Most Recent "Mirai" Bot Includes Code to Target Backups https://isc.sans.edu/forums/diary/Do+Vulnerabilities+Ever+Get+Old+Recent+Mirai+Variant+Scanning+for+20+Year+Old+Amanda+Version/26572/ Apple Security Updates https://support.apple.com/en-us/HT201222
@MrEricAlmighty is back with another episode on his recurring series "Why you should watch ______ in 10 minutes!". This week we talk about Tower of God. Find out what the show's strengths are, what it's all about, and why you should find the time to watch this anime!🔻[*AFFILIATE LINKS BELOW*] Read More
Not Everything About ".well-known" is Well Known https://isc.sans.edu/forums/diary/Not+Everything+About+wellknown+is+Well+Known/26564/ BLE Lock Vulnerable to Replay Attack https://www.pentestpartners.com/security-blog/360lock-smart-lock-review/ Mobile Iron Exploit Released https://blog.orange.tw/2020/09/how-i-hacked-facebook-again-mobileiron-mdm-rce.html
Pillaging and Protecting the Clipboard https://isc.sans.edu/forums/diary/Whats+in+Your+Clipboard+Pillaging+and+Protecting+the+Clipboard/26556/ Critical Vulnerability in PANOS https://security.paloaltonetworks.com/CVE-2020-2040 Linux VoIP Softswitch Malware https://www.welivesecurity.com/2020/09/10/who-callin-cdrthief-linux-voip-softswitches/ CVE-2020-1472 Zerologon Privilege Escalation Vulnerability https://www.secura.com/blog/zero-logon
Recent Dridex Activity https://isc.sans.edu/forums/diary/Recent+Dridex+activity/26550/ Zoom Bombings and Zoom 2FA https://arxiv.org/abs/2009.03822 https://blog.zoom.us/secure-your-zoom-account-with-two-factor-authentication/ AMD Server CPUs May Be Locked to Particular Motherboard https://www.servethehome.com/amd-psb-vendor-locks-epyc-cpus-for-enhanced-security-at-a-cost/ BLURtooth Vulnerability https://www.bluetooth.com/learn-about-bluetooth/bluetooth-technology/bluetooth-security/blurtooth/
In Episode 194, Ben and Scott dive into the recent announcement of the GA of Microsoft Lists in Microsoft Teams. Transcript Email Download New Tab - Welcome to episode 194 of the Microsoft cloud It pro podcast, recorded live September 4th, 2020. This, is a show about Microsoft 365 and Read More
MacOS 11 Network Traffic https://isc.sans.edu/forums/diary/A+First+Look+at+macOS+11+Big+Sur+Network+Traffic+New+Now+with+more+GREASE/26548/ Azure Offers Automatic Windows VM Patching https://azure.microsoft.com/en-us/updates/automatic-vm-guest-patching-now-in-preview/ WeaveScope Used to Attack Docker Infrastructure https://www.intezer.com/blog/cloud-workload-protection/attackers-abusing-legitimate-cloud-monitoring-tools-to-conduct-cyber-attacks/
Welcome to a very special episode of "Wait For It Wednesday"! Since @PhilTheFilipino is the show's resident Jurassic Super-Fan, he had to bring in a very special guest for this episode. We know her as Laura, but you may recognize her as @CleverFanGirl, as she is one of the most Read More
A Blast From The Past: XXEncoded VB 6.0 Trojan https://isc.sans.edu/forums/diary/A+blast+from+the+past+XXEncoded+VB60+Trojan/26538/ Office: About OLE and ZIP Files https://isc.sans.edu/forums/diary/Office+About+OLE+and+ZIP+Files/26540/ Go XSS Vulnerability https://seclists.org/fulldisclosure/2020/Sep/5 "Baka" JavaScript Skimmer https://usa.visa.com/content/dam/VCOM/global/support-legal/documents/visa-security-alert-baka-javascript-skimmer.pdf
Sandbox Evasion Using NTP https://isc.sans.edu/forums/diary/Sandbox+Evasion+Using+NTP/26534/ Android DNS over HTTPS https://blog.chromium.org/2020/09/a-safer-and-more-private-browsing.html Cisco Jabber Vulnerability Fullowup https://watchcom.no/nyheter/nyhetsarkiv/uncovers-cisco-jabber-vulnerabilities/
In Episode 193, Ben and Scott talk about how to protect your organization with Exchange Online transport rules and prevent the forwarding of messages from other applications like Power Automate. They also talk about Project Moca and how it can be used to organize your personal information through Outlook on Read More
@MrEricAlmighty & @PhilTheFilipino finally got a chance to return to the movie theater to view Christopher Nolan's latest film, Tenet. The film has endured multiple delays due to the pandemic, but the time has finally come for it to release in theaters. Many of have you have wondered what exactly Read More
Exposed Domain Controllers Used in DDoS Attacks https://isc.sans.edu/forums/diary/Exposed+Windows+Domain+Controllers+Used+in+CLDAP+DDoS+Attacks/26526/ Microsoft Reviving SHA-1 https://techcommunity.microsoft.com/t5/microsoft-security-baselines/security-baseline-for-microsoft-edge-version-85/ba-p/1618585 Trend Micro Updating Anti Malware Products https://success.trendmicro.com/solution/000263632 Public Voter Data Sold as "Breach" https://www.cyberscoop.com/russia-hack-michigan-voter-data-kommersant/
@MrEricAlmighty and @PhilTheFilipino replaced our scheduled episode of What Did I Miss this week to bring you a special guest episode, with one of our biggest Day 1 supporters - JPAW! We try to answer the age old question.....Backstreet Boys or *NSYNC? We deep dive into three rounds to determine Read More
A Reminder about Security.txt https://isc.sans.edu/forums/diary/Securitytxt+one+small+file+for+an+admin+one+giant+help+to+a+security+researcher/26510/ DNS Queries to Root Name Servers https://blog.apnic.net/2020/08/21/chromiums-impact-on-root-dns-traffic/ https://www.zdnet.com/article/chromium-dns-hijacking-detection-accused-of-being-around-half-of-all-root-queries/ Microsoft Extends Windows 10 1803 Deadline https://support.microsoft.com/en-us/help/13853/windows-lifecycle-fact-sheet LemonDuck Adding New Tricks https://news.sophos.com/en-us/2020/08/25/lemon_duck-cryptominer-targets-cloud-apps-linux/
