News

This week on The Writer's Block we rip into Amazon Drivers with bigger dreams, guys having weave and comedy coming back in Tallahassee! In aisle 4 we discuss Freddie Gibbs on JRE and Chris Delia coming back. Later in the pod Farah Bijou and Roy P join us to talk Read More

Malspam Pushes GuLoader for Remcos RAT https://isc.sans.edu/forums/diary/Malspam+pushes+GuLoader+for+Remcos+RAT/27132/ vCenter Exploit / Vulnerability Details https://swarm.ptsecurity.com/unauth-rce-vmware/#more-2477 DNS CNAME Tracking https://blog.lukaszolejnik.com/large-scale-analysis-of-dns-based-tracking-evasion-broad-data-leaks-included/ Cisco MSO Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mso-authbyp-bb5GmBQv

Qakbot In a Response to Full Disclosure Post https://isc.sans.edu/forums/diary/Qakbot+in+a+response+to+Full+Disclosure+post/27130/ Firefox Total Cookie Protection https://blog.mozilla.org/security/2021/02/23/total-cookie-protection/ VMWare ESXi / vCenter Server Update https://www.vmware.com/security/advisories/VMSA-2021-0002.html Replacing Content in Signed PDFs https://www.ndss-symposium.org/wp-content/uploads/ndss2021_1B-4_24117_paper.pdf

Unprotecting Malicious Documents For Inspection https://isc.sans.edu/forums/diary/Unprotecting+Malicious+Documents+For+Inspection/27126/ Brave Browser DNS Leak https://www.theregister.com/2021/02/22/in_brief_security/ Telephony DoS https://www.ic3.gov/Media/Y2021/PSA210217

Eric over at Specialized Logistics is like a lot of 3PLs--they launched a website within the last few years, shot a few videos, and even tried their hand at some social media advertising. But after spending more than $5,000, they honestly didn't see much from any of those efforts. And I Read More

 @PhilTheFilipino & @MrEricAlmighty introduce a brand new series called Tirades and Hot Takes, where we will rant on different topics and unpopular opinions that we get from our friends or listeners, with no limits on where we can go next. For the first ever episode of this series, we decided Read More

Dynamic Data Exchange (DDE) is Back in the Wild https://isc.sans.edu/forums/diary/Dynamic+Data+Exchange+DDE+is+Back+in+the+Wild/27116/ https://isc.sans.edu/forums/diary/DDE+and+oledump/27122/ macOS Malware "Prototype" https://redcanary.com/blog/clipping-silver-sparrows-wings/ New Phishing Attack Identifed: Malformed URL Prefixes https://www.greathorn.com/blog-new-phishing-attack-identified-malformed-url-prefixes/ Sonicwall SMA 100 Firmware Update https://www.sonicwall.com/support/product-notification/additional-sma-100-series-10-x-and-9-x-firmware-updates-required-updated-feb-19-2-p-m-cst/210122173415410/

Malspam Pushes Trickbot gtag rob13 https://isc.sans.edu/forums/diary/Malspam+pushing+Trickbot+gtag+rob13/27112/ AppleJeus https://us-cert.cisa.gov/ncas/alerts/aa21-048a Python 3 Buffer Overflow https://bugs.python.org/issue42938 Apple Platform Security Guide https://support.apple.com/guide/security/welcome/web

In Episode 217, Ben and Scott talk about the new regions coming to Azure in the United States, service availability by region and the availability of Availability Zones in US South Central, and improvements to recovery in Azure Files. Sponsors Sperry Software – Powerful Outlook Add-ins developed to make your email Read More

This week Bobby and the team pick apart Bobby's funny embarrassing stories in a hilarious way! Fans of the pod trolled on social media about Bobby pouring milk before cereal, he learns that sex underwear is pointless, the worst standup show he's ever had (so far), Valentines Day mishaps, and Read More

The new "LinkedInSecureMessage" Phish https://isc.sans.edu/forums/diary/The+new+LinkedInSecureMessage/27110/ Apple M1 Optimized Malware https://objective-see.com/blog/blog_0x62.html QNAP Surveilance Station Vulnerability https://www.qnap.com/en/security-advisory/qsa-21-07 Masslogger Exfiltrates User Credentials https://blog.talosintelligence.com/2021/02/masslogger-cred-exfil.html

Welcome back to a brand new episode of PHIL-uminati. A series in which @PhilTheFilipino takes a look at some of the most popular conspiracy theories out there. But this month, we decided to go a bit lighter & have some fun. Phil brought back friend of the show, Landon (aka Read More

More Weirdness on TCP Port 26 https://isc.sans.edu/forums/diary/More+weirdness+on+TCP+port+26/27106/ Microsoft Pulls Servicing Stack Update https://threatpost.com/microsoft-windows-update-patch-tuesday/163981/ Network Monitoring Company Centreon Compromised https://www.cert.ssi.gouv.fr/uploads/CERTFR-2021-CTI-005.pdf SHAREit Flaw Could Lead to Remote Code Execution https://www.trendmicro.com/en_us/research/21/b/shareit-flaw-could-lead-to-remote-code-execution.html VSCode NPM Extension RCE https://github.com/jackadamson/CVE-2021-26700

Securing and Optimizing Networks Using pfSense Traffic Shaper to Combat Bufferbloat https://isc.sans.edu/forums/diary/Securing+and+Optimizing+Networks+Using+pfSense+Traffic+Shaper+Limiters+to+Combat+Bufferbloat/27102/ Apple to Proxy Safe Browsing Requests https://twitter.com/othermaciej/status/1359736220809531393 Power Outages and Some Network Outages as a Result https://downdetector.com Phone Scam Success Rates https://www.helpnetsecurity.com/2021/02/15/lost-money-to-phone-scams/ https://nakedsecurity.sophos.com/2021/02/12/sms-tax-scam-unmasked-bogus-but-believable-dont-fall-for-it/

Aaron Dunn is the sales and marketing director for PDQ America and cohost for their popular 'Trucking for Millennials' podcast. As a former outsider turned insider, Aaron's journey into the trucking industry has been built on gathering a deep understanding of the audience he's trying to reach without attempting to Read More

Welcome back to our monthly series, The Game Room Where It Happens. Since we've been gaming practically our entire lives, we tackle a new subject each month. & this month we get into the Playstation Exclusive Uncharted Series! & in order to do so, @PhilTheFilipino brought in TWO special guest. Read More

AgentTesla Dropped Through Automatic Click in Microsoft Help File https://isc.sans.edu/forums/diary/AgentTesla+Dropped+Through+Automatic+Click+in+Microsoft+Help+File/27092/ Telegram used to Defraud Delivery Serivces https://thefintechtimes.com/sift-finds-new-telegram-fraud-exploiting-increasing-use-of-food-delivery-services/ Singtel Suffers Zero-DAy Cyberattack https://threatpost.com/singtel-zero-day-cyberattack/163938/ Vulnerabilities in Mobile Health Apps https://approov.io/download/all-that-we-let-in_hacking-mhealth-apps-and-apis.pdf Bloomberg Supermicro Story https://www.bloomberg.com/features/2021-supermicro/ https://www.theregister.com/2021/02/12/supermicro_bloomberg_spying/

Agent Tesla Hidden in Historical Anti-Malware Tool https://isc.sans.edu/forums/diary/Agent+Tesla+hidden+in+a+historical+antimalware+tool/27088/ McAfee Total Protection Vulnerabilities https://service.mcafee.com/webcenter/portal/oracle/webcenter/page/scopedMD/s55728c97_466d_4ddb_952d_05484ea932c6/Page29.jspx Intel Patches https://blogs.intel.com/technology/2021/02/ipas-security-advisories-for-february-2021 Discord Used to Distribute Malware https://www.zscaler.com/blogs/security-research/discord-cdn-popular-choice-hosting-malicious-payloads

In Episode 216, Ben and Scott talk through the latest news and events, including the announcement of Microsoft Viva, an overview of the IT Ops Talk All Things Hybrid event, and improvements coming to Azure AD. Sponsors Sperry Software – Powerful Outlook Add-ins developed to make your email life easy even Read More