Python Backdoor Talking to a C2 Through Ngrok https://isc.sans.edu/forums/diary/Python+Backdoor+Talking+to+a+C2+Through+Ngrok/26866/ Cisco Releases Improved Patch for Jabber Vulnerabilities https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-jabber-ZktzjpgO https://watchcom.no/nyheter/nyhetsarkiv/uncovers-cisco-jabber-vulnerabilities/ SANS Holiday Hack Challenge https://holidayhackchallenge.com/2020/ Karim Lalji: Fear of the Unkown: A Metanalysis of Insecure Object Deserialization Vulnerabilities https://www.sans.org/reading-room/whitepapers/testing/fear-unknown-metanalysis-insecure-object-deserialization-vulnerabilities-39920
In Episode 207, Ben and Scott start digging into SharePoint Syntex by exploring “document understanding” capabilities of the service. Sponsors Sperry Software – Powerful Outlook Add-ins developed to make your email life easy even if you’re too busy to manage your inbox ShareGate - ShareGate's industry-leading products help IT professionals worldwide Read More
@PhilTheFilipino is back with his series titled, "Netflix & Phil"! For these episode, Phil recommends different shows that you'll find on streaming sites like Netflx, Hulu, Amazon Prime, or Disney+, or in this case, Apple TV! For today's episode, we brought in friend of the show, Kire VZ to help Read More
@MrEricAlmighty & @PhilTheFilipino are back with a brand new episode of "The Game Room Where It Happens". A video game themed episode that we will be doing once a month! Today, your hosts discuss a game that is very near & dear to their hearts. EA's Madden NFL franchise. Madden Read More
Proxy Scanner Attempting to Connect to Specific Hostname https://isc.sans.edu/forums/diary/Is+IP+91199118137+testing+Access+to+aahwwx52hostxyz/26852/ Recovering Passwords From Pixelized Screenshots https://www.linkedin.com/pulse/recovering-passwords-from-pixelized-screenshots-sipke-mellema/ Tomcat Information Leak http://mail-archives.us.apache.org/mod_mbox/www-announce/202012.mbox/%3C52858194-2efd-6f17-1821-9036c8494df0%40apache.org%3E Google Updates https://chromereleases.googleblog.com/2020/12/stable-channel-update-for-desktop.html
Traffic Analysis Quiz: Mr. Natural https://isc.sans.edu/forums/diary/Traffic+Analysis+Quiz+Mr+Natural/26844/ An iOS Zero-Click Radio Proximity Exploit Odyssey https://googleprojectzero.blogspot.com/2020/12/an-ios-zero-click-radio-proximity.html Github "State of the Octoverse" Report https://octoverse.github.com/static/2020-security-report.pdf Christopher Hurless: Open-Source Endpoint Detection and Response with CIS Benchmarks, OSQuery, Elastic Stack and The Hive https://www.sans.org/reading-room/whitepapers/incident/open-source-endpoint-detection-response-cis-benchmarks-osquery-elastic-stack-thehive-39900
In Episode 206, Ben and Scott take a break from admin portals and PowerShell and dive into some of the gadgets, software, and technology that they've found helpful over the course of the last year. Sponsors Sperry Software – Powerful Outlook Add-ins developed to make your email life easy even if Read More
Prevelance of DNS Spoofing https://arxiv.org/abs/2011.12978 New npm Malware Includes Bladabindi Trojan https://blog.sonatype.com/bladabindi-njrat-rat-in-jdb.js-npm-malware DarkIRC Bot Exploits Recent Oracle WebLogic Vulnerablity https://blogs.juniper.net/en-us/threat-research/darkirc-bot-exploits-oracle-weblogic-vulnerability
@MrEricAlmighty joins forces with Ania (aka @aizawasloveinterest on TikTok) to discuss where our individual journeys into watching anime started, how that has evolved over the years, and we give you several of our favorite anime series that you should be adding to your watch-list (and some you may want to Read More
Live Patching Windows API Calls Using PowerShell https://isc.sans.edu/forums/diary/Live+Patching+Windows+API+Calls+Using+PowerShell/26826/ Threat Hunting with JARM https://isc.sans.edu/forums/diary/Threat+Hunting+with+JARM/26832/ https://isc.sans.edu/forums/diary/Quick+Tip+Using+JARM+With+a+SOCKS+Proxy/26834/ Be Careful With IoT Gifts https://cybernews.com/security/walmart-exclusive-routers-others-made-in-china-contain-backdoors-to-control-devices/ https://www.cyberscoop.com/smart-doorbells-amazon-ebay-ncc-vulnerabilities/ Active Exploitation of Mobile Iron Vulnerabilities https://www.ncsc.gov.uk/news/alert-multiple-actors-attempt-exploit-mobileiron-vulnerability
Today, Ben listens as Scott retells the story of how he got stepped on by a horse and then they both talk about how Exchange Online Outgoing Spam can block your externally forwarded emails.
@PhilTheFilipino returns with friend of the show, Amaris Riddle from the Riddle'd With Nightmares Podcast, to bring you all a brand new episode of PHILuminati! This week we discuss the phenomenon of The Mandela Effect. The Mandela Effect refers to a situation in which a large mass of people believes Read More
The Special Case of TCP Resets https://isc.sans.edu/forums/diary/The+special+case+of+TCP+RST/26824/ VMWare Workspace Vulnerability https://www.theregister.com/2020/11/24/vmware_urges_sysadmins_to_implement/ Holiday Hack Challenge 2020 https://holidayhackchallenge.com/2020/
Welcome to a brand new recurring series here on The Wait For It Podcast! We are now entering the new generation of consoles with the release of the Playstation 5 & Xbox Series X, so @PhilTheFilipino & @MrEricAlmighty decided to take back at the previous generation & discuss some of Read More
