News

Apple Patches Jailbreak Vulnerability https://support.apple.com/en-us/HT210549 Scanning for Pulse Secure VPN Endpoints https://badpackets.net/over-14500-pulse-secure-vpn-endpoints-vulnerable-to-cve-2019-11510/ Emotet is Back https://www.bleepingcomputer.com/news/security/emotet-botnet-is-back-servers-active-across-the-world/

Simple Mimikatz And RDPWrapper Dropper https://isc.sans.edu/forums/diary/Simple+Mimikatz+RDPWrapper+Dropper/25262/ Malware Impersonating IRS https://www.irs.gov/newsroom/security-summit-warns-of-new-irs-impersonation-email-scam-reminds-taxpayers-the-irs-does-not-send-unsolicited-emails Instagram Phishing with 2FA Codes https://nakedsecurity.sophos.com/2019/08/23/instagram-phishing-uses-2fa-as-a-lure/ GitHub Adding WebAuthn Support https://www.theregister.co.uk/2019/08/23/github_upgrades_its_twofactor_authentication_with_webauthn_support/ Lenovo Solution Center Privilege Escalation https://www.pentestpartners.com/security-blog/privesc-in-lenovo-solution-centre-10-minutes-later/

Steam Zero Days and Bug Bounty Controversy https://www.theregister.co.uk/2019/08/22/valve_bug_bounty_steam_u_turn/ bb-builder malicious npm Package https://blog.reversinglabs.com/blog/the-npm-package-that-walked-away-with-all-your-passwords Phishers Customize Branded Outlook 365 Login Pages https://www.bleepingcomputer.com/news/security/phishing-attacks-scrape-branded-microsoft-365-login-pages/

In Episode 139, Ben and Scott talk about Azure Migrate v2 and how you can use the new Azure Migrate hub to integrate both Microsoft and ISV tooling into a single pane of glass for executing migrations to Azure. Sponsors Sperry Software – Powerful Outlook Add-ins developed to make your email Read More

KAPE vs. Commando VM: Red vs. Blue https://isc.sans.edu/forums/diary/KAPE+Kroll+Artifact+Parser+and+Extractor/25258/ Attacks against Exposed Sphinx Servers https://www.bsi.bund.de/EN/Topics/IT-Crisis-Management/CERT-Bund/CERT-Reports/HOWTOs/Open-Sphinx-Server/open-Sphinx-server_node.html Cisco Patches https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir&limit=50#~Vulnerabilities Newly Registered Domains Most Dangerous https://unit42.paloaltonetworks.com/newly-registered-domains-malicious-abuse-by-bad-actors/

The whole world was shocked at the news of Spider-Man leaving the MCU, including @MrEricAlmighty & @PhilTheFilipino. We have some MAJOR thoughts on this development, with our reactions coming from the night of the breaking news being released to the public. What does this mean for Spider-Man films moving forward? Read More

Guildma Malware is Now Using Facebook and YouTube as Update Channel https://isc.sans.edu/forums/diary/Guildma+malware+is+now+accessing+Facebook+andYouTube+to+keep+uptodate/25222/ Supply Chain Issues: rest-client ruby gem backdoored https://www.theregister.co.uk/2019/08/20/ruby_gem_hacked/

iOS 12.4 Jailbreak Released after Reindruced Vulnerability form 12.2 https://github.com/pwn20wndstuff/Undecimus/releases SHA2-Signed Updates for Windows Not Available with Symantec Endpoint Protection https://support.symantec.com/us/en/article.tech255857.html Attacking and Downgrading Bluetooth Key Negotiation https://knobattack.com

Large Number of VoIP System Vulnerabilities Released https://www.sit.fraunhofer.de/en/cve/ Confidential Company Documents Leaked in Public Sandboxes https://blog.cylab.co/2019/08/16/confidential-company-documents-exposed-in-public-sandboxes/ https://www.sit.fraunhofer.de/en/news-events/latest/press-releases/details/news-article/show/gefahr-uebers-telefon/ Trend Micro Password Manager DLL Hijacking https://esupport.trendmicro.com/en-us/home/pages/technical-support/1123396.aspx Firefox Password Manager May Leak Passwords https://www.mozilla.org/en-US/security/advisories/mfsa2019-24/#CVE-2019-11733

@PhilTheFilipino is here with a short, solo review of the new comedy, Good Boys! Do we have a comedy classic on our hands or is Good Boys aiming for shock value only? Did you see Good Boys? Let us know what you thought?Also, be sure to follow us on ALLLLLLL Read More

Analysis of a Spearphishing Maldoc https://isc.sans.edu/forums/diary/Analysis+of+a+Spearphishing+Maldoc/25242/ IoT Security Stagnation https://securityledger.com/2019/08/huge-survey-of-firmware-finds-no-security-gains-in-15-years/ Kaspersky Insecurity https://www.heise.de/ct/artikel/Kasper-Spy-Kaspersky-Anti-Virus-puts-users-at-risk-4496138.html

In Episode 138, Ben and Scott discuss an issue Scott ran into with PowerShell, scheduled tasks, and PowerShell jobs. They then talk about a preview capability in Azure AD for custom roles, some announced changes for Office 365 and support for legacy TLS versions. Sponsors ShareGate – ShareGate’s industry-leading products help Read More

MedusaHTTP Malware https://isc.sans.edu/forums/diary/Recent+example+of+MedusaHTTP+malware/25234/ Cryptominer uses DuckDNS for C&C https://www.varonis.com/blog/monero-cryptominer/ Intel NUC Vulnerabilities https://www.intel.com/content/www/us/en/security-center/default.html HTTP/2 Vulnerabilities https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md

Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/August+2019+Microsoft+Patch+Tuesday/25236/ Adobe Patches https://helpx.adobe.com/security.html Windows Text Services Vulnerabilities https://googleprojectzero.blogspot.com/2019/08/down-rabbit-hole.html#ftnt2

Malicious DAA Attachments https://isc.sans.edu/forums/diary/Malicious+DAA+Attachments/25230/ SQLLite Exploits https://research.checkpoint.com/select-code_execution-from-using-sqlite/ Printer Vulnerabilities https://www.defcon.org/html/defcon-27/dc-27-speakers.html#Romero https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-xerox-printers/?research=Technical+advisories

100% JavaScript Phishing Page https://isc.sans.edu/forums/diary/100+JavaScript+Phishing+Page/25220/ Vulnerabilities in DSLR Cameras https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera/ https://global.canon/en/support/security/d-camera.html Turning Tesla into Surveilance Platform https://github.com/tevora-threat/scout Basic Electron Framework Exploitation https://www.contextis.com/en/blog/basic-electron-framework-exploitation

Kubernetes Security Audit Published https://github.com/kubernetes/community/blob/master/wg-security-audit/findings/Kubernetes%20Final%20Report.pdf https://www.cncf.io/blog/2019/08/06/open-sourcing-the-kubernetes-security-audit/ Apple Expands Bug Bounty https://www.blackhat.com/us-19/briefings/schedule/index.html#behind-the-scenes-of-ios-and-mac-security-17220 https://www.forbes.com/sites/thomasbrewster/2019/08/08/apple-confirms-1-million-reward-for-hackers-who-find-serious-iphone-vulnerabilities/ 0-Day Privilege Escalation in Steam Client https://amonitoring.ru/article/steamclient-0day/ Actual Sextortion Trojan https://www.welivesecurity.com/2019/08/08/varenyky-spambot-campaigns-france/

In Episode 137, Ben and Scott dive into the latest Azure and Office 365 news, including the public preview of Azure Dedicated Host, the announced end-of-life for Skype for Business Online, and Private Channels in Microsoft Teams. Sponsors Opsgility – Your Cloud enablement partner to help guide your organization through all Read More

AT&T Insiders Bribed to Obtain Unlock Codes https://www.justice.gov/usao-wdwa/press-release/file/1191031/download Older RDP Vulnerability Can be Used for HyperV VM Escape https://www.microsoft.com/security/blog/2019/08/07/a-case-study-in-industry-collaboration-poisoned-rdp-vulnerability-disclosure-and-response/ Cisco Patches Smart Switch 220 Vulnerabilities https://tools.cisco.com/security/center/publicationListing.x Firefox for Android Supporting WebAuthn https://blog.mozilla.org/security/2019/08/05/web-authentication-in-firefox-for-android/

@MrEricAlmighty & @PhilTheFilipino finally saw Hobbs & Shaw, and we discuss whether or not the franchise spin-off film is worth the admission ticket in theaters. We start with a spoiler free review by discussing our likes & dislikes (3:25 - 17:02), give our final thoughts and score for the film Read More