In Episode 155, Ben and Scott dive into a discussion around tenant-level services in Microsoft 365 and Office 365 and what you need to think about as you license users and potentially scope deployments within your tenancy to ensure your compliance with your Microsoft 365 licensing.
Happy Wait For It Wednesday, everyone! We have an extra special episode with ANOTHER guest that we met at the Jacksonville Podcaster's Meetup! Gafiltha from The Gafiltha Show joins us this week to talk about what we're all looking forward to most in 2020 in the realm of technology, movies, tv, Read More
Another Word Maldoc https://isc.sans.edu/forums/diary/Lazy+Sunday+Maldoc+Analysis/25586/ Snatch Ransomware Reboots System Into Safe Mode To Disable Anti Virus https://news.sophos.com/en-us/2019/12/09/snatch-ransomware-reboots-pcs-into-safe-mode-to-bypass-protection/ Ryuk Ransomware Decryptor May No Longer Work / Corrupt Documents https://blog.emsisoft.com/en/35023/bug-in-latest-ryuk-decryptor-may-cause-data-loss/ Extending Windows 7 Security Updates https://www.ghacks.net/2019/12/07/someone-found-a-way-to-bypass-windows-7-extended-security-updates-checks/ Swift on Security Updates Sysmon Rules https://github.com/SwiftOnSecurity/sysmon-config RSA Webcast https://www.rsaconference.com/industry-topics/webcast/36-five-most-dangerous-attacks-evolving
E-Mail Includes Entire HTML/Javascript Phishing Kit https://isc.sans.edu/forums/diary/Phishing+with+a+selfcontained+credentialsstealing+webpage/25580/ Great Canon / Red Canon Activated to Silence Pro Hongkong Forum https://cybersecurity.att.com/blogs/labs-research/the-great-cannon-has-been-deployed-again
OpenBSD Authentication Bypass and Privilege Escalation Vulnerability https://www.qualys.com/2019/12/04/cve-2019-19521/authentication-vulnerabilities-openbsd.txt?_ga=2.58244398.587934852.1575530822-682141427.1570559125 Hijacking Linux (and BSD) VPN Connections https://seclists.org/oss-sec/2019/q4/122 RASP vs. WAF: Alexander Fry Research Paper https://www.sans.org/reading-room/whitepapers/application/runtime-application-self-protection-rasp-investigation-effectiveness-rasp-solution-protecting-vulnerable-target-applications-38950
Ben and Scott sit down at Microsoft Ignite with Ramiro Calderon, Principal Program Manager - Azure Active Directory, and Stefan van der Wiele, Senior Program Manager - Azure Active Directory, to talk about Azure Active Directory and how as the core of authentication for Office 365, Azure, and Microsoft you Read More
It's Wait For It Wednesday & @PhilTheFilipino is back with a brand new solo episode! This week Phil gives his thoughts on the first half of Season 4 of This Is Us. "This Is Us" chronicles the Pearson family across the decades: from Jack (Milo Ventimiglia) and Rebecca (Mandy Moore) Read More
Avast Online Security and Avast Secure Browser Blocked for Spying on Users https://palant.de/2019/10/28/avast-online-security-and-avast-secure-browser-are-spying-on-you/ Google Android Updates https://source.android.com/security/bulletin/2019-12-01 Strandhogg Vulnerability https://promon.co/security-news/strandhogg/ Firefox 71 Released https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/
Agent Tesla Malware Sample Analysis https://isc.sans.edu/forums/diary/Finding+an+Agent+Tesla+malware+sample/25554/ Search With SauronEye https://isc.sans.edu/forums/diary/ISC+Snapshot+Search+with+SauronEye/25558/ Splunk Y2K20 Patch https://docs.splunk.com/Documentation/Splunk/8.0.0/ReleaseNotes/FixDatetimexml2020 Google TAG Quarterly Summary https://blog.google/technology/safety-security/threat-analysis-group/protecting-users-government-backed-hacking-and-disinformation/
In Episode 153, Ben sits down at Microsoft Ignite with Stephen Rose, Sr PMM, Microsoft 365 Storytelling and Branding Team, to talk about what it takes to align demos across the Microsoft 365 product suite and how to craft a great story. Sponsors ShareGate – ShareGate’s industry-leading products help IT professionals Read More
Playing With Phishing https://isc.sans.edu/forums/diary/Lessons+learned+from+playing+a+willing+phish/25552/ HPE SSD Drives will Stop Working in 3 years https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00092491en_us Malicious Android SDK Captures Social Media Data https://help.twitter.com/en/sdk-issue Kasperski API Exposed to Websites https://palant.de/2019/11/26/internal-kaspersky-api-exposed-to-websites/ Malicious Ad Statistics https://www.confiant.com/Demand-Quality-Report-Q3-2019
DNS over HTTPS (DoH) in SOHO Networks https://isc.sans.edu/forums/diary/My+Little+DoH+Setup/25548/ Fortinet Weak Crypto https://sec-consult.com/en/blog/advisories/weak-encryption-cipher-and-hardcoded-cryptographic-keys-in-fortinet-products/ Tracking Web Users via DNS https://github.com/uBlockOrigin/uBlock-issues/issues/780
Web Filter Misconfiguration Abused for Recognisance https://isc.sans.edu/forums/diary/Abusing+Web+Filters+Misconfiguration+for+Reconnaissance/25538/ Local Malware Analysis with Malice https://isc.sans.edu/forums/diary/Local+Malware+Analysis+with+Malice/25544/ Multiple Vulnerabilities in VNC https://www.kaspersky.com/blog/vnc-vulnerabilities/31462/
The long awaited sequel to 2013's massive commercial hit is finally here! Frozen 2! Frozen is one of the more polarizing Disney films because of its massive success. The first film grossed over $1.2 BILLION dollars in the box office, and at that point a sequel became inevitable. So the Read More
In Episode 152, Ben and Scott sit down with Steven Murawski, Lead Cloud Ops Advocate at Microsoft, at Microsoft Ignite to talk about the power and freedom that comes from managing your infrastructure as code using tools like Azure Repos and Azure Pipelines inside of Azure DevOps. You can follow Read More
