In Episode 83, Ben and Scott talk with Iain Foulds about his new book, Learn Azure in a Month of Lunches and how it can help those that are just getting started with Azure or the cloud get up to speed in just a month! Tweet @msclouditpro with the hashtag Read More
Adobe Releases Special Patch for Acrobat and Reader https://helpx.adobe.com/security/products/acrobat/apsb18-34.html Akamai State of the Internet Report https://www.akamai.com/us/en/about/our-thinking/state-of-the-internet-report/global-state-of-the-internet-security-ddos-attack-reports.jsp Peekabo DVR Vulnerability https://www.tenable.com/blog/tenable-research-advisory-peekaboo-critical-vulnerability-in-nuuo-network-video-recorder
Analyzing Office Docs https://isc.sans.edu/forums/diary/Dissecting+Malicious+MS+Office+Docs/24108/ Apple Updates Everything but macOS https://support.apple.com/en-us/HT201220 FBot Botnet https://blog.netlab.360.com/threat-alert-a-new-worm-fbot-cleaning-adbminer-is-using-a-blockchain-based-dns-en/ Related STI Paper: Botnet Reciliency via Private Blockchain (Jonathan Sweeny) https://www.sans.org/reading-room/whitepapers/covert/botnet-resiliency-private-blockchains-38050
In Episode 82, Ben and Scott are joined by Karuana Gatimu, Principal PM Manager in the Insights and Outreach team in Microsoft Engineering, where they discuss the latest happenings with Microsoft Teams - convergence with Skype for Business, Microsoft Teams governance, and the Office 365 Champions program. Don't forget to stop by Read More
So What is Going on With IPv4 Fragments these Days? https://isc.sans.edu/forums/diary/So+What+is+Going+on+With+IPv4+Fragments+these+Days/24092/ Magacart Javascript Injection Attacks https://www.bleepingcomputer.com/news/security/feedify-service-compromised-with-magecart-information-stealing-script/ Bypassing CSP using Polyglot JPEGs https://portswigger.net/blog/bypassing-csp-using-polyglot-jpegs
"findstr" used to extract malware from LNK files https://isc.sans.edu/forums/diary/What+is+dikona+or+glirote3/24084/ Tor Browser Javascript Vulnerability https://www.bleepingcomputer.com/news/security/exploit-affecting-tor-browser-burned-in-a-tweet/ Trend Micro App Leaks Data / Removed from Appstore https://forums.malwarebytes.com/topic/217353-get-rid-of-open-any-files-rar-support/?tab=comments#comment-1194838 Chrome removes Subdomains from URL Bar https://bugs.chromium.org/p/chromium/issues/detail?id=881410
Crypto Mining in a Windows Headless Browser https://isc.sans.edu/forums/diary/Crypto+Mining+in+a+Windows+Headless+Browser/24078/ MacOS Adware Doctor Stealing Browser History https://twitter.com/privacyis1st/status/1031428304543395840 https://objective-see.com/blog/blog_0x37.html VPN Applications with Privilege Escalation Vulnerabilities https://blog.talosintelligence.com/2018/09/vulnerability-spotlight-Multi-provider-VPN-Client-Privilege-Escalation.html Keybase Extension Allws Access By Scripts from Any Site https://palant.de/2018/09/06/keybase-our-browser-extension-subverts-our-encryption-but-why-should-we-care
Malware Uses Powershell to Comple C# Code on the Fly https://isc.sans.edu/forums/diary/Malicious+PowerShell+Compiling+C+Code+on+the+Fly/24072/ Stealing WiFi Credentials in Google Chrome https://www.surecloud.com/sc-blog/wifi-hijacking DNS Spoofing and Certificate Authority Domain Validation https://www.theregister.co.uk/2018/09/06/boffins_break_cas_domain_validation/ Cisco Vulnerabilities https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir&limit=30#~Vulnerabilities
In Episode 81, Ben and Scott dive into Microsoft Intune and mobile device management (MDM). Also, we'll be at Ignite, so don't forget to come by and say "Hi!". Sponsors Mover.io - Scan, Plan, Migrate, Report. Migrations that don’t suck - with Mover! Office365Mon.com - How do you know what's Read More
MEGA Chrome Extension Replaced with Password Stealer https://serhack.me/articles/mega-chrome-extension-hacked Python Package Installer May Execute Code https://github.com/mschwager/0wned Windows Scheduler Exploit Used in the Wild https://www.welivesecurity.com/2018/09/05/powerpool-malware-exploits-zero-day-vulnerability/ Where Have All My Certificates Gone? https://isc.sans.edu/forums/diary/Where+have+all+my+Certificates+gone+And+when+do+they+expire/24066/
Reversing and Modifying the Medium Mobile App https://hackernoon.com/dont-publish-yet-reverse-engineering-the-medium-app-and-making-all-stories-in-it-free-48c8f2695687 Active Directory Leaks via Azure https://www.blackhillsinfosec.com/red-teaming-microsoft-part-1-active-directory-leaks-via-azure/ Google Restricts Tech Support Ads https://www.blog.google/products/ads/restricting-ads-third-party-tech-support-services/?mod=article_inline
Cryptocoin Miners are More Popular Than Ever and Dominate in Attacks https://isc.sans.edu/forums/diary/Crypto+Mining+Is+More+Popular+Than+Ever/24050/ Cryptocoin Miners Deployed via Struts Vulnerability https://www.volexity.com/blog/2018/08/27/active-exploitation-of-new-apache-struts-vulnerability-cve-2018-11776-deploys-cryptocurrency-miner/ Mimecast Identifies Weaknesses in Existing EMail Filters https://www.mimecast.com/resources/ebooks/dates/2018/7/the-state-of-email-security-2018-report/ Android Leaks Information to Processes https://wwws.nightwatchcybersecurity.com/2018/08/29/sensitive-data-exposure-via-wifi-broadcasts-in-android-os-cve-2018-9489/
Today we dive into a listener question from Steve about EMS, Hybrid Azure AD joined devices and other fun topics around joining devices to Azure AD/Office 365. Sponsors Mover.io - Scan, Plan, Migrate, Report. Migrations that don’t suck - with Mover! Office365AdminPortal.com - Providing admins the knowledge and tools to run Read More
More Octoprint Details https://isc.sans.edu/forums/diary/3D+Printers+in+The+Wild+What+Can+Go+Wrong/24044/ Packagist Remote Code Injection Vulnerability https://justi.cz/security/2018/08/28/packagist-org-rce.html More OpenSSH User Enumeration Issues http://seclists.org/oss-sec/2018/q3/180 Two new TPM Vulnerabilities https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-han.pdf