A Use Case for Adding Threat Hunting to Your Security Operations Team. https://isc.sans.edu/diary/30816 Notepad++ Parasite Site https://notepad-plus-plus.org/news/help-to-take-down-parasite-site/ Hugging Face Pickle File Vulnerablities https://huggingface.co/blog/hugging-face-wiz-security-blog Google Considers V8 Sandbox no longer experimental https://v8.dev/blog/sandbox
Send a textPrepare to have your mind expanded by Dr. Michael Koren's insights straight from the American College of Cardiology meeting in Atlanta, where he’s sparking excitement with new research on heart health and cholesterol management. As Dr. Koren talks about the new drug Inclisiran that's revolutionizing cholesterol treatment with Read More
Heartbleed 10th Anniversary https://heartbleed.com/ Possible Libarchive Backdoor Vulnerability https://github.com/libarchive/libarchive/pull/1609 Magento XML Backdoor https://sansec.io/research/magento-xml-backdoor Google Public DNS's approach to fight against cache poisoning attacks https://security.googleblog.com/2024/03/google-public-dnss-approach-to-fight.html Remote code execution (RCE)vulnerability in Brocade Fabric OS (CVE-2023-3454) https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/23215 SANS London April Evening Talk https://sans.zoom.us/webinar/register/WN_ZLLnQKCCQCywLGm-CM4xQg#/registration
Slicing up DoNex with Binary Ninja https://isc.sans.edu/diary/Slicing%20up%20DoNex%20with%20Binary%20Ninja/30812 HTTP/2 Continuation Flood https://nowotarski.info/http2-continuation-flood-technical-details/ Dangers of CSS in HTML Email https://lutrasecurity.com/en/articles/kobold-letters/ Dan Mazzella: Infostealers in Automotive Headunits https://www.sans.edu/cyber-research/exploring-infostealer-malware-techniques-automotive-head-units/
In this episode, we're going to examine the maritime sector's impact on global trade after the Baltimore Bridge collapse. In this roundup, we're featuring conversations with a TikTok-famous merchant mariner Gabby Salazar, who defies industry norms; Chris Cook, who uses data to track grain shipments through Ukraine; maritime attorney Lauren Beagan, Read More
In this enlightening episode, we delve into the impactful world of first responders and the mental health challenges they face, through the lens of Captain Chris Moore's personal and professional experiences. As a key figure in his department's Behavioral Health and Peer Support Team, Chris opens up about his own Read More
Playing with xzbot: Some things you can learn from SSH traffic https://isc.sans.edu/forums/diary/Some%20things%20you%20can%20learn%20from%20SSH%20traffic/30808/ Google Proposes Device Bound Session Credentials (DBSC) https://blog.chromium.org/2024/04/fighting-cookie-theft-using-device.html Four More Ivanti Vulnerabilities https://forums.ivanti.com/s/article/SA-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US Google Pixel Zero Day https://source.android.com/docs/security/bulletin/pixel/2024-04-01
Send a textCalling all medical practitioners, this episode is for you! You're in for an educational treat from cardiologists Dr. Michael Koren, Dr. Shailee Shah, and Dr. Shreya Ghetiya on the 21st Annual North Florida Cardiovascular Symposium. The enlightening discussions on cutting-edge topics that are revolutionizing the field of cardiology Read More
Chrome Incognito Mode Settlement https://www.wired.com/story/google-chrome-incognito-mode-data-deletion-settlement/ Google E-Mail Sender Guidelines FAQ https://support.google.com/a/answer/14229414?hl=en&fl=1&sjid=2270464422796374445-NC Cisco Updates and VPN Best Practices https://www.cisco.com/c/en/us/support/docs/security/secure-firewall-threat-defense/221806-password-spray-attacks-impacting-custome.html https://sec.cloudapps.cisco.com/security/center/publicationListing.x Apache Pulsar Vulnerability https://pulsar.apache.org/security/CVE-2024-29834/ Progress Flowmon Network Monitoring Tool Vulnerability CVE-2024-2389 https://support.kemptechnologies.com/hc/en-us/articles/24878235038733-CVE-2024-2389-Flowmon-critical-security-vulnerability Wait Just an Infosec Episode with Bojan Zdrnja: Thursday April 4th 2024 10:00 EDST https://isc.sans.edu/j/xzutils (link will redirect once Read More
In this episode, Blythe and Sean McGillicuddy, Chief Revenue Officer at Tai Software, explore how inefficient processes can hold back freight brokerages. Sean shares valuable advice on optimizing operations, leveraging data and analytics, and developing a strong brand identity to attract and retain customers. He also discusses auditing processes, utilizing Read More
The amazingly scary xz sshd backdoor https://isc.sans.edu/diary/The%20amazingly%20scary%20xz%20sshd%20backdoor/30802 The xz-utils backdoor in security advisories by national CSIRTs https://isc.sans.edu/diary/The+xzutils+backdoor+in+security+advisories+by+national+CSIRTs/30800 Checking CSV Files https://isc.sans.edu/diary/Checking%20CSV%20Files/30796 Infostealers Pose Threat to macOS https://www.jamf.com/blog/infostealers-pose-threat-to-macos/
Send a textUnlock the mysteries of medical research with Kevin Geddings and Dr. Michael Koren on MedEvidence Monday Minute! This isn't your average health podcast; it's a journey into the heart of medicine, where we dissect the truth from the tales and discover what it really takes to sharpen our Read More
Send a textGet ready to strategize like a pro with your hosts Phil Smith and James Johnson, as we dissect the Jaguars' offseason maneuvers and laser focus on the NFL Draft. We're not just breaking down player stats—no, we're building the blueprint for the Jaguars' leap to greatness. Strap in for Read More
From JavaScript to AsyncRAT https://isc.sans.edu/diary/From%20JavaScript%20to%20AsyncRAT/30788 TeamCity Patches https://www.jetbrains.com/privacy-security/issues-fixed/?product=TeamCity&version=2024.03 Okta Verify for Windows Auto-update Arbitrary Code Execution CVE-2024-0980 https://trust.okta.com/security-advisories/okta-verify-windows-auto-update-arbitrary-code-execution-cve-2024-0980/ Google Zero Day Report https://storage.googleapis.com/gweb-uniblog-publish-prod/documents/Year_in_Review_of_ZeroDays.pdf
Welcome to Episode 373 of the Microsoft Cloud IT Pro Podcast where Ben and Scott close out their review of Microsoft Intune and its third pillar – Endpoint security. They discuss the core components of Endpoint security, including antivirus, disk encryption, and firewall configuration. Ben also takes Scott on a Read More
In this episode, Blythe discusses the world of AI in freight with Garrett Allen, the co-founder of LoadPartner. Garrett discusses the current state of AI and how businesses can prepare for AI adoption. He also explains how AI can enhance logistics operations, addresses concerns about job displacement, and discusses the Read More
Join us in this unprecedented behind-the-badge episode as we focus on the heartbreak of infidelity with law enforcement veteran, author, and coach John Kelly. We investigate betrayal, affairs and rebuilding shattered trust in first responder marriages. John brings a wealth of knowledge on smashing the cycle of self-destruction and maintaining Read More
All the way from Portland Oregon, Imani is incredibly funny and a very good joke writer, this episode we recapped performing on Rozco's All-Star Comedy Weekend. Special thanks to the Rozco's comedy club for letting us record this! We talk the many differences between Portland and Austin comedy scenes, Imani's Read More
