’t fall for it!

1 month ago

Those numbers that show up on your phone to tell you who's calling? Treat them as SUGGESTIONS, never as PROOF.

ISC StormCast for Wednesday, November 24th, 2021

1 month ago

YARA Rule for OOXML Maldocs: Less False Positiveshttps://isc.sans
.edu/forums/diary/YARA+Ru
le+for+OOXML+Maldocs+Less
+False+Positives/28066/ Z
ero-Day Windows Installer Exploithttps://www.bleepi
ngcomputer.com/news/secur
ity/malware-now-trying-to
-exploit-new-w ...

SN 846: HTTP Request Smuggling - NetGear Routers 0-Day, The Most Brute Forced Passwords, GoDaddy Breach

1 month ago

Picture of the Week. An idea whose time has passed... The stats of brute force password attacks. The Most Common Passwords. GoDaddy Breached Bigtime! A heads-up about NetGear routers. HTTP Request Smuggling. We invite you to read our show notes at https:/ ...

Risky Business #646 -- Apple cracks the sads, sues NSO Group

1 month ago

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: Apple sues NSO Group and it’s all a bit weird Israel charges defence minister’s house cleaner with Iranian hacker collusion (really) USA charges tw ...