MSFT Subdomain Takeover https://vullnerability.com/blog/microsoft-subdomain-account-takeover Homoglyph Attacks in the News Again https://www.soluble.ai/blog/public-disclosure-emoji-to-zero-day Coronavirus Phish https://twitter.com/JCyberSec_/status/1234806881195044865
Happy Wait For It Wednesday! Welcome back to The Wait For It Podcast & your co-host @PhilTheFilipino is here with a very special episode! Phil was lucky enough to see an early screening of Disney/Pixar's Onward starring Tom Holland, Chris Pratt, & Julia Louis-Dreyfus! This film has been highly anticipated Read More
Introduction to EvtxEcmd (Evtx Explorer) https://isc.sans.edu/forums/diary/Introduction+to+EvtxEcmd+Evtx+Explorer/25858/ Let's Encrypt Revoking Certificates https://community.letsencrypt.org/t/revoking-certain-certificates-on-march-4/114864 Using Smart Devices in the Home Securely (NCSC Version) https://www.ncsc.gov.uk/guidance/smart-devices-in-the-home Ransomware and Cloud Backups https://www.bleepingcomputer.com/news/security/ransomware-attackers-use-your-cloud-backups-against-you/ SANS Coronavirus Training Guarantee https://www.sans.org/training-guarantee
SSL Distribution by Country https://isc.sans.edu/forums/diary/Secure+vs+cleartext+protocols+couple+of+interesting+stats/25854/ Checkpoint Evasion Encyclopedia https://research.checkpoint.com/2020/cpr-evasion-encyclopedia-the-check-point-evasion-repository/ OWASP Threat Dragon https://github.com/mike-goodwin/owasp-threat-dragon-desktop SANS Free Things https://sans.org/free
Show me Your Clipboard Data! https://isc.sans.edu/forums/diary/Show+me+Your+Clipboard+Data/25846/ Hazelcast IMDB Discover Scan https://isc.sans.edu/forums/diary/Hazelcast+IMDG+Discover+Scan/25850/ Microsoft Exchange Server Vulnerabilty Scans https://twitter.com/GossiTheDog/status/1232369036438233088 Tomcat Ghostcat Vulnerability https://lists.apache.org/thread.html/r7c6f492fbd39af34a68681dbbba0468490ff1a97a1bd79c6a53610ef%40%3Cannounce.tomcat.apache.org%3E
@MrEricAlmighty and @PhiltheFilipino come together for an EXTRA episode this weekend for My Hero Academia: Heroes Rising. The second MHA film is in theaters for a limited time, and we have some feelings about what went down! We give our spoiler free thoughts at the start of the episode before Read More
Ultrasonic Triggers for Cellphone Assistants. https://source.wustl.edu/2020/02/surfing-attack-hacks-siri-google-with-ultrasonic-waves/ Comparing Information Leakage from Different Browsers https://www.scss.tcd.ie/Doug.Leith/pubs/browser_privacy.pdf Cloud Snooper Attack https://news.sophos.com/en-us/2020/02/25/cloud-snooper-attack-bypasses-firewall-security-measures/
In Episode 166, Ben and Scott take a break from talking about the cloud and get into some of the gear and software they've picked up over the last few months. Sponsors ShareGate – ShareGate’s industry-leading products help IT professionals worldwide migrate their business to the Office 365 or SharePoint, automate Read More
Fraudulant Paypal Charges (links in German) https://twitter.com/iblueconnection/status/1232259071602044928 https://www.heise.de/security/meldung/Google-Pay-Luecke-in-virtuellen-Kreditkarten-erlaubt-unberechtigte-Abbuchungen-4667527.html https://stadt-bremerhaven.de/google-pay-virtuelle-paypal-kreditkarten-weisen-sicherheitsluecken-auf/ Chrome Update https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html Microsoft Public Preview For Azure AD Hybrid Environments https://techcommunity.microsoft.com/t5/azure-active-directory-identity/public-preview-of-azure-ad-support-for-fido2-security-keys-in/ba-p/1187929
ScrollToTextFragment Privacy Concerns in Google Chrome 80 https://github.com/WICG/ScrollToTextFragment/issues/76#issue-538137989 https://docs.google.com/document/d/1YHcl1-vE_ZnZ0kL2almeikAj2gkwCq8_5xwIae7PVik/edit#heading=h.uoiwg23pt0tx Another OpenSMTPD Vulnerability https://github.com/OpenSMTPD/OpenSMTPD/releases WhatsApp Group Invite Links in Search Engines https://twitter.com/JordanWildon/status/1230829082662842369
Old Style Excel Macro Malware https://isc.sans.edu/forums/diary/Maldoc+Excel+4+Macros+in+OOXML+Format/25830/ Simple But Efficient VBScript Obfuscation https://isc.sans.edu/forums/diary/Simple+but+Efficient+VBScript+Obfuscation/25828/ Let's Encrypt Beefs Up Validation https://letsencrypt.org/2020/02/19/multi-perspective-validation.html Google Play Store Joker / Clicken Malware https://research.checkpoint.com/2020/android-app-fraud-haken-clicker-and-joker-premium-dialer/ Google Warns of Microsoft Edge https://www.heise.de/security/meldung/l-f-Google-findet-den-neuen-Edge-Browser-doof-und-unsicher-4665634.html
Enumerating Who "Owns" a Workstation for IR https://isc.sans.edu/forums/diary/Whodat+Enumerating+Who+owns+a+Workstation+for+IR/25822/ Special Update for Adobe After Effects and Media Encoder https://helpx.adobe.com/security/products/after_effects/apsb20-09.html https://helpx.adobe.com/security/products/media-encoder/apsb20-10.html Cisco Updates https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-on-prem-static-cred-sL8rDs8 Apple To No Longer Accept Certifcates as Valid that Exceed a Lifetime of 13 months https://www.theregister.co.uk/2020/02/20/apple_shorter_cert_lifetime/ Python ReDoS Bugs https://blog.r2c.dev/posts/finding-python-redos-bugs-at-scale-using-dlint-and-r2c/
In Episode 165, Ben and Scott run through Power Virtual Agents, a feature of Power Platform that allows you to create and manage "no-code" (or to be more realistic - "low-code") bots. Sponsors ShareGate – ShareGate’s industry-leading products help IT professionals worldwide migrate their business to the Office 365 or SharePoint, Read More
Sonicwall Vulnerabilities https://psirt.global.sonicwall.com/vuln-list https://blog.scrt.ch/2020/02/11/sonicwall-sra-and-sma-vulnerabilties/ SQL Server RCE Exploit https://www.mdsec.co.uk/2020/02/cve-2020-0618-rce-in-sql-server-reporting-services-ssrs/ Ransomware in Switzerland https://www.melani.admin.ch/melani/en/home/dokumentation/newsletter/sicherheitsrisiko-durch-ransomware.html Peripheral Vulnerabilities in Windows and Linux https://eclypsium.com/2020/2/18/unsigned-peripheral-firmware/
Thanks for joining us on The Wait For It Podcast! It's Wait For It Wednesday, & this week, both of your co-hosts have teamed up to talk about the highly anticipated Sonic The Hedgehog film! @PhilTheFilipino & @MrEricAlmighty as always give you their likes, dislikes, as well as a final Read More
More about Curl on Windows https://isc.sans.edu/forums/diary/curl+and+SSPI/25812/ WHO Warns of Coronavirus Phishing https://www.who.int/about/communications/cyber-security DUO Security / Google Identify Malicous Chrome Extensions https://duo.com/labs/research/crxcavator-malvertising-2020
Keep an Eye on Command-Line Browsers https://isc.sans.edu/forums/diary/Keep+an+Eye+on+CommandLine+Browsers/25804/ Old Tricks in New Bots: KBOT https://securelist.com/kbot-sometimes-they-come-back/96157/ OpenSSH Now With Fido/U2F http://www.openssh.com/txt/release-8.2
Changes to Microsoft LDAP/AD And How to Cope with them https://isc.sans.edu/forums/diary/Authmageddon+deferred+but+not+averted+Microsoft+LDAP+Changes+now+slated+for+Q3Q4+2020/25800/ https://isc.sans.edu/forums/diary/March+Patch+Tuesday+is+Coming+the+LDAP+Changes+will+Change+Your+Life/25796/ SweynTooth BLE Vulnerabilities https://asset-group.github.io/disclosures/sweyntooth/ Symantec Endpoint Protection Multiple Issues https://support.symantec.com/us/en/article.SYMSA1505.html DNSSEC Root Key Signing Ceremony Delayed https://mm.icann.org/pipermail/root-dnssec-announce/2020/000121.html
