Updates for VMWare ESXi; Fusion and Workstation https://www.vmware.com/security/advisories/VMSA-2020-0026.html IBM DB2 Vulnerability https://www.ibm.com/support/pages/node/6370025 https://www.ibm.com/support/pages/node/6370023 Fortinet SSL VPN Exploit Used to Collect Credentials https://twitter.com/Bank_Security/status/1329426020647243778
PowerShell Dropper Delivering Formbook https://isc.sans.edu/forums/diary/PowerShell+Dropper+Delivering+Formbook/26806/ Google Leading the Way in Phishing https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign Identifying Malicious Servers With JARM https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a Daniel Behrens: Industrial Traffic Collection: Understanding the Implications of Deploying Visibility Without Impacting Production https://www.sans.org/reading-room/whitepapers/ICS/industrial-traffic-collection-understanding-implications-deploying-visibility-impacting-production-39810
In Episode 204, Ben and Scott discuss the retirement timeline for Microsoft Edge Legacy and some things to be aware of with support for IE11, permission resets that might or might not be coming to a OneDrive for Business list near you, and how to get hands with Azure Arc Read More
@MrEricAlmighty is back with another episode on his recurring series "Why you should watch ______ in less than 10 minutes!". This week we talk about Made In Abyss. Find out what the show's strengths are, what it's all about, and why you should find the time to watch this anime!🔻[*AFFILIATE Read More
Apple Binaries Used to Bypass 3rd Party Security Products on MacOS 11 https://twitter.com/patrickwardle/status/1327726496203476992 Apple Improving Privacy on App Certificate Checks https://support.apple.com/en-us/HT202491 Cisco Security Manager Vulnerabilities https://gist.github.com/Frycos/8bf5c125d720b3504b4f28a1126e509e https://tools.cisco.com/security/center/publicationListing.x
Oledump Removed Macro Indicator https://isc.sans.edu/forums/diary/oledumps+Indicator/26794/ Old Worm But New Obfuscation Technique https://isc.sans.edu/forums/diary/Old+Worm+But+New+Obfuscation+Technique/26792/ MacOS OCSP Disaster https://blog.cryptohack.org/macos-ocsp-disaster VoltPillager: Hardware-base fault injection attacks against Instel SGX Enclaves using the SVID voltage scaling interface https://www.usenix.org/system/files/sec21summer_chen-zitai.pdf
We're all back this week with a brand new episode! Vanessa has two Love Em' or Leave Em' letters, Vasco has a crazy WTFlorida story, and Jerry is coming through with his Top 5 Rules for Thanksgiving!Support the showFollow The Hosts on Social Media:Jerry Tha Great - http://bit.ly/Jerrythagreat2Breeze - https://bit.ly/BigBurrNeesy Read More
If you wait until everything is perfect, you waited too long. That's the ethos I tried to follow when launching a new training and courses website, Freight School Playbook. A training site that offers educational courses in the marketing and sales space is long overdue for the logistics industry. So Read More
Preventing Exposed Azure Blob Storage https://isc.sans.edu/forums/diary/Preventing+Exposed+Azure+Blob+Storage/26786/ Apple Security Updates https://support.apple.com/en-us/HT201222 DNS Cache Poisoning Attack Reloaded https://dl.acm.org/doi/pdf/10.1145/3372297.3417280 Rebel Powell: Poisoned Postman; Detecting Manipulation of Compliance Features in a Microsoft Exchange Online Environment https://www.sans.org/reading-room/whitepapers/cloud/poisoned-postman-detecting-manipulation-compliance-features-microsoft-exchange-online-environment-39850
In Episode 203, Ben and Scott walk through conversations for Microsoft Lists list items in Microsoft Teams, a new site to help you not have to remember the multitude of URLs for all of the admin centers for Microsoft 365 and Azure, and new scenes coming to Together Mode in Read More
@PhilTheFilipino is back with his series titled, "Netflix & Phil"! For these episode, Phil recommends different shows that you'll find on streaming sites like Netflx, Hulu, Amazon Prime, or Disney+, or in this case, Apple TV! On today's episode he goes into a deep dive on why Ted Lasso is Read More
How Attackers Brush Up Their Malicious Scripts https://isc.sans.edu/forums/diary/How+Attackers+Brush+Up+Their+Malicious+Scripts/26770/ RansomEXX Trojan Attacks Linux Systems https://securelist.com/ransomexx-trojan-attacks-linux-systems/99279/ Fake Microsoft Teams Updates Lead to Cobalt Strike Deployment https://www.bleepingcomputer.com/news/security/fake-microsoft-teams-updates-lead-to-cobalt-strike-deployment/ More NPM Malare Found https://blog.sonatype.com/discord.dll-successor-to-npm-fallguys- The Internet is Getting Safer: Fall 2020 RPKI Update https://blog.cloudflare.com/rpki-2020-fall-update/
This was my first webinar attempt which occurred during the initial launch week of Freight School Playbook, which you may or may not have noticed, is the presenting sponsor for this show. It’s also my quarantine goal come to life. I’ve always wanted to help other businesses through digital courses and Read More
Welcome to a very special episode of The Wait For It Podcast! @PhilTheFilipino had the pleasure of speaking with Kelly Washington, who you may know from her recurring role as Allison Gliffert, or little Leslie Knope, in Parks & Recreation! Phil & Kelly discuss all sorts of things such as Read More
In the last few months, listeners and podcasters alike have been given a rare glimpse into the business side of big-time podcasters.Between Joe Rogan taking a $100-million dollar licensing deal in his Spotify move to Joe Budden documenting his divorce from the same platform, we're finally starting to learn some Read More
