Making Sensor of Azure AD Activity Logs https://isc.sans.edu/forums/diary/Making+sense+of+Azure+AD+AAD+activity+logs/26626/ IOCs Turning into IOOIs https://isc.sans.edu/forums/diary/IOCs+turning+into+IOOIs/26624/ Apple Security Patch Pulled https://mrmacintosh.com/mojave-2020-005-security-update-causing-major-problems-updated Have I Been EMOTET Service https://www.haveibeenemotet.com/
In Episode 197, Ben and Scott hop on a call with Dan Patrick (@deltadan) from Solliance to discuss the Surface Duo and where it sits in the Microsoft 365 ecosystem as a productivity device. YouTube Link - https://youtu.be/IoqID5L2aP0 Sponsors Sperry Software – Powerful Outlook Add-ins developed to make your email life Read More
@PhilTheFilipino is back with his extraterrestrial series, X-Philes! Today he covers a wild story that involves four men, & spans over several decades. This is the story of The Allagash Abductions!From Wikipedia: The Allagash Abduction is a purported UFO sighting and alien abduction claimed to have occurred in Allagash, Maine, Read More
Managing Remote Access for Contractors and Partners https://isc.sans.edu/forums/diary/Managing+Remote+Access+for+Partners+Contractors/26614/#comments Updated Windows ZeroLogon Advisory https://support.microsoft.com/en-us/help/4557222/how-to-manage-the-changes-in-netlogon-secure-channel-connections-assoc Cisco Patching Exploited DoS Vulnerabilities https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz FoxIT PDF Reader Update https://www.foxitsoftware.com/support/security-bulletins.html
Some Tyler Technologies Customers Targeted after Breach https://isc.sans.edu/forums/diary/Some+Tyler+Technologies+Customers+Targeted+with+The+Installation+of+a+Bomgar+Client/26610/ Obfuscated PowerShell Backdoor https://isc.sans.edu/forums/diary/PowerShell+Backdoor+Launched+from+a+ShellCode/26602/ QNAP Fixes AgeLocker Vulnerability in Photo Station https://www.qnap.com/de-de/security-advisory/qsa-20-06 TrendMicro Apex One Vulnerablity https://success.trendmicro.com/product-support/apex-one
@MrEricAlmighty and @PhiltheFilipino are back with a very special Friday episode! Today, we will be discussing the highly anticipated Netflix animated series, Jurassic World: Camp Cretaceous! The first half of this episode will be a spoiler-free review of the series, at which point we will tell you if it's worth Read More
Party in Ibiza with PowerShell https://isc.sans.edu/forums/diary/Party+in+Ibiza+with+PowerShell/26594/ Microsoft Tracking Zerologon Exploits https://twitter.com/MsftSecIntel/status/1308941504707063808 Apple Patches https://support.apple.com/en-us/HT201222 Instagram for Android Vulnerability https://blog.checkpoint.com/2020/09/24/instahack-how-researchers-were-able-to-take-over-the-instagram-app-using-a-malicious-image/
In Episode 196, Ben and Scott talk about the announcements from Microsoft Ignite 2020 that impact Microsoft 365, Microsoft Teams, Microsoft Stream, Microsoft Seach, and Azure. Sponsors Sperry Software – Powerful Outlook Add-ins developed to make your email life easy even if you’re too busy to manage your inbox ShareGate - Read More
Dynamic Malicious Word Document https://isc.sans.edu/forums/diary/Malicious+Word+Document+with+Dynamic+Content/26590/ Old Versions of SAMBA Affected by ZeroLogon Vulnerability https://www.samba.org/samba/security/CVE-2020-1472.html Google Chrome Update https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop_21.html QNAP Devices hit by AgeLocker Ransomware https://www.bleepingcomputer.com/news/security/agelocker-ransomware-targets-qnap-nas-devices-steals-data/
@PhilTheFilipino is back with his series titled, "Netflix & Phil"! For these episode, Phil recommends different shows that you'll find on streaming sites like Netflx, Hulu, Amazon Prime, or Disney+! & since he is covering one of his favorite shows of all time, he had to bring along some help! Read More
A Mix of Python and VBA in a Malicious Word Document https://isc.sans.edu/forums/diary/A+Mix+of+Python+VBA+in+a+Malicious+Word+Document/26578/ Salesforce Phish https://isc.sans.edu/forums/diary/Analysis+of+a+Salesforce+Phishing+Emails/26582/ Google App Engine Used in Phishing Attacks https://medium.com/@marcelx/attackers-are-abusing-googles-app-engine-to-circumvent-enterprise-security-solutions-again-eda8345d531d Sysmon Adds Clipboard Monitoring https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon Windows Defender No Longer Able to Download Files https://www.bleepingcomputer.com/news/microsoft/microsoft-removes-windows-defender-ability-after-security-concerns/
OSSEC Active Response https://isc.sans.edu/forums/diary/Suspicious+Endpoint+Containment+with+OSSEC/26576/ Microsoft Patch for Office for Mac https://docs.microsoft.com/en-us/officeupdates/release-notes-office-for-mac VMWare Fusion Vulnerablity https://www.vmware.com/security/advisories/VMSA-2020-0020.html NSA Secure Boot Configuration Guide https://media.defense.gov/2020/Sep/15/2002497594/-1/-1/0/CTR-UEFI-SECURE-BOOT-CUSTOMIZATION-20200915.PDF/CTR-UEFI-SECURE-BOOT-CUSTOMIZATION-20200915.PDF Microsoft Edge Warns Users of Adobe Flash End of Support https://blogs.windows.com/msedgedev/2020/09/04/update-adobe-flash-end-support/
In Episode 195, Ben and Scott talk about the "Conversation Button" that has (finally) come to Microsoft Teams and some things to think about in the lead up to Microsoft Ignite. Sponsors Sperry Software – Powerful Outlook Add-ins developed to make your email life easy even if you’re too busy to Read More
