News

Ever looked at a tunnel, construction site, or warehouse and wondered how bad the internet signal must be? Well, if you want a good one, it's probably going to be powered by the folks over at Rajant who specialize in setting all that up. Rajant's Director of Sales Todd Rigby joined the Read More

IPFS Phishing and the need for correctly set HTTP security headers https://isc.sans.edu/diary/IPFS%20phishing%20and%20the%20need%20for%20correctly%20set%20HTTP%20security%20headers/29638 Exploiting CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability https://www.mdsec.co.uk/2023/03/exploiting-cve-2023-23397-microsoft-outlook-elevation-of-privilege-vulnerability/ CVE-2023-23415 ICMP RCE https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23415 Chromium Certificate Proposals https://www.chromium.org/Home/chromium-security/root-ca-policy/moving-forward-together/

We’re joined by Giovanni Rocco, retired LEO and FBI covert operative and author of the book “Giovanni’s Ring: My life Inside the Real Sopranos”. Giovanni talks about the toll the job takes, and the unwitting sacrifices our spouses and children make as a result of the first responder profession. Giovanni Read More

If you have listened to the podcast in the last few years, you already know how long we have been waiting on the live adaptation for The Last of Us. So it should come as no surprise that we must officially record our review of the first season, and to Read More

Send a textWelcome to MedEvidence podcast, where we explore evidence-based medicine and provide insights into the latest research findings. In this episode, Dr. Koren will discuss the use of aspirin for primary and secondary prevention and whether or not it is necessary to take it every day at age 70.Dr. Read More

Microsoft Patch Tuesday https://isc.sans.edu/diary/Microsoft%20March%202023%20Patch%20Tuesday/29634 Adobe Cold Fusion and Magento (Adobe Commerce) patches https://helpx.adobe.com/security/products/magento/apsb23-17.html https://helpx.adobe.com/security/products/coldfusion/apsb23-25.html SAP Patches https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html Firefox Patches https://www.mozilla.org/en-US/security/advisories/mfsa2023-09/

As part of our sponsorship deal with SPI Logistics, we're talking to one of their freight agents every month to get the inside scoop on what the front lines look like in the freight broker world. This month's interview is with Brad Clarke. His office is located in the Pacific Read More

SVB Scams and New Domain Registrations https://isc.sans.edu/diary/Incoming%20Silicon%20Valley%20Bank%20Related%20Scams/29630 CISA Adds Older PLEX and VMWare Vulnerablities to Known-Exploited List https://www.bleepingcomputer.com/news/security/cisa-warns-of-actively-exploited-plex-bug-after-lastpass-breach/ FortiOS Vulnerability Exploited https://www.fortiguard.com/psirt/FG-IR-22-369

Send a textWelcome to MedEvidence Monday Minute on WSOS Radio. Today's topic is Lack of Trust on Medical Issues.  Tune in to hear Dr. Koren discuss ways to improve trust with levels of evidence. Be a part of advancing science by participating in clinical research.Have a question for Dr. Koren? Email Read More

@MrEricAlmighty is back with a new episode from his recurring series "Why you should watch ______ in less than 10 minutes!" and this week, we talk about Blue Lock. Find out what the show's strengths are, what it's all about, and why you should find the time to watch this Read More

AsynRAT Trojan - Bill Payment (Pago de la factura) https://isc.sans.edu/diary/AsynRAT+Trojan+Bill+Payment+Pago+de+la+factura/29626 Mirai Payload Generator https://isc.sans.edu/diary/Overview%20of%20a%20Mirai%20Payload%20Generator/29624 Multi-Technology Script Leading to Browser Hijacking https://isc.sans.edu/diary/Multi-Technology%20Script%20Leading%20to%20Browser%20Hijacking/29620 OneNote will warn users of embeded content https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=OneNote%2CIn%20development&searchterms=122277 Google Removing Chrome Cleanup Tool https://security.googleblog.com/2023/03/thank-you-and-goodbye-to-chrome-cleanup.html

"Youth and enthusiasm is probably what got me started on it." That's a quote by the CEO of Tai Software "Mitch" Mitchell when asked how someone wakes up one day and decides to build a TMS for freight brokerages. But after years in logistics and a background in computer science,  Read More

Suspected Chinese Campaign to Persist on SonicWall Devices https://www.mandiant.com/resources/blog/suspected-chinese-persist-sonicwall Old Cyber Gang Uses New Crypted - ScrubCrypt https://www.fortinet.com/blog/threat-research/old-cyber-gang-uses-new-crypter-scrubcrypt Home Assistant Supervisor Security Vulnerability https://www.home-assistant.io/blog/2023/03/08/supervisor-security-disclosure/ Fake ChatGPT Chrome Extensions https://www.helpnetsecurity.com/2023/03/09/fake-chatgpt-extension/ Criminals Steal Crytocurrency through Play-to-Earn Games https://www.ic3.gov/Media/Y2023/PSA230309

In Episode 324, Ben and Scott talk through some more fun with ChatGPT and how it can point you in the wrong direction even for code snippets. Then they dive into Azure Virtual Machine Scale Sets and orchestration modes including VMSS Flex. Like what you hear and want to support Read More

Increase in exploits against Joomla (CVE-2023-23752) https://isc.sans.edu/diary/Increase%20in%20exploits%20agains%20Joomla%20%28CVE-2023-23752%29/29614 Jenkins RCE Vulnerability https://blog.aquasec.com/jenkins-server-vulnerabilities Bitwarden: The Curious Use-Case of Password Pilfering https://flashpoint.io/blog/bitwarden-password-pilfering/ FortiOS Vulnerabilities https://www.fortiguard.com/psirt/FG-IR-23-001 Veeam Backup Vulnerabilities https://www.veeam.com/kb4245

In this episode, Stacy and David speak with Dr. Olivia Johnson, Founder of the Blue Wall Institute ( www.bw-institute.com ) about police officer suicide and The Fatal 10. We do a deep dive into the root causes of law enforcement officers taking their lives, and examine Dr. Johnson’s “Fatal 10” Read More

@PhilTheFilipino & @MrEricAlmighty have had an interest to explore foreign shows and films more than ever before. So for that reason, we will occasionally highlight international gems, and for this episode, we watched a film called The Banshees of Inisherin. We keep our thoughts spoiler-free for the start of this Read More

Send a textMedEvidence! Radio is a monthly live broadcast from WSOS 103.9 FM / 1170 AM with Kevin Geddings and Dr. Michael Koren. This month's MedEvidence Radio discusses the Silent Killer, Lipoprotein(a), Diabetes, and Clinical Research Technologies. We will dive into:🩺Clinical Research💙Lipoprotein(a)🍬Diabetes❤️Cardiovascular Health🔬 Clinical Research TrialsDr. Michael Koren is a Read More

Hackers Love This VSCode Extension: What You Can Do to Stay Safe https://isc.sans.edu/diary/Hackers%20Love%20This%20VSCode%20Extension%3A%20What%20You%20Can%20Do%20to%20Stay%20Safe/29610 Protecting Android Clipboard Content from Unintended Exposure https://www.microsoft.com/en-us/security/blog/2023/03/06/protecting-android-clipboard-content-from-unintended-exposure/ SYS01 Stealer Targeting Facebook Accounts https://blog.morphisec.com/sys01stealer-facebook-info-stealer

Scanning s3 Buckets https://isc.sans.edu/diary/Scanning%20s3%20buckets/29606 HiatusRAT Router Malware https://blog.lumen.com/new-hiatusrat-router-malware-covertly-spies-on-victims/ SonicWall Vulnerability https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0004 Windows Word RCE Proof-of-Concept https://twitter.com/jduck/status/1632471544935923712 https://qoop.org/publications/cve-2023-21716-rtf-fonttbl.md DBatLoader and Remcos RAT https://www.sentinelone.com/blog/dbatloader-and-remcos-rat-sweep-eastern-europe/