News

Episode 73 – Azure Government July 12, 2018

In Episode 73, Ben and Scott talk about Azure Government - what it is, who can use it, and some of the considerations when you do. Sponsors Office365AdminPortal.com - Providing admins the knowledge and tools to run Office 365 successfully Intelligink - We focus on the Microsoft Cloud so you Read More

ISC StormCast for Thursday, July 12th 2018 July 11, 2018

Hello Peppa Followup https://isc.sans.edu/forums/diary/Well+Hello+Again+Peppa/23860/ Spectre 1.1 and 1.2 https://people.csail.mit.edu/vlk/spectre11.pdf Internet Exchanges Band Together against BGP Hijacking https://dyn.com/blog/shutting-down-the-bgp-hijack-factory/ Google Enabled Site Isolation in Chrome https://www.bleepingcomputer.com/news/security/google-enables-site-isolation-feature-for-99-percent-of-chrome-desktop-users/

ISC StormCast for Wednesday, July 11th 2018 July 10, 2018

MSFT Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+Patch+Tuesday+July+2018+now+with+Dashboard/23858/ https://patchtuesdaydashboard.com/ SettingContent-ms Files Blacklisted https://support.office.com/en-us/article/packager-activation-in-office-365-desktop-applications-52808039-4a7c-4550-be3a-869dd338d834?ui=en-US&rs=en-US&ad=US Adobe Patches https://helpx.adobe.com/security.html Stolen DLINK Certificate https://www.welivesecurity.com/2018/07/09/certificates-stolen-taiwanese-tech-companies-plead-malware-campaign/

ISC StormCast for Tuesday, July 10th 2018 July 09, 2018

Reverse Shell via Weblogic Flaw https://isc.sans.edu/forums/diary/Criminals+Dont+Read+Instructions+or+Use+Strong+Passwords/23850/ Apple Patches Everything Again https://isc.sans.edu/forums/diary/Apple+Patches+Everything+Again/23852/ Microsoft Offers Better Azure AD Password Protection http://www.longevitytech.us/2018/07/09/azure-ad-password-protection-the-cloud-security-service-your-active-directory-needs-now/

ISC StormCast for Monday, July 9th 2018 July 08, 2018

Trivial Exploit For HP iLO 4 (patched last August) https://airbus-seclab.github.io/ilo/SSTIC2018-Article-subverting_your_server_through_its_bmc_the_hpe_ilo4_case-gazet_perigaud_czarny.pdf Flexible Miner/Ransomware https://securelist.com/to-crypt-or-to-mine-that-is-the-question/86307/ Hacker Steals Gas From Gas Station https://gizmodo.com/hackers-reportedly-stole-600-gallons-of-gas-from-detroi-1827433411

ISC StormCast for Friday, July 6th 2018 July 05, 2018

Gentoo GitHub Breach Post Morten https://wiki.gentoo.org/wiki/Github/2018-06-28 Hamas Sets World Cup Trap for Israeli Soldiers https://www.reuters.com/article/us-israel-palestinians-cyber/israel-says-hamas-tried-to-snare-soldiers-in-world-cup-cyber-trap-idUSKBN1JT1ZX

Episode 72 – SharePoint Online and OneDrive for Business with Omar Shahine July 05, 2018

In Episode 72, Ben and Scott interview Microsoft's Omar Shahine, Director of Program Management, OneDrive and SharePoint. It is an "around-the-world" tour of the program management process at Microsoft, SharePoint Spaces, and how customers interact directly with the product teams to drive features and functionality in the Office 365 product suite. Read More

ISC StormCast for Thursday, July 5th 2018 July 04, 2018

Progress Indication For Scripts in Windows https://isc.sans.edu/forums/diary/Progress+indication+for+scripts+on+Windows/23830/ Stylish Extension Steals History https://robertheaton.com/2018/07/02/stylish-browser-extension-steals-your-internet-history/ Data Leaks From Android Apps https://recon.meddle.mobi/panoptispy/

ISC StormCast for Tuesday, July 3rd 2018 July 02, 2018

Odd PHP Exploit Attempt https://isc.sans.edu/forums/diary/Hello+Peppa+PHP+Scans/23826/ Diameter Security Report https://www.ptsecurity.com/ww-en/premium/diameter-2018/ Attack Against Trezor via DNS or BGP https://blog.trezor.io/psa-phishing-alert-fake-trezor-wallet-website-3bcfdfc3eced Symantec Offers VPNFilter Check http://www.symantec.com/filtercheck/

ISC StormCast for Monday, July 2nd 2018 July 01, 2018

MacOS Malware Targeting Slack/Dicord Crypto Comunities https://isc.sans.edu/forums/diary/Crypto+community+target+of+MacOS+malware/23816/ New LTE Attacks Made Public https://alter-attack.net Rowhammer Attacks Against Android https://rampageattack.com

ISC StormCast for Friday, June 29th 2018 June 28, 2018

Less Greedy Cryptominers https://isc.sans.edu/forums/diary/New+and+Improved+Cryptominers+Now+with+50+less+Greed/23812/ Disassemling Webassembly https://www.forcepoint.com/blog/security-labs/analyzing-webassembly-binaries Spectre Browser Mitigation Bypass https://alephsecurity.com/2018/06/26/spectre-browser-query-cache/ Gentoo Github Repository Compromise https://archives.gentoo.org/gentoo-announce/message/dc23d48d2258e1ed91599a8091167002

Episode 71 – Accessing Office 365 on Mobile Devices June 28, 2018

In Episode 71, Ben and Scott get you off your desktop, out of your browser and discuss accessing Office 365 from a mobile device. Sponsors Office365AdminPortal.com - Providing admins the knowledge and tools to run Office 365 successfully Intelligink - We focus on the Microsoft Cloud so you can focus Read More

ISC StormCast for Thursday, June 28th 2018 June 27, 2018

Secret Office 365 Activity Log API Unveiled (plus tool to extract logs) http://lmgsecurity.com/exposing-the-secret-office-365-forensics-tool/ Anonymizing Printers https://tu-dresden.de/ing/informatik/sya/ps/die-professur/news/geheime-daten-auf-dem-druckpapier-diplominformatiker-der-tu-dresden-entwickeln-verfahren-gegen-druckerueberwachung Silently Profiling Unknown Malware Samples https://isc.sans.edu/forums/diary/Silently+Profiling+Unknown+Malware+Samples/23808/ Cisco CVE-2018-0296 Exploited https://www.bleepingcomputer.com/news/security/cisco-asa-flaw-exploited-in-the-wild-after-publication-of-two-pocs/

ISC StormCast for Wednesday, June 27th 2018 June 27, 2018

Analyzing XPS Files https://isc.sans.edu/forums/diary/Analyzing+XPS+files/23804/ WPA3 Standard Finalized https://www.wi-fi.org/news-events/newsroom/wi-fi-alliance-introduces-wi-fi-certified-wpa3-security Executing Code with SettingContent-ms Files https://posts.specterops.io/the-tale-of-settingcontent-ms-files-f1ea253e4d39 EFF Analysis of STARTTLS https://www.eff.org/deeplinks/2018/06/technical-deep-dive-starttls-everywhere

ISC StormCast for Tuesday, June 26th 2018 June 25, 2018

Guilty By Association https://isc.sans.edu/forums/diary/Guilty+by+association/23800/ Filezila and Adware https://forum.filezilla-project.org/viewtopic.php?t=48441 iOS Pin Brute Forcing Confusion https://twitter.com/hackerfantastic/status/1010631766087032832 https://twitter.com/hackerfantastic/status/1010240042990596096 Azure Baseline Security Policy https://cloudblogs.microsoft.com/enterprisemobility/2018/06/22/baseline-security-policy-for-azure-ad-admin-accounts-in-public-preview/ Phone Battery Usage as Keystroke Logger https://sites.google.com/site/silbersteinmark/Home/popets18power.pdf?attredirects=1

ISC StormCast for Monday, June 25th 2018 June 24, 2018

XPS Documents Used for Spam https://isc.sans.edu/forums/diary/XPS+Attachment+Used+for+Phishing/23794/ New Exploit Kit Trends https://researchcenter.paloaltonetworks.com/2018/06/unit42-the-old-and-new-current-trends-in-web-based-threats/ https://blog.malwarebytes.com/cybercrime/2018/06/exploit-kits-spring-2018-review/ Deprecating TLSv1.0 and TLSv1.1 https://datatracker.ietf.org/doc/draft-moriarty-tls-oldversions-diediedie/ Leaky Firebase Installs http://info.appthority.com/-q2-2018-mtr-download-Firebase-vulnerability

ISC StormCast for Friday, June 22nd 2018 June 21, 2018

Fake Fortnite https://blog.malwarebytes.com/cybercrime/2018/06/fake-fortnite-android-links-found-youtube/ Fake Wannacry E-Mails https://twitter.com/actionfrauduk/status/1009803967705092096 Ransomware Installs In Internet Cafes http://hznews.hangzhou.com.cn/shehui/content/2018-06/16/content_7020998.htm OpenVPN Malicious Configuration Files https://medium.com/tenable-techblog/reverse-shell-from-an-openvpn-configuration-file-73fd8b1d38da Cisco Advisories https://tools.cisco.com/security/center/publicationListing.x

Episode 70 – Catching up on Office 365 News June 21, 2018

In Episode 70, Scott and Ben crawl out of their holes to bring you the latest and greatest happenings in Office 365. Sponsors Office365AdminPortal.com - Providing admins the knowledge and tools to run Office 365 successfully Intelligink - We focus on the Microsoft Cloud so you can focus on your Read More

ISC StormCast for Thursday, June 21st 2018 June 20, 2018

Netflix Phishing Sites Using TLS https://isc.sans.edu/forums/diary/Secure+Phishing+Netflix+Phishing+Goes+TLS/23786/ OpenBSD Disables Hyperthreading By Default https://www.mail-archive.com/[email protected]/msg99141.html Bithumb Cyrpto Currency Exchnage Breached Again https://www.bleepingcomputer.com/news/security/bithumb-hacked-second-time-in-a-year-hackers-steal-31-million/ Microsoft Edge CORS Bypass via Audio Files https://jakearchibald.com/2018/i-discovered-a-browser-bug/ Microsoft Releases a Special Patch for Oracle Outside-In Libraries https://support.microsoft.com/en-us/help/4092041/description-of-the-security-update-for-microsoft-exchange-server-2013

ISC StormCast for Wednesday, June 20th 2018 June 19, 2018

PowerShell ScriptBlock Loggin Bypass in the Wild https://isc.sans.edu/forums/diary/PowerShell+ScriptBlock+Logging+Or+Not/23782/ Virustotal "False Positive" Alert http://blog.virustotal.com/2018/06/vtmonitor-to-mitigate-false-positives.html Cloud Environments Explosed to the Internet https://info.lacework.com/hubfs/Containers%20At-Risk_%20A%20Review%20of%2021,000%20Cloud%20Environments.pdf Google Home DNS Rebinding Attack Reveals Geolocation https://www.tripwire.com/state-of-security/vert/googles-newest-feature-find-my-home

Older Entries Newer Entries