Microsoft Windows Task Scheduler Local Privilege Escalation Vulnerability https://www.kb.cert.org/vuls/id/906424 3D Printers Exposed to Internet https://isc.sans.edu/forums/diary/OctoPrint+3D+Web+Interfaces+EXPOSED+Port+5000+default/24038/ Firefox Nightly Built Removes Trust From Symantec Certificates https://bugzilla.mozilla.org/show_bug.cgi?id=1460062 https://bugzilla.mozilla.org/show_bug.cgi?id=1484006
Struts Exploits for CVE-2018-11776 on Github (there are more. just a sample) https://github.com/mazen160/struts-pwn_CVE-2018-11776 https://github.com/jiguang7/CVE-2018-11776 Publisher Malware https://isc.sans.edu/forums/diary/Microsoft+Publisher+Files+Delivering+Malware/24024/ https://isc.sans.edu/forums/diary/Microsoft+Publisher+malware+static+analysis/24026/ AT Commands https://atcommands.org/atdb/vendors Using a Microphone to Read Screen Content https://www.cs.tau.ac.il/~tromer/synesthesia/synesthesia.pdf
In Episode 79, Ben and Scott get Azure Application Gateway - a layer 7 load-balancer offering from Microsoft. Sponsors Mover.io - Scan, Plan, Migrate, Report. Migrations that don’t suck - with Mover! Intelligink - We focus on the Microsoft Cloud so you can focus on your business Office365AdminPortal.com - Providing Read More
Fragmentsmack Summary https://isc.sans.edu/forums/diary/Back+to+the+90s+FragmentSmack/23998/ HP Does Not Release Patches for Non-Windows Users https://www.intego.com/mac-security-blog/exclusive-hp-leaves-mac-users-vulnerable-to-fax-hacks/ More about VB Script 0-Day Vulnerability and "Dark Hotel" (chinese only) https://ti.360.net/blog/articles/analyzing-attack-of-cve-2018-8373-and-darkhotel/ https://blog.trendmicro.com/trendlabs-security-intelligence/use-after-free-uaf-vulnerability-cve-2018-8373-in-vbscript-engine-affects-internet-explorer-to-run-shellcode/ PHP Deserialization Vulnerability Code Execution https://cdn2.hubspot.net/hubfs/3853213/us-18-Thomas-It's-A-PHP-Unserialization-Vulnerability-Jim-But-Not-As-We-....pdf?
In Episode 78, Ben and Scott talk about two exciting new Azure offerings - Azure Virtual WAN and Azure Firewall. Sponsors Mover.io - Scan, Plan, Migrate, Report. Migrations that don’t suck - with Mover! Office365AdminPortal.com - Providing admins the knowledge and tools to run Office 365 successfully Intelligink - We Read More
Password Protected Word Documents Push AZORult and Hermes Ransomware https://isc.sans.edu/forums/diary/More+malspam+pushing+passwordprotected+Word+docs+for+AZORult+and+Hermes+Ransomware/23992/ Linux IP Fragmentation DoS https://www.kb.cert.org/vuls/id/641765 Scripting Mouse Clicks to Bypass macOS Security https://speakerdeck.com/patrickwardle/the-mouse-is-mightier-than-the-sword Concentration of Coinhive Miners https://arxiv.org/pdf/1808.00811.pdf
Microsoft Patch Tuesday Summary https://isc.sans.edu/forums/diary/Microsoft+August+2018+Patch+Tuesday/23986/ Oracle Database Patch http://www.oracle.com/technetwork/security-advisory/alert-cve-2018-3110-5032149.html Intel Fixes Three More CPU Flaws https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault
New Sextorition Wave Using Partial Phone Numbers New Extortion Tricks: Now Including Your (Partial) Phone Number! Intel Releases Patch for Puma Modem Chips https://www.dslreports.com/forum/r32071020-Internet-Rogers-modem-router-rebooting-on-wan-scans-by-design https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-000097.html Bluetooth Low Energy Attack Tool https://github.com/virtualabs/btlejack Tesla Will Fix Cars if Researcher Breaks it While Hacking https://twitter.com/bitquark/status/1028373178421309440
VIA C3 "God Mode" https://github.com/xoreaxeaxeax/rosenbridge Apple MDM Vulnerablity https://www.wired.com/story/mac-remote-hack-wifi-enterprise/ Peeking into MSG Files https://isc.sans.edu/forums/diary/Peeking+into+msg+files+revisited/23974/ Hunting SSL/TLS Clients Using JA3 https://isc.sans.edu/forums/diary/Hunting+SSLTLS+clients+using+JA3/23972/ Mobile Payment Terminal Vulnerabilities https://www.blackhat.com/us-18/briefings.html#for-the-love-of-money-finding-and-exploiting-vulnerabilities-in-mobile-point-of-sales-systems
Vulnerabilities in Pacemaker Programmer and Insulin Pumps https://arstechnica.com/information-technology/2018/08/lack-of-encryption-makes-hacks-on-life-saving-pacemakers-shockingly-easy/ "Panic Attacks" Against City Infrastructure https://www.bbc.com/news/technology-45128053 Kaspersky VPN Leaks DNS Traffic https://www.inputzero.io/2018/08/kaspersky-vpn-leaks-dns-address.html Osiris Dropper Uses Process Dopplegaenging https://blog.malwarebytes.com/threat-analysis/2018/08/osiris-using-process-doppelganging/
In Episode 77, Ben and Scott run down some of the latest announcements for SharePoint Online and Office 365. Sponsors Mover.io – Scan, Plan, Migrate, Report. Migrations that don’t suck – with Mover! Office365AdminPortal.com - Providing admins the knowledge and tools to run Office 365 successfully Intelligink - We focus on Read More
Linux TCP DoS Vulnerability https://www.kb.cert.org/vuls/id/962459 Let's Encrypt Now Trusted By All Major Root CA Programs https://letsencrypt.org/2018/08/06/trusted-by-all-major-root-programs.html Android Updates https://source.android.com/security/bulletin/2018-08-01 OpenEMR Vulnerabilities https://insecurity.sh/assets/reports/openemr.pdf
