News

@PhilTheFilipino is back with his series titled, "Netflix & Phil"! For these episodes, Phil recommends different shows that you'll find on streaming sites like Netflix, Hulu, or in this month's case, HBO Max! This month, he recommends the HBO Max exclusive, Harley Quinn!Synopsis: Harley Quinn has finally broken things off Read More

Strange Goings on With Port 37 https://isc.sans.edu/forums/diary/Strange+goings+on+with+port+37/27496/ QNAP Video Station RCE Vulnerability https://www.qnap.com/de-de/security-advisory/qsa-21-21 Updated GitHub Policy https://github.blog/2021-06-04-updates-to-our-policies-regarding-exploits-malware-and-vulnerability-research/ Cisco WebEx Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-player-kOf8zVT VMWare vCenter Server Vulnerability Actively Exploited https://thehackernews.com/2021/06/alert-critical-rce-bug-in-vmware.html

In this episode, I'm breaking down how drastically our attention spans have dropped and how your company can create short-form video to target this change without requiring a whole new content marketing strategy.~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Where to Find Digital Dispatch & Blythe:  LinkedinYouTubeInstagramPinterestTikTokDigital Dispatch websiteGot something to say?Have a topic you'd like to Read More

Script to Test CIS Zoom Benchmark https://github.com/turbot/steampipe-mod-zoom-compliance F5 BIG-IP Edge Client for Windows Vulnerability https://support.f5.com/csp/article/K20346072 Fancy Product Designer Wordpress Plugin Vulnerability https://www.welivesecurity.com/2021/06/03/zero-day-popular-wordpress-plugin-exploited-take-over-websites/ WordPress Pushes Jetpack Plugin Patch https://www.bleepingcomputer.com/news/security/wordpress-force-installs-jetpack-security-update-on-5-million-sites/ We.Lock Vulnerability https://github.com/CriticalSecurity/welock

In Episode 232, Ben and Scott catch up on some of their favorite announcements from Microsoft Build 2021, including a quick tour of Continuous access evaluation (CAE) with Azure AD. Sponsors Sperry Software – Powerful Outlook Add-ins developed to make your email life easy even if you’re too busy to manage Read More

Good things happen in unsurity. No idea if thats a word but thats the word of the week!! Our guests could not make it this week but we still had some good conversation with the TWB Team about the making of the first TWB Sketch, finding the next steps of Read More

Realtek RTL8170C Vulnerabilities https://www.vdoo.com/blog/realtek-wifi-vulnerabilities-zero-day Huawei LTE USB Stick E3372 Vulnerablity https://www.theregister.com/2021/06/02/huawei_lte_usb_stick_vulnerability/ NortonLifeLock Crypto https://investor.nortonlifelock.com/About/Investors/press-releases/press-release-details/2021/NortonLifeLock-Unveils-Norton-Crypto/default.aspx OpenPGP RNP Patch https://www.rnpgp.org/advisories/ri-2021-001/

@MrEricAlmighty is back with a remastered episode from his recurring series "Why you should watch ______ in less than 10 minutes!" and this week, we talk about Your Lie In April. Find out what the show's strengths are, what it's all about, and why you should find the time to Read More

Guildma is now using Finger and Signed Binary Proxy Execution to Evade Defenses https://isc.sans.edu/forums/diary/Guildma+is+now+using+Finger+and+Signed+Binary+Proxy+Execution+to+evade+defenses/27482/ Bypassing Protected Folders Protections https://dl.acm.org/doi/10.1145/3431286 Firefox 89 Released https://www.mozilla.org/en-US/security/advisories/mfsa2021-23/ Microsoft Edge Will make https default https://blogs.windows.com/msedgedev/2021/06/01/available-for-preview-automatic-https-helps-keep-your-browsing-more-secure/

Danny Catullo is a 3rd generation butcher in Cleveland Ohio who started selling his beef, poultry, and pork items online back in 2017. But after facing issues with high shipping prices and limited options, he got to work with FedEx where they developed a specialized box that allowed his products Read More

Malicious PowerShell Hosted on script.google.com https://isc.sans.edu/forums/diary/Malicious+PowerShell+Hosted+on+scriptgooglecom/27468/ Sonicwall Advisory https://www.sonicwall.com/support/product-notification/security-advisory-on-prem-sonicwall-network-security-manager-nsm-command-injection-vulnerability/210525121534120/ Hewlett Packard Enterprise Systems Insight Manger (SIM) Advisory https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04068en_us Memory Protection Bypass in Siemens PLCs https://claroty.com/2021/05/28/blog-research-race-to-native-code-execution-in-plcs/

AV evasion with 64-bit Executables https://isc.sans.edu/forums/diary/All+your+Base+arenearly+equal+when+it+comes+to+AV+evasion+but+64bit+executables+are+not/27466/ Unpatches WebKit Vulnerablity in iOS/macOS https://blog.theori.io/research/webkit-type-confusion/ VSCode Extension Vulnerabilities https://snyk.io/blog/visual-studio-code-extension-security-vulnerabilities-deep-dive/ M1RACLES https://m1racles.com

You can catch the podcast aired live every Sunday at 7pm EST at https://www.twitch.tv/remnantgamers/You can also view any other scheduled streams or other events going on at our website https://www.remnantgamers.com/Merch:Want a Remnant Gamer Jersey of your own? Head to https://www.remnantgamers.com/copy-of-events and pick out the style that suits you best!You can Read More

In Episode 231, Ben and Scott talk about calendar management and some options for combining calendars from multiple sources (e.g., several Exchange Online accounts from multiple tenants) and then discuss a new preview capability in Azure Storage that extends native Azure RBAC DataActions to include conditions such as blob index Read More

TWB made it to episode 20!! Our co. producer Mark is back from vacation, we thought he went all JBP on us but nah hahaha. This week Bobby and TWB were joined by music artists JD6 (Jordon Donaldson @jordond_6) and artists Israel Jones (Bron @iisraeljones). Jordon and Bobby worked together Read More

A Survey of Bluetooth Vulnerabilities https://isc.sans.edu/forums/diary/A+Survey+of+Bluetooth+Vulnerabilities+Trends/27460/ Google Chrome Update https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html Attacks on PDF Certification https://www.pdf-insecurity.org nginx vulnerability https://x41-dsec.de/lab/advisories/x41-2021-002-nginx-resolver-copy/

Did you know that you could be scrolling through Facebook, see a video for a few seconds, never turn the sound on, and Facebook still counts that as a view in the video’s marketing metrics?This along with other common misinterpretations of data is what we’re diving into with today’s episode Read More

@PhilTheFilipino & @MrEricAlmighty recently introduced this brand new series called Tirades and Hot Takes, where we will rant on different topics and unpopular opinions that we get from our friends or listeners, with no limits on where we can go next. For our fourth episode of the series, we discuss Read More

Uncovering Shenenigans in an IP Address Block via Hurricane Electic's BGP Toolkit https://isc.sans.edu/forums/diary/Uncovering+Shenanigans+in+an+IP+Address+Block+via+Hurricane+Electrics+BGP+Toolkit/27456/ VMware Advisory https://www.vmware.com/security/advisories/VMSA-2021-0010.html Trend Micro Bugs https://blog.talosintelligence.com/2021/05/vuln-spotlight-trend-i.html

Apple Patches 0-Days https://www.jamf.com/blog/zero-day-tcc-bypass-discovered-in-xcsset-malware/ https://support.apple.com/en-us/HT201222 Bluetooth Vulnerabilities https://kb.cert.org/vuls/id/799380 https://francozappa.github.io/about-bias/publication/antonioli-20-bias/antonioli-20-bias.pdf NAGIOS Vulnerabilities https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/