Extract HTTP Requests from PCAPs and Turn Them Into cURL Commands https://isc.sans.edu/forums/diary/pcap2curl+Turning+a+pcap+file+into+a+set+of+cURL+commands+for+replay/22900/ Apple Patches Embarrasing MacOS High Sierra Flaw https://www.appleworld.today/blog/2017/10/5/macos-high-sierra-flaw-exposes-passwords-of-encrypted-apfs-volumes Another Tomcat PUT Vulnerability https://lists.apache.org/thread.html/3fd341a604c4e9eab39e7eaabbbac39c30101a022acc11dd09d7ebcb@%3Cannounce.tomcat.apache.org%3E Dallas Haselhorst: HL7 Healthcare Protocol https://www.sans.org/reading-room/whitepapers/hipaa/hl7-data-interfaces-medical-environments-understanding-fundamental-flaw-healthcare-38005 https://www.sans.org/reading-room/whitepapers/vpns/hl7-data-interfaces-medical-environments-attacking-defending-achilles-heel-healthcare-38010 https://www.tripwire.com/state-of-security/security-data-protection/hl7-data-interfaces-in-medical-environments/
Live from Microsoft Ignite! In Episode 29, Ben and Scott discuss the architecture of Microsoft Teams, how it is deployed and managed by Microsoft, and how organizations can enable themselves for a successful deployment in light of the announcement that Skype for Business will be built into Microsoft Teams. YouTube Read More
Fedex Malspam Pushes Formbook Infostealer Malware https://isc.sans.edu/forums/diary/Malspam+pushing+Formbook+info+stealer/22888/ Wordpress Plugins Heavily Abused For Site Defacements https://www.wordfence.com/blog/2017/10/3-zero-day-plugin-vulnerabilities-exploited-wild/ Fake WordPress Security Plugin Being Advertised https://blog.sucuri.net/2017/09/fake-plugins-fake-security.html Proof Of Concept Information Disclosure for Internet Explorer https://www.brokenbrowser.com/revealing-the-content-of-the-address-bar-ie/ Nzyme Wifi Frame Recording and Forensics https://wtf.horse/2017/10/02/introducing-nzyme-wifi-802-11-frame-recording-and-forensics/ Cyber Security Interviews https://twitter.com/CSI_Podcast/status/915026734801489921
Passive DNS Investigating Security Incidents with Passive DNS Bypassing Domain Authentication https://medium.freecodecamp.org/how-i-hacked-hundreds-of-companies-through-their-helpdesk-b7680ddc2d4c DNSMasq Vulnerabilities https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
Who's Borrowing Your Resources. Javascript Monero Miners on Video Sites https://isc.sans.edu/forums/diary/Whos+Borrowing+your+Resources/22882/ OS X Silently Patches Javascript Quarantine Bypass https://www.wearesegment.com/research/Mac-OS-X-Local-Javascript-Quarantine-Bypass.html Apple EFI Updates Often Not Applied https://duo.com/blog/the-apple-of-your-efi-mac-firmware-security-research
In Episode 28, Scott and Ben sit down with Corey Sanders, Director of Azure Compute, to discuss the latest updates to the Azure platform announced at Microsoft Ignite. Topics include compute, networking, and security. Azure Blog Tuesdays With Corey on Channel 9
Everything You Ever Wanted To Know About JPEGs (and more) https://isc.sans.edu/forums/diary/It+is+a+resume+Part+3/22808/ Linux 4.14 Memory Encryption https://lwn.net/Articles/686808/ CLKSCREW: Exposing Secure Enclaves via Energy Management https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-tang.pdf ~ ~ ~ ~
In this episode, we had the opportunity to sit down with Microsoft's own Dan Holme and talk to him about the SharePoint ecosystem, where it's been, and where it is now. We also jump into some of the new announcements from Microsoft Ignite and how they continue to move SharePoint Read More
In Episode 26, Ben has a chat with Anthony Woodward, the CTO of RecordPoint, where they discuss records management and compliance in SharePoint. About Anthony Woodward Anthony Woodward is the CTO of RecordPoint. As one of the original founders, Anthony has a vast amount of experience in the ECM features Read More
In episode 25, Scott sits down with John "JG" Chirapurath, General Manager of Microsoft's data platform business to chat about how customers can approach Microsoft's data platform offerings in Azure and enable new workloads in the cloud. Azure data and analytics platform
macOS High Sierra Security Updates https://support.apple.com/en-us/HT201222 Possible macOS Keychain Leak https://twitter.com/patrickwardle/status/912254053849079808 Monero Cryptocoin Miner Found on Showtime Website https://badpackets.net/coinhive-miner-found-on-official-showtime-network-websites-in-latest-case-of-cryptojacking/
Scott and I do something different. On our drive down to Microsoft Ignite, we record our take on the announcements coming out of the keynote at Microsoft Ignite. We give our thoughts on the announcements based on our knowledge of the topics the day before the keynote. We’ll talk about Read More
More (Likely Fake) DDoS Extortion Attempts https://isc.sans.edu/forums/diary/Emails+threatening+DDoS+allegedly+from+Phantom+Squad/22856/ CVE-2017-8759 Used in Cyber Crime Attacks https://isc.sans.edu/forums/diary/Email+attachment+using+CVE20178759+exploit+targets+Argentina/22850/ CCleaner Command and Control Server http://blog.talosintelligence.com/2017/09/ccleaner-c2-concern.html?m=1 Vulnerability in Intel Managment Engine Can Lead to Execution of Unsigned Code https://www.blackhat.com/eu-17/briefings/schedule/#how-to-hack-a-turned-off-computer-or-running-unsigned-code-in-intel-management-engine-8668
In Episode 23, Ben and Scott cover Microsoft Planner, Microsoft’s work management solution for Office 365. Microsoft Cloud IT Pro Podcast at Ignite! YouTube Channel Microsoft Planner Product Page Microsoft Planner Microsoft Planner Limitations Office 365 Planner FAQ
