News

In Episode 214, Ben and Scott highlight some resources to help you administer your Microsoft 365 tenant, a new set of videos for ISVs to learn more about Azure Governance, and the release of the Microsoft Lists app on iOS. Sponsors Sperry Software – Powerful Outlook Add-ins developed to make your Read More

Emotet vs. Windows Attack Surface Reduction https://isc.sans.edu/forums/diary/Emotet+vs+Windows+Attack+Surface+Reduction/27036/ Go Lang Vulnerability https://blog.golang.org/path-security Azure Docker Escape https://www.intezer.com/blog/research/how-we-hacked-azure-functions-and-escaped-docker/

Hiring a marketing agency is a large expense most companies can't afford to pay. I know this because I used to work at an agency, I operate one now, and I also know it was an uphill battle to get a large marketing budget buy-in from my exec team at Read More

Critical sudo Vulnerability https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit Quakbot (QBot) Update https://isc.sans.edu/forums/diary/TA551+Shathak+Word+docs+push+Qakbot+Qbot/27030/ Targeting Security Researchers https://blog.google/threat-analysis-group/new-campaign-targeting-security-researchers/ Apple Updates iOS, iPad, tvOS, watchOS, Xcode and iCloud for Windows https://support.apple.com/en-us/HT201222

Fun With nmap nse Scripts and DoH (DNS over HTTPS) https://isc.sans.edu/forums/diary/Fun+with+NMAP+NSE+Scripts+and+DOH+DNS+over+HTTPS/27026/ Malicious NPM Module Stealing Discord Passwords https://blog.sonatype.com/cursedgrabber-strikes-again-sonatype-spots-new-malware-campaign-against-software-supply-chains Mitigating the $I30 Bug https://www.osr.com/blog/2021/01/21/mitigating-the-i30bitmap-ntfs-bug/ https://github.com/OSRDrivers/i30Flt ProtonVPN BSOD https://protonstatus.com/incidents/124

@MrEricAlmighty and @PhiltheFilipino were surprised to hear that Jurassic World: Camp Cretaceous Season 2 was coming back to Netflix only a few months after the release of Season 1, and we took on the task to binge-watch it over the weekend so we could bring you this full review about Read More

Another File Extension to Block: JNLP https://isc.sans.edu/forums/diary/Another+File+Extension+to+Block+in+your+MTA+jnlp/27018/ SonicWall Vulnerability Used to Breach SonicWall https://www.sonicwall.com/support/product-notification/urgent-security-notice-netextender-vpn-client-10-x-sma-100-series-vulnerability-updated-jan-23-2021/210122173415410/ iObit Forum Breached / Used for Ransomware Distribution https://www.bleepingcomputer.com/forums/t/741190/derohe-ransomware-distributed-through-fake-iobit-one-year-free-license-key-promo/

Powershell Ropping REvil Ransomware https://isc.sans.edu/forums/diary/Powershell+Dropping+a+REvil+Ransomware/27012/ SAP Exploit Circulating https://onapsis.com/blog/new-sap-exploit-published-online-how-stay-secure Oracle Critical Patch Update https://www.oracle.com/security-alerts/cpujan2021.html RDP Used for DDoS https://www.netscout.com/blog/asert/microsoft-remote-desktop-protocol-rdp-reflectionamplification Billy Wilson: Mitigating Attacks Against Supercomputers with KRSI https://www.sans.org/reading-room/whitepapers/linux/mitigating-attacks-supercomputer-krsi-40010

In Episode 213, Ben and Scott discuss some preview capabilities which are available to let you unpack your Canvas apps in PowerApps and make changes outside of Power Apps Studio, new connectors for Power Automate, and the transition of Azure Automation runbook samples to GitHub. Sponsors Sperry Software – Powerful Outlook Read More

The Writer's Block Episode 3!! Thank you for supporting this podcast! yall are amazing! go to twb-productions.com for more! 1:00 Start, 2:58 Grateful, 4:45 Take Two's, 7:13 Too Much Weed, 8:15 breaking news!, 10:55 local baddies, 15:12 Show Hole, 23:42 Lie Too Much - KFC, 26:30 Aisle 4, 27:50 Marks Hot Read More

SolarWinds Updates https://www.microsoft.com/security/blog/2021/01/20/deep-dive-into-the-solorigate-second-stage-activation-from-sunburst-to-teardrop-and-raindrop/ https://blog.malwarebytes.com/malwarebytes-news/2021/01/malwarebytes-targeted-by-nation-state-actor-implicated-in-solarwinds-breach-evidence-suggests-abuse-of-privileged-access-to-microsoft-office-365-and-azure-environments/ Cisco Advisories https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-bufovulns-B5NrSHbj Evesdropping Vulnerabilities in Various WebRTC Based Video Conferencing Systems https://googleprojectzero.blogspot.com/2021/01/the-state-of-state-machines.html Oracle Business Intelligence Enterprise Edition XSS https://www.exploit-db.com/exploits/49444

Welcome back to another haunting episode of The Amity-PHIL Horror! This week, @PhilTheFilipino dives into what may be the most haunted location in the entire country! The Stanley Hotel has a long history of haunts, & is famous for inspiring the one & only Stephen King! Check out what makes Read More

Qakbot Activity Resumes After Holiday Break https://isc.sans.edu/forums/diary/Qakbot+activity+resumes+after+holiday+break/27008/ Multiple dnsmasq Vulnerabilities https://www.jsof-tech.com/wp-content/uploads/2021/01/DNSpooq_Technical-Whitepaper.pdf FreakOut Malware https://blog.checkpoint.com/2021/01/19/linux-users-should-patch-now-to-block-new-freakout-malware-which-exploits-new-vulnerabilities/ Kids Break Screensaver https://github.com/linuxmint/cinnamon-screensaver/issues/354

Doc And RTF Malicious Document https://isc.sans.edu/forums/diary/Doc+RTF+Malicious+Document/26996/ Center for Internet Security Cisco NX-OS Benchmark https://www.cisecurity.org/cis-benchmarks/ Exploit for Shazam Geolocation Vulnerablity https://ash-king.co.uk/blog/Shazlocate-abusing-CVE-2019-8791-CVE-2019-8792 Voice Phishing and Internal Messaging Systems Used to Escalate Privileges https://www.ic3.gov/Media/News/2021/210115.pdf

Welcome back to one of our newest series, The Game Room Where It Happens! In this third installment, @PhilTheFilipino & @MrEricAlmighty dive into the history of PlayStation & discuss all of the amazing exclusives they've had over the years. & in order to tackle such a tall task, we brought Read More

Scans for DNS over HTTPs https://isc.sans.edu/forums/diary/Obfuscated+DNS+Queries/26992/ https://us-cert.cisa.gov/ncas/current-activity/2021/01/15/nsa-releases-guidance-encrypted-dns-enterprise-environments Netlogon Domain Controller Enforcement Mode Starting February 9th https://msrc-blog.microsoft.com/2021/01/14/netlogon-domain-controller-enforcement-mode-is-enabled-by-default-beginning-with-the-february-9-2021-security-update-related-to-cve-2020-1472/ Apple Removing ContentFilterExclusionList https://www.patreon.com/posts/46179028

Dynamically Analzying A Heavily Obfuscted Excel 4 Macro Malicious File https://isc.sans.edu/forums/diary/Dynamically+analyzing+a+heavily+obfuscated+Excel+4+macro+malicious+file/26986/ Odd Filename Corrupts NTFS Disks https://twitter.com/jonasLyk/status/1347900440000811010 Cisco Vulnerabilities https://tools.cisco.com/security/center/publicationListing.x

In Episode 212, Ben and Scott discuss an issue Ben has been having with moving files between SharePoint sites as well as some of the SharePoint limits when it comes to moving these fields.

The Writer's Block with Bobby Brown Jr is back! This week on the show my homegirl Lindsey Love stopped by the studio! Hope you enjoy the episode ! Follow my girl Lindsey on instagram @lindsjlove.  This week we're ALL bad bitches! :07 Five things, 1:00 Intro, 4:11 Lindsey Love Intro, Read More

Hancitor Activity Resumes After a Holiday Break https://isc.sans.edu/forums/diary/Hancitor+activity+resumes+after+a+hoilday+break/26980/ Intel Hardware-Enabled Ransomware Protections https://www.cybereason.com/blog/cybereason-and-intel-introduce-hardware-enabled-ransomware-protections-for-businesses Making Clouds Rain: RCE in Microsoft Office 365 https://srcincite.io/blog/2021/01/12/making-clouds-rain-rce-in-office-365.html#fn:1 SAP Security Patch Day https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476