Log4Shell Becoming Part of the Day to Day Grind https://isc.sans.edu/forums/diary/Log4Shell+exploited+to+implant+coin+miners/28124/ https://www.youtube.com/watch?v=oC2PZB5D3Ys Google Chrome Update https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop_13.html Malicious PyPi Packages https://medium.com/ochrona/3-new-malicious-packages-found-on-pypi-a6bbb14b5e2
Another great episode of TWB! The gang sits down with 5th generation Jax native Kasey Faver, creator of @Lafavre.us apparel which can be seen all over Jacksonville. We open up the show with a fun story of how Bobby heard about Kasey's brand, and then do a little review of Read More
@PhilTheFilipino & @MrEricAlmighty made sure to binge-watch the fourth season of Camp Cretaceous over the weekend so we could bring you a full spoiler discussion of our thoughts on what we liked (and what we didn't) about these brand new episodes on Netflix!Haven't seen Camp Cretaceous yet? Go check out Read More
Remote Code Execution in log4j2 https://isc.sans.edu/forums/diary/RCE+in+log4j+Log4Shell+or+how+things+can+get+bad+quickly/28120/ Log4j Zero Day https://www.lunasec.io/docs/blog/log4j-zero-day/ Log4j2/Log4Shell Followup: What we see and how to defend and how to access our data https://isc.sans.edu/forums/diary/Log4j+Log4Shell+Followup+What+we+see+and+how+to+defend+and+how+to+access+our+data/28122/ Log4Shell Vendor Bulletins https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592
In Episode 259, Ben and Scott discuss some of the latest announcements involving Azure AD, including new security features in Microsoft Authenticator and a new capability that allows Azure AD to issue Kerberos tickets which allows for SMB file shares in Azure Files to be accessed without line of sight Read More
In today's episode, we're playing an interview I did on Get a Load of This podcast from Valley Truck Insurance. Cameron and Thomas were great to talk with on all things trucking and entrepreneurship—so if that's your thing, you should enjoy this episode as we break down those subjects plus Read More
December 2021 Forensic Challenge https://isc.sans.edu/forums/diary/December+2021+Forensic+Challenge/28108/ Microsoft and GitHub OAuth Implementation Vulnerabilities Lead to Redirection Attacks https://www.proofpoint.com/us/blog/cloud-security/microsoft-and-github-oauth-implementation-vulnerabilities-lead-redirection Android Patch Day https://source.android.com/security/bulletin/2021-12-01?hl=en
You can catch the podcast aired live every Sunday at 7pm EST at https://www.twitch.tv/remnantgamers/You can also view any other scheduled streams or other events going on at our website https://www.remnantgamers.com/Merch:Want a Remnant Gamer Jersey of your own? Head to https://www.remnantgamers.com/copy-of-events and pick out the style that suits you best!You can Read More
Webshells, Webshells everywhere! https://isc.sans.edu/forums/diary/Webshells+Webshells+everywhere/28106/ AWS Outage https://status.aws.amazon.com Misconfigured Kafdrop Puts Companies' Apache Kafka Completely Exposed https://spectralops.io/blog/misconfigured-kafdrop-puts-companies-apache-kafka-completely-exposed/ Windows 10 RCE: The exploit is in the link https://positive.security/blog/ms-officecmd-rce XSinator.com: From a Formal Model to the Automatic Evaluation of Cross-Site Leaks in Web Browsers https://xsinator.com/paper.pdf
There’s an awful lot of noise being made about the truck driver shortage. But like most things in life and politics--it’s usually much more nuanced than the surface-level discussions. This is what I discovered while in Texas giving a speech covering “Retention is the New Recruiting” which helps trucking companies use content Read More
The Importance of Out of Band Networks https://isc.sans.edu/forums/diary/The+Importance+of+OutofBand+Networks/28102/ Kaseya Unitrends Backup Appliance Updates https://helpdesk.kaseya.com/hc/en-gb/articles/4412762258961 Is KAX17 Performing De-Anonymization Attacks Against Tor Users? https://nusenu.medium.com/is-kax17-performing-de-anonymization-attacks-against-tor-users-42e566defce8 Google Chrome Update No 0-Days https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html
Our guest this week is a very funny comedian and my friend Christian Blaker. Christian and Bobby have been doing open mic shows around Jacksonville together and he's been at every one of my worst attempts at it, so much that I know consider him my bomb brother. My favorite Read More
The UPX Packer will never die https://isc.sans.edu/forums/diary/The+UPX+Packer+Will+Never+Die/28096/ Survey of Airgap Attacks https://www.welivesecurity.com/2021/12/01/jumping-air-gap-15-years-nation-state-effort/ Ubiquity Victim of Insider Extortion https://www.justice.gov/usao-sdny/pr/former-employee-technology-company-charged-stealing-confidential-data-and-extorting
In this episode, we will be learning about the chief executive officer in Jacksonville's city government and how the strong-mayor system of government works locally.
It’s a common internal rivalry no matter the industry but the companies who are building for the long haul recognize these two super teams are much more powerful when they come together to tackle one thing: solve the problems of their audience. SONAR sales rep Kyle Taylor is back with me Read More
Info-Stealer Using webhook.site to Exfiltrate Data https://isc.sans.edu/forums/diary/InfoStealer+Using+webhooksite+to+Exfiltrate+Data/28088/ Mozilla NSS Library Vulnerability https://bugs.chromium.org/p/project-zero/issues/detail?id=2237 EwDoor Botnet is Attacking AT&T Customers https://blog.netlab.360.com/warning-ewdoor-botnet-is-attacking-att-customers/ JAMF Pro 10.32 Patch https://community.jamf.com/t5/jamf-pro/what-s-new-in-jamf-pro-10-32-release/m-p/246505
@PhilTheFilipino & @MrEricAlmighty get together to talk about Encanto! Does this animated film reach the expectations that come with being a Disney movie...or does it miss the mark? Well, we both have VERY different opinions on this, and we have some passionate disagreements on this spoiler-free episode. Looking for more Read More
