Decoding UTF-16 in UDF Files https://isc.sans.edu/forums/diary/Text+and+TNULeNULxNULtNUL/24912/ VMWare Fusion 11 Guest VM RCE https://theevilbit.github.io/posts/vmware_fusion_11_guest_vm_rce_cve-2019-5514/ Hackers Are Using Bad Passwords Too https://www.ankitanubhav.info/post/c2bruting Amazon S3 Discontinues Path Style Access https://www.bleepingcomputer.com/news/security/amazon-to-disable-s3-path-style-access-used-to-bypass-censorship/
New SAP Exploits Used to Target Exposed https://www.onapsis.com/10kblaze Cisco Patches SSH Default Credential Vulnerability in Nexus 9000 Switches https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-nexus9k-sshkey Current State of JavaScript Crypto Jacking https://blog.malwarebytes.com/cybercrime/2019/05/cryptojacking-in-the-post-coinhive-era/ D-Link Camera Vulnerabilities https://www.welivesecurity.com/2019/05/02/d-link-camera-vulnerability-video-stream/ Securepairs Promotes "Right to Repair" https://securepairs.org/
RCE Vulnerability in Dell Support Assist https://d4stiny.github.io/Remote-Code-Execution-on-most-Dell-computers/ Creston Multiple Vulnerabilities https://www.crestron.com/en-US/Security/Security_Advisories Polymorphic Skimmer Targeting 57 different Payment Gateways https://labs.sansec.io/2019/04/29/polymorphic-skimmer-57-payment-gateways/ More Attacks Against S/Mime and PGP Signed Email https://github.com/RUB-NDS/Johnny-You-Are-Fired/blob/master/paper/johnny-fired.pdf
iLnkP2P Allows Access To Millions of Security Cameras https://hacked.camera Windows 10 Users Not Applying October Update https://reports.adduplex.com/#/r/2019-04 iFrame "Ransom Support" Attacks https://blog.trendmicro.com/trendlabs-security-intelligence/tech-support-scam-employs-new-trick-by-using-iframe-to-freeze-browsers/
We discuss FULL SPOILERS in this episode - so if you have not seen the movie, please turn around and listen to our spoiler free version instead (you can come back here later #DontSpoilTheEndgame). @MrEricAlmighty and @Philthefilipino share their thoughts from start to finish of this 3 hour journey that Read More
#DontSpoilTheEndgame is in full session here, as @MrEricAlmighty and @Philthefilipino discuss their spoiler free thoughts on Avengers Endgame! Already see the movie? Head on over to our FULL spoiler discussion episode!As always, don't forget to follow us on Twitter @WaitForItPod to show your support, and we are also active on Read More
Unpatched Vulnerablity in WebLogic Exploited https://isc.sans.edu/forums/diary/Unpatched+Vulnerability+Alert+WebLogic+Zero+Day/24880/ Collecting Windows Service Accounts https://isc.sans.edu/forums/diary/Service+Accounts+Redux+Collecting+Service+Accounts+with+PowerShell/24882/ Confluence Vulnerablity Exploited by GandGrab https://blog.alertlogic.com/active-exploitation-of-confluence-vulnerability-cve-2019-3396-dropping-gandcrab-ransomware/ New Micrsoft Security Baseline for Windows 10 / Windows Server https://blogs.technet.microsoft.com/secguide/2019/04/24/security-baseline-draft-for-windows-10-v1903-and-windows-server-v1903/
In Episode 122, Ben and Scott talk about strategies for saving money on virtual machines in Azure by stopping them when they’re not needed, right-sizing your workloads, and techniques for horizontal scaling with Azure autoscale. Sponsors Mover.io - Scan, Plan, Migrate, Report. Migrations that don’t suck - with Mover! Sperry Read More
Rooting Out Unwanted Domain Admins With Powershell https://isc.sans.edu/forums/diary/Where+have+all+the+Domain+Admins+gone+Rooting+out+Unwanted+Domain+Administrators/24874/ Mac OS X-Protect Now Covering Windows Malware https://twitter.com/patrickwardle/status/1120771284286103552 Wifi Finder Leaks Hotspot Passwords https://techcrunch.com/2019/04/22/hotspot-password-leak/ Github Hosting Phishing Pages https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits RSA Webinar: The Five Most Dangerous New Attack Techniques and How to Counter Them https://www.rsaconference.com/videos/rsac-2019-the-five-most-dangerous-new-attack-techniques-and-how-to-counter-them-continued
Decoding Malicious VBA Office Document Without Source Code https://isc.sans.edu/forums/diary/Malicious+VBA+Office+Document+Without+Source+Code/24870/ More Updates on "ShadowHammer" Supply Chain Attack https://securelist.com/operation-shadowhammer-a-high-profile-supply-chain-attack/90380/ A Malicious Sight in Google Sites https://www.netskope.com/blog/malicious-google-sites
.rar Files Exploiting ACE Vulneraiblity CVE-2018-20250 https://isc.sans.edu/forums/diary/rar+Files+and+ACE+Exploit+CVE201820250/24864/ Malware Senders Become Younger and Less Sophisticated (in German) https://www.heise.de/security/meldung/Malware-Verteiler-werden-immer-juenger-infizieren-sich-oft-selbst-4403823.html McAfee Antivirus Affected by April Windows Update Crashes http://kc.mcafee.com/corporate/index?page=content&id=KB91465 Rules to Protect Against Azure Blog Phishing in Outlook 365 https://malware-research.org/simple-rule-to-protect-against-spoofed-windows-net-phishing-attacks/ Windows 7 End of Support Messages https://www.windowslatest.com/2019/04/20/windows-7-users-are-now-receiving-the-end-of-support-notifications/
Analyzing UDF Files Using Python https://isc.sans.edu/forums/diary/Analyzing+UDF+Files+with+Python/24860/ HTML Ping To Be Adopted By All Major Browsers https://webkit.org/blog/8821/link-click-analytics-and-privacy/ Microsoft to Modify Edge User Agent for Some Sites https://www.onmsft.com/news/new-edge-insider-browser-can-change-user-agent-strings-based-on-what-website-youre-visiting French Government Chat System Used Weak User Management https://m.heise.de/security/meldung/Tchap-Frankreichs-nicht-so-exklusiver-Regierungschat-4403961.html
Malware Delivered As a UDF .img file https://isc.sans.edu/forums/diary/Malware+Sample+Delivered+Through+UDF+Image/24854/ Facebook Stored Passwords in Plain Text https://newsroom.fb.com/news/2019/03/keeping-passwords-secure/ Iranian Statesponsored Malware and Data Leaked https://misterch0c.blogspot.com/2019/04/apt34-oilrig-leak.html Windows 8 Live Tiles Domain Takeover https://www.golem.de/news/subdomain-takeover-microsoft-verliert-kontrolle-ueber-windows-kacheln-1904-140709.html
In Episode 121, Ben and Scott walk through some of the latest announcements for Azure Storage and Azure AD. Sponsors Mover.io - Scan, Plan, Migrate, Report. Migrations that don’t suck - with Mover! Sperry Software - Powerful Outlook Add-ins developed to make your email life easy even if you’re too Read More
PoC Exploit for Windows 10 DHCP Client Vulnerability CVE-2019-0726 (russian) https://habr.com/ru/company/pt/blog/448378/ Oracle April 2019 Critical Patch Update https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html WiPro Breached Via Phishing Attacks https://krebsonsecurity.com/2019/04/experts-breach-at-it-outsourcing-giant-wipro/ IDA and GHydra Part 2 (Strings And Parameters) https://isc.sans.edu/forums/diary/A+few+Ghidra+tips+for+IDA+users+part+2+strings+and+parameters/24848/