security.didici.cc
ISC StormCast for Friday, September 24th, 2021
9 hours agoExcel Recipe: Some VBA Code with a Touch of Excel4 Macrohttps://isc.sans.edu
/forums/diary/Excel+Recip
e+Some+VBA+Code+with+a+To
uch+of+Excel4+Macro/27864
/
Windows Platform Binary Table Weaknesshttps://eclypsium
.com/2021/09/20/everyone-
gets-a-rootkit/
Apple ...
STILL ALIVE! iOS 12 gets 3 zero-day security patches – update now
13 hours agoIt wasn't dead, just resting.
How Outlook “autodiscover” could leak your passwords – and how to stop it
19 hours agoThe Microsoft Autodiscover "Great Leak" explained - and how to prevent it
ISC StormCast for Thursday, September 23rd, 2021
1 day agoAn XML-Obfustcated Office Document (CVE-2021-40444)https://i
sc.sans.edu/forums/diary/
An+XMLObfuscated+Office+D
ocument+CVE202140444/2786
0/
Exchange Autodiscovering Leaks Credentialshttps://www.gu
ardicore.com/labs/autodis
covering-the-great-leak/
Nagios Vuln ...
VMware patch bulletin warns: “This needs your immediate attention.”
1 day ago"It is a matter of time before working exploits are available," warns VMware.
ISC StormCast for Wednesday, September 22nd, 2021
2 days agoA First Look at Apple's iOS 15 "Private Relay" featurehttps://isc.sans.e
du/forums/diary/A+First+L
ook+at+Apples+iOS+15+Priv
ate+Relay+feature/27858/
macOS Finder Security Feature Bypass Leads to Possible RCEhttps://ssd-disclosure
.com/ssd-advisory-macos-f
ind ...
SN 837: Cobalt Strike - Android Auto-Revokes Permissions, DDoS on VoIP.ms, Patch Tuesday, Was GRC Pwned?
2 days agoPicture of the week. The DDoS attack on VoIP.ms. Patch Tuesday's Mixed Blessing. Android to auto-reset app permissions on many more devices. BREAKING: FBI held back ransomware decryption key from businesses to run operation targeting hackers. Google patch ...
Risky Business #639 -- USA's ransomware non-policy fails to meet its unstated objective
2 days agoOn this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: BlackMatter is back in the USA’s critical supply chain The FBI and friends apparently got up in REvil’s business The Azure OMI thing is totally the ...
iOS 15 includes Face ID fix for security bypass using fake heads
2 days agoFake heads! (Cue dystopian scifi music.)
Supply Chain Woes – Attacks and Issues in IT Infrastructure: What Can We Do?
2 days agoAll businesses operate on the principle that a certain level of trust is necessary between the business itself and the IT components that comprise its supporting infrastructure. These components include hardware and software, as well as the vendors who pr ...
ISC StormCast for Tuesday, September 21st, 2021
3 days agoOMIGOD Exploits Captured in the Wild.https://isc.sans.edu
/forums/diary/OMIGOD+Expl
oits+Captured+in+the+Wild
+Researchers+responsible+
for+half+of+scans+for+rel
ated+ports/27852/
Apple iOS/iPadOS/tvOS 15 Updates (and WatchOS, Xcode, Safari)https://support.ap
p ...
“Back to basics” as courier scammers skip fake fees and missed deliveries
3 days ago"Stop. Think. Connect." Say those words aloud - and please pronounce the pauses prescribed by the periods!
Ep. 154 - Security Awareness Series - Whispering Sweet Security Nothings with Ed Skoudis
4 days agoIn this episode, Chris Hadnagy and Ryan MacDougall are joined by Ed Skoudis. Ed is a SANS Institute Fellow, Instructor, and Director of Cyber Ranges. He is the founder of Counter Hack, an innovative cyber security company that works as trusted inf ...
ISC StormCast for Monday, September 20th, 2021
4 days agoMalicious Calendar Subscriptions Are Backhttps://isc.sans.edu/
forums/diary/Malicious+Ca
lendar+Subscriptions+Are+
Back/27846/
Simple Analysis of a CVE-2021-40444 (MSHTML) Documenthttps://isc.sans.
edu/forums/diary/Simple+A
nalysis+Of+A+CVE202140444
+docx+Docum ...
ISC StormCast for Friday, September 17th, 2021
1 week agoPhishing 101: why depend on one suspicious message subject when you can use manyhttps://isc.sans.edu/
forums/diary/Phishing+101
+why+depend+on+one+suspic
ious+message+subject+when
+you+can+use+many/27842/
PrintNightmare Fix Breaks Network Printinghttps://www. ...
OMIGOD, an exploitable hole in Microsoft open source code!
1 week agoGot Linux? Here's a bug you weren't expecting, in software you might not know you have.
ISC StormCast for Thursday, September 16th, 2021
1 week agoHancitor Campaign Abusing Microsoft's OneDrivehttps://isc.sans.
edu/forums/diary/Hancitor
+campaign+abusing+Microso
fts+OneDrive/27838/
"
;Secret"Agent Exposes Azure Customers To Unauthorized Code Executionhttps://www.wiz.
io/blog/secret-agent-expo
ses-azure-cus ...
S3 Ep50: Two 0-days plus another 0-day plus a fast food bug [Podcast]
1 week agoBugs! So many bugs! Latest episode - listen now...
ISC StormCast for Wednesday, September 15th, 2021
1 week agoMicrosoft Patcheshttps://isc.sans.e
du/forums/diary/Microsoft
+September+2021+Patch+Tue
sday/27834/
Adobe Patcheshttps://helpx.adob
e.com/security/security-b
ulletin.html
SN 836: The Mēris Botnet - 0-Day Attack on Office Docs, WFH and Security, Return of REvil
1 week agoPicture of the Week. A new worrisome 0-day attack against Office documents. Work From Home (WFH) — No problem? "Attacks only ever get better" The return of REvil — Apparently, vacation's over. Closing the Loop. I have this next piece under "Science Fi ...
Risky Business #638 -- Licensed to Pwn
1 week agoOn this week’s show Patrick Gray and Adam Boileau discuss recent security news, including: Apple 0day has everyone freaking out So much more 0day in the wild American Project Raven staffers settle with DoJ Two absolutely bonkers Azure security pr ...
Why your threat hunting program building shouldn’t stop once the engagement is over
1 week agoLet’s see, it looks like your organization just met an annual Threat Hunting assessment compliance requirement or achieved the introductory objective of experiencing a formal Threat Hunting assessment. Well done! Now, what should the organization take i ...
ISC StormCast for Tuesday, September 14th, 2021
1 week agoApple Updates Everythinghttps://support
.apple.com/en-us/HT201222
Citizenlab Discloses NSO Exploit Detailshttps://citizenlab
.ca/2021/09/forcedentry-n
so-group-imessage-zero-cl
ick-exploit-captured-in-t
he-wild/
Google Chrome Updatehttps://chromerelea
ses.googl ...
Apple products vulnerable to FORCEDENTRY zero-day attack – patch now!
1 week agoDouble trouble: two zero-days, patched in the same emergency update. So please don't delay - patch today!
Serious Security: How to make sure you don’t miss bug reports!
1 week agoHey, let's create a text file that lists our security contacts! We'll call it... security DOT txt.
Ep. 153 - Human Element Series - You Are Special And Other Lies With Cortney Warren
1 week agoIn this episode, Chris Hadnagy is joined by Dr. Cortney Warren. Dr. Warren is a Board-Certified Clinical Psychologist and former tenured Associate Professor of Psychology at the University of Nevada, Las Vegas (UNLV). She is an expert on ad ...
ISC StormCast for Monday, September 13th, 2021
1 week agoShipping Microsoft DNS Logs to Elasticsearchhttps://isc.
sans.edu/forums/diary/Shi
pping+to+Elasticsearch+Mi
crosoft+DNS+Logs/27828/
E
xploit Generator for CVE-2021-40444https://git
hub.com/lockedbyte/CVE-20
21-40444
Windows Lock Screen Bypasshttps://halove23.b ...
ISC StormCast for Friday, September 10th, 2021
2 weeks agoISC/DShield API Updateshttps://isc.sans.e
du/forums/diary/Updates+t
o+Our+DatafeedsAPI/27824/
Update on Windows MSHTML Vulnerabilityhttps://www.
bleepingcomputer.com/news
/microsoft/windows-mshtml
-zero-day-defenses-bypass
ed-as-new-info-emerges/
G
itHub Actions ...
Snake Oilers: Get Signal Sciences in your CDN, automate canary generation and cloud your SIEM!
2 weeks agoSnake Oilers: Get Signal Sciences in your CDN, automate canary generation and cloud your SIEM! Three solid pitches in this edition… In this edition of the Snake Oilers we’ll hear pitches from three vendors: Brian Joe from Fastly talks about its inte ...
S3 Ep49: Poison PACs, pointless alarms and phunky bugs [Podcast]
2 weeks agoLatest episode - listen now!
Update: The Defensive Security Strategy
2 weeks agoOriginal post: https://www.trustedsec.
com/blog/the-defensive-se
curity-strategy-what-stra
tegy/
Massive exposures and attacks, such as recent SolarWinds and Exchange exploit issues, have been common news lately. While the security landscape has advance ...
ISC StormCast for Thursday, September 9th, 2021
2 weeks agoProtonmail Correctionhttps://protonm
ail.com/blog/climate-acti
vist-arrest/https://proto
nmail.com/privacy-policy
"Stolen Images Evidence" Campaign Continues Pushing BazarLoader Malwarehttps://isc.sans.e
du/forums/diary/Stolen+Im
ages+Evidence+Campaign+Co
ntinu ...
Windows zero-day MSHTML attack – how not to get booby trapped!
2 weeks agoZero-day bug in MSHTML, the "mini-Internet Explorer" component of Windows, triggered by booby trapped Office files.
ISC StormCast for Wednesday, September 8th, 2021
2 weeks agoMicrosoft MSHTML Remote Code Execution Vulnerability CVE-2021-40444https://msr
c.microsoft.com/update-gu
ide/vulnerability/CVE-202
1-40444
ProntonMail/VPN Releasing User's IP Addresshttps://protonmail
.com/blog/climate-activis
t-arrest/
What's App End To End E ...
SN 835: TPM v1.2 vs 2.0 - BlueTooth Troubles, Internet Anonymity, Apple CSAM, Light Chaser
2 weeks agoPicture of the Week. The Razor mouse & keyboard. The wishful phrase "Internet Anonymity" is an oxymoron. And speaking of Apple's client-side image matching... BlueTooth has new troubles. Attackers Can Remotely Disable Fortress Wi-Fi Home Security Alarms. ...
Risky Business #637 -- Infosec's bigfoot
2 weeks agoOn this week’s show Patrick Gray and Adam Boileau discuss recent security news, including: Apple backs down on CSAM measures FTC shuts down spouseware company REvil is back! Confluence boxes are getting owned a lot Trickbot crew member arrested ...
Obsidian, Taming a Collective Consciousness
2 weeks agoThe Problem On August 05, 2021, a member of the Conti ransomware group leaked some of the group’s internal playbooks and technical documentation. Irrespective of any details surrounding the leak or its contents, the event itself prompted a more wides ...
ISC StormCast for Tuesday, September 7th, 2021
2 weeks agoConfluence Updatehttps://confluence.
atlassian.com/doc/conflue
nce-security-advisory-202
1-08-25-1077906215.htmlht
tps://www.jenkins.io/blog
/2021/09/04/wiki-attacked
/
ProxyShell Updatehttps://news.sophos
.com/en-us/2021/09/03/con
ti-affiliates-use-proxysh
ell-ex ...
Poisoned proxy PACs! The NPM package with a network-wide security hole…
2 weeks ago3,000,000 downloads a week... if only they'd read the fastitidous manual!
S3 Ep48: Cryptographic bugs, cryptocurrency nightmares, and lots of phishing [Podcast]
2 weeks agoLatest episode - listen now!
ISC StormCast for Friday, September 3rd, 2021
3 weeks agoAttackers Will Always Abuse Major Events in our Lifeshttps://isc.sans.edu
/forums/diary/Attackers+W
ill+Always+Abuse+Major+Ev
ents+in+our+Lifes/27808/
Active Exploitation of Confluence Server CVE-2021-26084https://www
.rapid7.com/blog/post/202
1/09/02/active-e ...
Pwned! The home security system that can be hacked with your email address
3 weeks agoThe alarm system that can be turned off with your email address.
Introducing iHide – A New Jailbreak Detection Bypass Tool
3 weeks agoToday, we are releasing iHide, a new tool for bypassing jailbreak detection in iOS applications. You can install iHide by adding the repo https://repo.kc57.com in Cydia or clicking here on an iOS device with Cydia installed. Additionally, you can check ou ...
ISC StormCast for Thursday, September 2nd, 2021
3 weeks agoSTRRAT: A Java Based RAT That Doesn't Care if You Have Javahttps://isc.sans.edu/
forums/diary/STRRAT+a+Jav
abased+RAT+that+doesnt+ca
re+if+you+have+Java/27798
/
IPC360 Baby Monitor Vulnerabilityhttps://www.
bitdefender.com/files/New
s/CaseStudies/study/402/B
itd ...
ISC StormCast for Wednesday, September 1st, 2021
3 weeks agoBrakTooth: Impacts, Implications and Next Stepshttps://isc.sans.edu
/forums/diary/BrakTooth+I
mpacts+Implications+and+N
ext+Steps/27802/
Fortress Home Security System Weaknesshttps://threatpos
t.com/fortress-home-secur
ity-remote-disarmament/16
9069/
PostgreSQL ...
SN 834: Life: Hanging by a PIN - Credit Freeze vs. Credit Lock, SSD Bait & Switch, ProxyToken, Windows 11
3 weeks agoPicture of the Week.
Credit Freeze vs Credit Lock.
T-Mobile hacker speaks!
Where will Windows 11 run?
ProxyToken.
Tailscal
e Open Source?
SSD Bait & Switch.
SpinRite.
Life: Hanging by a PIN.
We invite you to read our show notes at https://www.grc.com/sn/SN ...
Risky Business #636 -- Victims are shunning data extortion payments
3 weeks agoOn this week’s show Patrick Gray and Adam Boileau discuss recent security news, including: More info on the Belarusian Cyber Patriots How infosec overhyped election security risks Is data ransoming dying? All about the Azure Cosmos DB drama Muc ...
Skimming the CREAM – recursive withdrawals loot $13M in cryptocash
3 weeks agoRecursion [noun]: see recursion.
ISC StormCast for Tuesday, August 31st, 2021
3 weeks agoCryptocurrency Clipboard Swapper Delivered With Lovehttps://isc.sans.edu/
forums/diary/Cryptocurren
cy+Clipboard+Swapper+Deli
vered+With+Love/27794/
Pr
oxyToken Vulnerability in Exchangehttps://www.zerod
ayinitiative.com/blog/202
1/8/30/proxytoken-an-auth
entica ...
ISC StormCast for Monday, August 30th, 2021
3 weeks agoChaosDB: Azure Cosmos Database Vulnerabilityhttps://chao
sdb.wiz.io
Phishing via Open Redirectshttps://www.micr
osoft.com/security/blog/2
021/08/26/widespread-cred
ential-phishing-campaign-
abuses-open-redirector-li
nks/
Parallels Vulnerabilityhttps://exch
ange. ...
ISC StormCast for Friday, August 27th, 2021
4 weeks agoCisco Advisorieshttps://tools.c
isco.com/security/center/
publicationListing.x
GETH DoS Vulnerabilityhttps://gith
ub.com/ethereum/go-ethere
um/releases/tag/v1.10.8
C
onfluence Security Advisoryhttps://confluenc
e.atlassian.com/doc/confl
uence-security-advisory-2 ...
Big bad decryption bug in OpenSSL – but no cause for alarm
4 weeks agoThe buggy code's in there, alright. Fortunately, it's hard to get OpenSSL to use it even if you want to, which mitigates the risk.
Risky Biz Soap Box: Bad incentives make Microsoft a villain again
4 weeks agoIn this edition of the Soap Box podcast we’ll be hearing from Ryan Kalember, the EVP of cybersecurity strategy at Proofpoint, a company best known for being an email filtering giant. Proofpoint’s biggest challenger in that space is Microsoft, and if ...
S3 Ep47: Daylight robbery, spaghetti trouble, and mousetastic superpowers [Podcast]
4 weeks agoLatest episode - listen now!
ISC StormCast for Thursday, August 26th, 2021
4 weeks agoThere May Be Many More SPF Records Than We Might Expecthttps://isc.sans.ed
u/forums/diary/There+may+
be+many+more+SPF+records+
than+we+might+expect/2778
6/
OpenSSL Updatehttps://www.openssl
.org/news/vulnerabilities
.html
F5 Updatehttps://support.f5.
com/csp/art ...
ISC StormCast for Wednesday, August 25th, 2021
1 month agoAttackers Hunting for Twilio Credentialshttps://isc.sa
ns.edu/forums/diary/Attac
kers+Hunting+For+Twilio+C
redentials/27782/
Modifie
d WhatsApp Spreading Malwarehttps://securelist
.com/triada-trojan-in-wha
tsapp-mod/103679/
Privile
ge Escalation without Pluggin ...
SN 833: Microsoft's Reasoned Neglect - T-Mobile's Major Data Leak, Razer Mouse Hack, Overlay Networks
1 month agoPicture of the week. Firefox soon to be blocking mixed-content downloads by default. The news from T-Mobile is all bad. Introducing ProxyLogon's kissing cousin, ProxyShell. The Razer mouse hack. A critical ThroughTek SDK flaw enables IoT spying. Overlay N ...
Risky Business #635 -- Owned via telnet? Must be "highly sophisticated attackers"!
1 month agoOn this week’s show Patrick Gray and Adam Boileau discuss recent security news, including: T-Mobile owned hard USA no fly list winds up on unsecured ElasticSearch in Bahrain… because reasons Facebook scrambles to secure Afghani accounts Hacker ...
How a gaming mouse can get you Windows superpowers!
1 month agoWhen a helpful feature (that you probably didn't need) turns into an exploitable vulnerability...
ISC StormCast for Tuesday, August 24th, 2021
1 month agoOut of Band Phishing Using SMS Messages to Evade Network Detectionhttps://isc.sans
.edu/forums/diary/Out+of+
Band+Phishing+Using+SMS+m
essages+to+Evade+Network+
Detection/27768/
Elevate Priviledges with Razer Mousehttps://twitter.com/
j0nh4t/status/14290495060 ...
What’s *THAT* on my 3D printer? Cloud bug lets anyone print to everyone
1 month agoThat's funny. I could have sworn I didn't run a print job yesterday... but will you look at that?
ISC StormCast for Monday, August 23rd, 2021
1 month agoWaiting for the C2 to Show Uphttps://isc.sans.edu/fo
rums/diary/Waiting+for+th
e+C2+to+Show+Up/27772/
DO
CX with Embdedded EXEhttps://isc.sans.edu/f
orums/diary/docx+With+Emb
edded+EXE/27776/
Securing Your Windows 365 Cloud PCshttps://techcommunity.
microsoft.c ...
Japanese cryptocoin exchange robbed of $100,000,000
1 month agoAnother week, another cryptocurrency catastrophe. This time, it's "only" $100 million's worth...
ISC StormCast for Friday, August 20th, 2021
1 month agoWhen Lightning Strikes: What works and doesn't workhttps://isc.sans.edu/
forums/diary/When+Lightni
ng+Strikes+What+works+and
+doesnt+work/27766/
Cisco Small Business Router Vulnerabilitieshttps://to
ols.cisco.com/security/ce
nter/content/CiscoSecurit
yAdvisory/ ...
Oh, Behave! Figuring Out User Behavior
1 month agoOne topic that has always been of interest to me is how users actually use their computers. While TrustedSec does have the ability to understand a system when we encounter it, there are still mysteries around normal user behavior. Understanding user behav ...
S3 Ep46: Copyright scams, video snooping and Grand Theft Crypto [Podcast]
1 month agoLastest episode - listen, laugh and learn! This week, Chester Wisniewski joins us on the show.
ISC StormCast for Thursday, August 19th, 2021
1 month ago5 Things to Consider Before Moving Back to the Officehttps://isc.sans.ed
u/forums/diary/5+Things+t
o+Consider+Before+Moving+
Back+to+the+Office/27762/
Adobe Patcheshttps://helpx.adob
e.com/security.html
Sever
al Web Sites Infected with Chinese Spywarehttps://i ...
ISC StormCast for Wednesday, August 18th, 2021
1 month agoLaravel Exploit Attempts Tageting Vulnerability in "Ignition"https
://isc.sans.edu/forums/di
ary/Laravel+v842+exploit+
attempts+for+CVE20213129+
debug+mode+Remote+code+ex
ecution/27758/
ThroughTek "Kaley" Protocol Vulnerabilityhttps://www.
fireeye.com/blog/thre ...
SN 832: Microsoft's Culpable Negligence - Firefox Update, Magniber, Merger of Avast and NortonLifeLock
1 month agoPicture of the week.
Firefox Update.
Facebook finally adds end-to-end encryption to Messenger.
Exploitation of PrintNightmare has begun.
And "Magniber" Ransomware Uses PrintNightmare.
Crypto-mi
ning botnet modifies CPU configurations to increase its mining ...
Video surveillance network hacked by researchers to hijack footage
1 month agoHome automation. Internet of Things. Cloud management. And a security bug that could let other people watch you online...
Is Cyber Insurance Becoming Worthless?
1 month agoNew challenges have emerged that make it difficult to transfer risk. Ransomware has changed the game An overlooked yet the increasingly important challenge in information risk management is finding the right balance between cybersecurity and cyber i ...
ISC StormCast for Tuesday, August 17th, 2021
1 month agoTriage of Malware Bazaar's Daily Malware Batcheshttps://isc.sans.e
du/forums/diary/Extra+Tip
+For+Triage+Of+MALWARE+Ba
zaars+Daily+Malware+Batch
es/27754/
Realtek SDK Vulnerabilityhttps://www.
iot-inspector.com/blog/ad
visory-multiple-issues-re
altek-sdk-iot-sup ...
Risky Biz Soap Box: HD Moore talks Rumble and DCE/RPC party tricks
1 month agoI am to be publishing this interview. This Soap Box is brought to you by Rumble, the asset discovery company founded by HD Moore. For those of you who don’t know, HD is a security legend, having done all sorts of amazing research over the years and crea ...
Copyright scammers turn to phone numbers instead of web links
1 month agoForewarned is forearmed. Here's our advice on dealing with "copyright infringement" scammers.
Ep. 152 - Security Awareness Series - Sharing With Your Frenemies with Bernie Acre
1 month agoIn this episode, Chris Hadnagy and Ryan MacDougall are joined by Bernie Acre. Bernie is the Chief Information Officer for the City of Bryan, TX where he’s responsible for all technology and communications systems, including the Fire, Police, P ...
ISC StormCast for Monday, August 16th, 2021
1 month agoExchange E-Discovery Scanshttps://isc.sans.edu
/forums/diary/Scanning+fo
r+Microsoft+Exchange+eDis
covery/27748/
Danabot Distributed Through Malspamhttps://isc.sans.e
du/forums/diary/Example+o
f+Danabot+distributed+thr
ough+malspam/27744/
Weapo
nizing Middleboxe ...
ISC StormCast for Friday, August 13th, 2021
1 month agoPrint Nightmare Continues: CVE-2021-36958https://msr
c.microsoft.com/update-gu
ide/vulnerability/CVE-202
1-36958
Print Nightmare Abused by Ransomware Gangshttps://www.crowdstr
ike.com/blog/magniber-ran
somware-caught-using-prin
tnightmare-vulnerability/
PolyNet ...
S3 Ep45: Routers attacked, hacking tool hacked, and betrayers betrayed [Podcast]
1 month agoLatest episode - listen now! (And learn about the Navajo Nation's selfless cryptographic contribution to America.)
ISC StormCast for Thursday, August 12th, 2021
1 month agoTA551 Shathak Continues Pushing BazarLoader Leading to Cobalt Strikehttps://isc.sans.ed
u/forums/diary/TA551+Shat
hak+continues+pushing+Baz
arLoader+infections+lead+
to+Cobalt+Strike/27738/
N
ew AdLoad Campaign Goes Undetected by XProtecthttps://labs.sent
inelo ...
Hacker grabs $600m in cryptocash from blockchain company Poly Networks
1 month agoWhere have all the cryptocoins gone? Will we ever get them back?
ISC StormCast for Wednesday, August 11th, 2021
1 month agoMicrosoft Patcheshttps://isc.sans.e
du/forums/diary/Microsoft
+August+2021+Patch+Tuesda
y/27736/
Adobe Patcheshttps://helpx.adob
e.com/security.html
cPane
l/WHM Vulnerabilitieshttps://ww
w.fortbridge.co.uk/resear
ch/multiple-vulnerabiliti
es-in-cpanel-whm/
Firefo ...
SN 831: Apple's CSAM Mistake - Flawed Random Number Generator, Super Duper Secure Mode, TCP Stack Error
1 month agoPicture of the week. "You're Doing IoT RNG" The Pulse Secure VPN remains in trouble. And Cisco, too... Flaws found in another popular embedded TCP/IP library. Microsoft Edge gets "Super Duper Secure Mode" Closing the Loop. Apple's CSAM Mistake. We invite ...
Risky Business #634 -- Major hacks to shake up Belarusian KGB
1 month agoOn this week’s show Patrick Gray and Adam Boileau discuss recent security news, including: The United States backing away from “releasing the hounds” Apple has dropped its lawsuit against Corellium “Activists” dox Belarusian security appara ...
Home and small business routers under attack – how to see if you are at risk
1 month agoPractical advice for homes and small businesses, following news that a recently disclosed router bug is actively being exploited by crooks.
ISC StormCast for Tuesday, August 10th, 2021
1 month agoMicrosoft Exchange ProxyShellhttps://isc.san
s.edu/forums/diary/ProxyS
hell+how+many+Exchange+se
rvers+are+affected+and+wh
ere+are+they/27732/
Synol
ogy Warns of Brute Force Attackshttps://www.synolo
gy.com/en-global/company/
news/article/BruteForce/S
ynology %20 ...
Ep. 151 - Human Element Series - Dropping a Dime with Michael Roderick
1 month agoIn this episode, we are joined by Michael Roderick. Michael is the CEO of Small Pond Enterprises which helps thoughtful givers become thought leaders by making their brands referable, their messaging memorable, and their ideas unforgettable. He is als ...
ISC StormCast for Monday, August 9th, 2021
1 month agoMalicious Microsoft Word Remains A Key Infection Vectorhttps://isc.sans.ed
u/forums/diary/Malicious+
Microsoft+Word+Remains+A+
Key+Infection+Vector/2771
6/
Malware Bazaar Daily Downloadhttps://isc.sans.
edu/forums/diary/MALWARE+
Bazaar+Download+daily+mal
ware+ba ...
S3 Ep44: Unreported holes, retro computing, and tech support for malware [Podcast]
1 month agoLatest episode - listen now!
Conti ransomware affiliate goes rogue, leaks “gang data”
1 month agoOnce more unto the breach, dear friends, once more...
ISC StormCast for Friday, August 6th, 2021
1 month agoCisco Patches Unauthencticated RCE in RV340/345 deviceshttps://tools.cisc
o.com/security/center/con
tent/CiscoSecurityAdvisor
y/cisco-sa-rv340-cmdinj-r
cedos-pY8J3qfy
Telegram Flawed Self Destruct in MacOShttps://www.trustwav
e.com/en-us/resources/blo
gs/spider ...
“Cobalt Strike” network attack tool patches crashtastic server bug
1 month agoAhhhh, the irony! Red-team network attack tool has its very own bug for Blue Teams to counterexploit.
ISC StormCast for Thursday, August 5th, 2021
1 month agoPivoting and Hunting for Shenanigans from a Reported Phishing Domainhttps://isc.sans.ed
u/forums/diary/Pivoting+a
nd+Hunting+for+Shenanigan
s+from+a+Reported+Phishin
g+Domain/27710/
NichStack TCP/IP Vulnerabilitieshttps://jf
rog.com/blog/infrahalt-14
-new-secur ...
SN 830: The BlackMatter Interview - Bad News for Firefox, DarkSide Returns, Tailscale, Google to Assume HTTPS
1 month agoPicture of the Week.
Mozilla's Firefox Monthly Active Users (MAU) slowly but steadily drops.
Google to finally assume HTTPS.
The evolution of "Initial Access Brokers".
DarkSide Returns.
"A Microsoft July 2021 Recap"
Tailscale.
Cl
osing the Loop.
SpinRite.
...
Risky Business #633 -- President grandpa rattles sabre at cloud
1 month agoOn this week’s show Patrick Gray and Adam Boileau discuss recent security news, including: US President Joe Biden says next shooting war will result from cyber incident The Sun tabloid reports UK government weighing “cyber strike” against Iran ...
ISC StormCast for Wednesday, August 4th, 2021
1 month ago2FA Issueshttps://isc.sans.ed
u/forums/diary/Three+Prob
lems+with+Two+Factor+Auth
entication/27704/
Crazy Smishinghttps://isc.sans.
edu/forums/diary/Is+this+
the+Weirdest+Phishing+SMi
shing+Attempt+Ever/27706/
Google Chrome Updatehttps://chromerelea
ses.googlebl ...
BazarCaller – the malware gang that talks you into infecting yourself
1 month agoCalling someone back feels safer than clicking an unknown link... but it isn't! Remind your friends and family.
ISC StormCast for Tuesday, August 3rd, 2021
1 month agoUnsolicited DNS Querieshttps://isc.sans.e
du/forums/diary/Unsolicit
ed+DNS+Queries/27694/
Cha
nging BAT Files on the Flyhttps://isc.sans.edu/f
orums/diary/Changing+BAT+
Files+On+The+Fly/27700/
E
mpty NPM Package has Over 700,000 Downloadshttps://www.blee
pingcom ...
Risky Biz Soap Box: VMRay talks about its second line of defence for email security
1 month agoIn this sponsored edition of the Risky Biz Soap Box podcast VMRay’s VP of Products Uriel Cohen joins me to talk about its Email Threat Defender product. They’ve glued some automated sandbox analysis to their fancy phishing/link analysis/detection tec ...
ISC StormCast for Sunday, August 1st, 2021
1 month agoInfected With a .reg Filehttps://isc.sans.edu/
forums/diary/Infected+Wit
h+a+reg+File/27692/
Exces
sive Exchange Permissions (Patched)https://bugs.chr
omium.org/p/project-zero/
issues/detail?id=2186
Nod
e.JS July 2021 Security Releaseshttps://nodejs.or
g/en/blog ...
S3 Ep43: Apple 0-day, pygmy hippos, hive nightmares and Twitter hacker bust [Podcast]
1 month agoLatest episode - listen now!