Massive Botnet Targets M365 with Password Spraying A large botnet is targeting service accounts in M365 with credentials stolen by infostealer malware. https://securityscorecard.com/wp-content/uploads/2025/02/MassiveBotnet-Report_022125_03.pdf Mixing up Public and Private Keys in OpenID The complex OpenID specificiation and the flexibility it supports enables careless administrators to publich private keys instead or in Read More
Send a textKevin Geddings talks with Cardiologist Dr. Michael Koren about the health risks and benefits of alcohol, which continue to be significant topics of discussion in health circles. This episode delves into a late Biden-era proposal for alcohol warning labels amid growing concerns about cancer risks associated with consumption. Read More
Unfurl Update Released Unfurl released an Update fixing a few bugs and adding support to decode BlueSky URLs. https://isc.sans.edu/diary/Unfurl%20v2025.02%20released/31716 Google Confirms GMail To Ditch SMS Code Authentication Google no longer considers SMS authentication save enough for GMail. Instead, it pushes users to use Passkeys, or QR code based app authentication Read More
Tool Update: Sigs.py Jim updates sigs.py. The tool verifies hashes for files and automatically recognizes what hash is used. https://isc.sans.edu/diary/Tool%20update%3A%20sigs.py%20-%20added%20check%20mode/31706 Google Announcing Quantum Safe Digital Signatures in Cloud KMS Google announced the option to use quantum safe digital signatures for its cloud key management system. https://cloud.google.com/blog/products/identity-security/announcing-quantum-safe-digital-signatures-in-cloud-kms Windows 11 Patch issues Read More
Send a textRheumatologist Dr. Manish Jain joins Cardiologist Dr. Michael Koren as they discuss how performing clinical trials can help physicians become more holistic and knowledgeable, and how the process can result in better care for patients. In this conversation, the principal investigators explore Dr. Manish's journey as a clinician Read More
The squad is back from Manifest and we’ve got some takeaways to share from all of our conversations from the podcast booth to the expo floor. Also in the show, Blythe talks about the week after launching CargoRex and the lessons we’re already learning along with platform improvements we’re shipping.LINKS:CargoRexRobotics, Data, Read More
Using ES|QL In Kibana to Query DShield Honeypot Logs Using the "Elastic Search Piped Query Language" to query DShield honeypot logs https://isc.sans.edu/diary/Using%20ES%7CQL%20in%20Kibana%20to%20Queries%20DShield%20Honeypot%20Logs/31704 Mongoose Flaws Put MongoDB at risk The Object Direct Mapping library Mongoose suffers from an injection vulnerability leading to the potenitial of remote code exeuction in MongoDB https://www.theregister.com/2025/02/20/mongoose_flaws_mongodb/ Read More
XWorm Cocktail: A Mix of PE data with PowerShell Code Quick analysis of an interesting XWrom sample with powershell code embedded inside an executable https://isc.sans.edu/diary/XWorm+Cocktail+A+Mix+of+PE+data+with+PowerShell+Code/31700 Microsoft's Majorana 1 Chip Carves New Path for Quantum Computing Microsoft announced a breack through in Quantum computing. Its new prototype Majorana 1 chip takes Read More
In this episode, we welcome Dr. Falisa Asberry, a retired law enforcement veteran and Peacock Training & Consulting Group CEO. Together, we explore the vital concept of vicarious trauma and its effects on first responders and organizations. Dr. Falisa highlights the importance of the Four Domains of resilience and shares Read More
Send a textDr. Dan Schlager, who started his career as an ER physician, joins Dr. Michael Koren to talk about his life path as a physician inventor who transformed emergency response through an innovative GPS technology. Dr. Schlager also talks about other inventions like a lightning-proof shirt, and the legal Read More
ModelScan: Protection Against Model Serialization Attacks ModelScan is a tool to inspect AI models for deserialization attacks. The tool will detect suspect commands and warn the user. https://isc.sans.edu/diary/ModelScan%20-%20Protection%20Against%20Model%20Serialization%20Attacks/31692 OpenSSH MitM and DoS Vulnerabilities OpenSSH Patched two vulnerabilities discovered by Qualys. One may be used for MitM attack in specfic configurations Read More
My Very Personal Guidance and Strategies to Protect Network Edge Devices A quick summary to help you secure edge devices. This may be a bit opinionated, but these are the strategies that I find work and are actionable. https://isc.sans.edu/diary/My%20Very%20Personal%20Guidance%20and%20Strategies%20to%20Protect%20Network%20Edge%20Devices/31660 PostgreSQL SQL Injection A followup to yesterday's segment about the PostgreSQL Read More
Send a textDr. Michael Koren joins Kevin Geddings as they explore the history and significance of clinical trial integrity over the last 50 years. Dr. Koren brings up the story of Dr. David Baltimore, who's test results on viruses were questioned and who's vigilance helped establish the rigorous standards we Read More
Fake BSOD Delivered by Malicious Python Script Xavier found an odd malicious Python script that displays a blue screen of death to users. The purpose isn't quite clear. It could be a teach support scam tricking users into calling the 800 number displayed, or a simple anti-reversing trick https://isc.sans.edu/diary/Fake%20BSOD%20Delivered%20by%20Malicious%20Python%20Script/31686 The Read More
Send a textOn this episode, Medicare and insurance expert Andy Stansfield joins Dr. Michael Koren to review the differences between traditional Medicare and Medicare Advantage. Andy reveals the intricacies of Medicare's components - Parts A, B, C, and D - and explains how the government collaborates with private insurance companies Read More
DShield SIEM Docker Updates Interested in learning more about the attacks hitting your honeypot? Guy assembled a neat SIEM to create dashboards summarizing the attacks. https://isc.sans.edu/diary/DShield%20SIEM%20Docker%20Updates/31680 PANOS Path Confusion Auth Bypass Palo Alto Networks fixed a path confusion vulnerability introduced by the overly complex midle box chain in PANOS. https://slcyber.io/blog/nginx-apache-path-confusion-to-auth-bypass-in-pan-os/ Read More
Welcome to Episode 395 of the Microsoft Cloud IT Pro Podcast. In this episode, we dive into Azure Virtual Desktop (AVD) and how it enables organizations to deliver secure, scalable Virtual Desktop Infrastructure (VDI) in the cloud. Whether you’re looking to modernize remote work, enhance security, or optimize IT costs, Read More
An Ontology for Threats: Cybercrime and Digital Forensic Investigation on Smart City Infrastructure Smart cities is a big topic for many local governments. With building these complex systems, attacks will follow. https://isc.sans.edu/diary/An%20ontology%20for%20threats%2C%20cybercrime%20and%20digital%20forensic%20investigation%20on%20Smart%20City%20Infrastructure/31676 North Korean state actor tricking admins into executing PowerShell North Korean state actors are spending quite a bit Read More
Join us for an inspiring episode featuring Joe Matthews, retired Captain of the New York City Fire Department. As we explore his remarkable FDNY career, Joe shares how his experiences shaped his identity and resilience. Discover the transformative journey that led him to cycle coast to coast for charitable causes, Read More
Send a textThis episode blends analysis of the Super Bowl outcome with a deep dive into the Jacksonville Jaguars' newly structured coaching staff. We reflect on how the Eagles’ impressive performance can serve as a blueprint for the Jaguars and share personal experiences that highlight emotional ties to our favorite Read More
