News

New Year Old Tricks: Hunting for CircleCI Configuration Files https://isc.sans.edu/diary/New%20year%2C%20old%20tricks%3A%20Hunting%20for%20CircleCI%20configuration%20files/29416 Amazon S3 Encrypts New Objects By Default https://aws.amazon.com/blogs/aws/amazon-s3-encrypts-new-objects-by-default/ MatrixSSL Buffer Overflow https://github.com/matrixssl/matrixssl/security/advisories/GHSA-fmwc-gwc5-2g29 Auth0 JsonWebToken Vulnerability CVE-2022-23529 https://unit42.paloaltonetworks.com/jsonwebtoken-vulnerability-cve-2022-23529/

Special guest comedian this episode Jacksonville's own, Shay Clemons returns and  reveals the hilarious reason he was kicked out of the comedy zone 10 years ago, we talk throwback stories of his former comedy show "Funny Sundays", Shay being the oldest HBCU student in class, being a retired military vet Read More

Send a textDr. Michael Koren & Kevin Geddings discuss Damar Hamlin's condition from the perspective of a cardiologist and clinical researcher.  Listen in to hear new information from Dr. Koren in this 9-minute briefing on the MedEvidence Monday Minute.  Learn about:💙 Commotio Cordis💜Hypertrophic Cardiomyopathy💚Atrial FibrillationDr. Michael Koren is a practicing Read More

@PhilTheFilipino & @MrEricAlmighty had their hands full last year with how much amazing content there was in entertainment and gaming (as discussed in our End of Year Awards). With 2023 showing no signs of slowing down, we kick off the new year with a very special guest to take a Read More

Reversing AutoIT Scripts https://isc.sans.edu/diary/AutoIT%20Remains%20Popular%20in%20the%20Malware%20Landscape/29408 Can You Trust Your VSCode Extensions https://blog.aquasec.com/can-you-trust-your-vscode-extensions A Deep Dive Into Powerat https://blog.phylum.io/a-deep-dive-into-powerat-a-newly-discovered-stealer/rat-combo-polluting-pypi

More Brazil Malspam Pushing Astaroth (Guildma) in January 2023 https://isc.sans.edu/forums/diary/More%20Brazil%20malspam%20pushing%20Astaroth%20%28Guildma%29%20in%20January%202023/29404/ CircleCI Breach https://circleci.com/blog/january-4-2023-security-alert/ Twitter Leak https://www.bleepingcomputer.com/news/security/200-million-twitter-users-email-addresses-allegedly-leaked-online/ Slack Source Code Leak https://slack.com/blog/news/slack-security-update Control Web Panel Patch CVE-2022-44877 https://github.com/numanturle/CVE-2022-44877 Turla: A Galaxy of Opportunity https://www.mandiant.com/resources/blog/turla-galaxy-opportunity

In Episode 315, Ben takes Scott on a tour of Microsoft Loop and how it is working across Teams, Outlook and Word. Then they close out the episode with what tools they are using for personal work task management. Like what you hear and want to support the show? Check Read More

1st episode of 2023! The guys recap how they brought in the New Year,  Bobby tells hilarious story about shopping in Spencer's, Logan kicks off new Twitch livestream music sessions, Special guest today is comedian Deandre Stringer! Recently moved to Jax from Ohio he's also the current Comedy Zone DJ Read More

In the podcast "Everything is Logistics", the host talks about three important things to keep an eye on in freight marketing in 2023: AI tools, content remixing, and influencer marketing. TAKEAWAYS: AI tools, such as ChatGPT, will significantly change the role of marketers and it is important to learn and use these Read More

Update to RTRBK - Diff and File Dates in PowerShell https://isc.sans.edu/diary/Update%20to%20RTRBK%20-%20Diff%20and%20File%20Dates%20in%20PowerShell/29400 Google Chrome Sunsetting Legacy Windows Support https://support.google.com/chrome/thread/185534985/sunsetting-support-for-windows-7-8-8-1-in-early-2023?hl=en SHC used to compile cryptominer malware https://asec.ahnlab.com/en/45182/ ManageEngine Password Manager Pro SQL Injection https://pitstop.manageengine.com/portal/en/community/topic/manageengine-security-advisory important-security-fix-released-for-manageengine-password-manager-pro-2-1-2023#:~:text=critical%20security%20vulnerability ForiADC Command Injection in Web Interface https://www.fortiguard.com/psirt/FG-IR-22-061 Raspberry Robin Developments https://www.securityjoes.com/post/raspberry-robin-detected-itw-targeting-insurance-financial-institutes-in-europe

Our guest is Jonni Redick, a retired Assistant Chief with the California Highway Patrol, and a 29-year veteran of one of the largest police agencies in the country. Redick rose through the ranks in law enforcement to break through the “less-than-1%” ceiling for women of color in executive leadership.We discuss Read More

Phil & Jay return to bring you all a short breakdown of the Jaguars' victory over the Houston Texans, as well as look ahead to our Saturday Night Football matchup for the AFC South crown. However, this episode will be dedicated to former Jacksonville Jaguar, Uche Nwaneri, who tragically passed Read More

Send a textEpisode three in the MedEvidence series, The Next Generation of Clinical Researchers discusses patients' value propositions. Learn why people participate in clinical research as spoken by a second-generation researcher.Listen to the entire series:Developing the Next Generation of Clinical ResearchersCharacteristics, Qualities & Attributes needed for the Next Generation of Read More

Send a textPhil & Jay return to bring you all a short breakdown of the Jaguars' victory over the Houston Texans, as well as look ahead to our Saturday Night Football matchup for the AFC South crown. However, this episode will be dedicated to former Jacksonville Jaguar, Uche Nwaneri, who Read More

NTP Fingerprinting https://isc.sans.edu/diary/Its%20about%20time%3A%20OS%20Fingerprinting%20using%20NTP/29394 Misc Car Vulnerabilities https://samcurry.net/web-hackers-vs-the-auto-industry/ Flipper Zero Phishing https://twitter.com/AlvieriD/status/1609945425871609858 Trend Micro Patch https://helpcenter.trendmicro.com/en-us/article/TMKA-11252 Packet Tuesday: IP Options https://www.youtube.com/watch?v=HldNL3SLLwM

Kyverno's container image signature verification bypass https://www.armosec.io/blog/cve-2022-47633-kyvernos-container-image-signature-verification/ Google Smart Spaeker Vulnerability https://downrightnifty.me/blog/2022/12/26/hacking-google-home.html Verizon Decomissions 3G CDMA Network https://www.fiercewireless.com/wireless/verizon-tells-3g-customers-upgrade-they-lose-service EarSpy: Spying Caller Speech and Identity Through Speaker Vibrations https://arxiv.org/pdf/2212.12151.pdf

SPF and DMARC use on GOV domains in different ccTLDs https://isc.sans.edu/forums/diary/SPF+and+DMARC+use+on+GOV+domains+in+different+ccTLDs/29384/ CVE-2022-47939 ksmbd Vulnerability https://ubuntu.com/security/CVE-2022-47939 Netgear Vulnerabilities https://kb.netgear.com/000065495/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2019-0208 PyTorch Malicious Dependency https://pytorch.org/blog/compromised-nightly-dependency/

In today's show, we’re doing something new where we pick the best interviews from the industry’s thought leaders and create a mashup of these episodes so you can listen over a period of time. That way if you want a crash course in say….autonomous trucks or what shippers want out Read More

The Jacksonville Jaguars officially acquired a three-game win streak after defeating the New York Jets in a wet one at MetLife Stadium. This week, Jay broke down the lopsided 19-3 victory as the Jags took the stage for their first primetime game of the 2022 season. He also discussed the Read More

In Episode 314, Ben and Scott have a quick follow-up on the Rackspace Hosted Exchange ransomware attack (TL;DR; if you haven’t migrated to Exchange Online, do it now), a post-mortem that was published on the Azure PowerShell and PowerShell 7.3 compatibility issue that cropped up in Nov, and then discuss Read More