Tech News

ISC StormCast for Tuesday, January 22nd 2019 January 21, 2019

Suspicious GET Request: Do you know what it is? https://isc.sans.edu/forums/diary/Suspicious+GET+Request+Do+You+Know+What+This+Is/24552/ DNS Flag Day https://dnsflagday.net/

ISC StormCast for Monday, January 21st 2019 January 20, 2019

Drupal Patches https://www.drupal.org/sa-core-2019-002 https://www.drupal.org/sa-core-2019-001 WPML User Data Compromised and Used in EMail To Customers https://wpml.org/2019/01/wpml-org-site-back-to-normal-after-an-attack-during-the-weekend/ Targeted Attack Uses Google Drive for Exfiltration https://unit42.paloaltonetworks.com/darkhydrus-delivers-new-trojan-that-can-use-google-drive-for-c2-communications/ Packet Challenge Solution https://johannes.homepc.org/packet8.txt

ISC StormCast for Friday, January 18th 2019 January 17, 2019

Android Malware Uses Motion Detection to Evade Analysis https://blog.trendmicro.com/trendlabs-security-intelligence/google-play-apps-drop-anubis-banking-malware-use-motion-based-evasion-tactics/ Twitter for Android Bug https://help.twitter.com/en/protected-tweets-android Introduction to WebAuthn/FIDO2 https://medium.com/@herrjemand/introduction-to-webauthn-api-5fd1fb46c285 Ransomware As a Service https://www.bleepingcomputer.com/news/security/blackrouter-ransomware-promoted-as-a-raas-by-iranian-developer/

Episode 108 – Backup and Recovery in Office 365 January 17, 2019

Scott and Matthew McDermott discuss how you can rationalize data backup and recovery features that are native to the Office 365 platform from both an admin (operations) and end-user perspective.

ISC StormCast for Thursday, January 17th 2019 January 16, 2019

Emotet and Other Malspam Campaigns Resume After Holiday Break https://isc.sans.edu/forums/diary/Emotet+infections+and+followup+malware/24532/ Magecart Delivered Via Compromised Advertising Sites https://blog.trendmicro.com/trendlabs-security-intelligence/new-magecart-attack-delivered-through-compromised-advertising-supply-chain/ Premisys Identicard Vulnerabilities https://www.tenable.com/security/research/tra-2019-01 ES File Explorer Open Port Vulnerability https://github.com/fs0c131y/ESFileExplorerOpenPortVuln

ISC StormCast for Wednesday, January 16th 2019 January 16, 2019

MSFT Skype/Team Foundation Server Patches https://isc.sans.edu/forums/diary/Microsoft+Publishes+Patches+for+Skype+for+Business+and+Team+Foundation+Server/24540/ SCP Client Vulnerabilities https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt Server Hosting Companies Trivilally Hacked https://www.websiteplanet.com/blog/report-popular-hosting-hacked/ Vulnerabilities in Industrial Remote Controls https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/attacks-against-industrial-machines-via-vulnerable-radio-remote-controllers-security-analysis-and-recommendations Oracle Quarterly Critical Patch Update https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

ISC StormCast for Tuesday, January 15th 2019 January 14, 2019

Microsoft LAPS - Blue Team / Red Team https://isc.sans.edu/forums/diary/Microsoft+LAPS+Blue+Team+Red+Team/24528/ Intel SGX Platform Update https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00203.html Godaddy Injecting JavaScript https://www.igorkromin.net/index.php/2019/01/13/godaddy-is-sneakily-injecting-javascript-into-your-website-and-how-to-stop-it/ Play with Docker Vulnerability https://www.cyberark.com/threat-research-blog/how-i-hacked-play-with-docker-and-remotely-ran-code-on-the-host/

ISC StormCast for Monday, January 14th 2019 January 13, 2019

Government Website TLS Certificates Expire due to Partial Shutdown https://news.netcraft.com/archives/2019/01/10/gov-security-falters-during-u-s-shutdown.html Firefox EOL Plan for Flash https://bugzilla.mozilla.org/show_bug.cgi?id=1519434 Fake Movie File Malware https://www.bleepingcomputer.com/news/security/fake-movie-file-infects-pc-to-steal-cryptocurrency-poison-google-results/ Microsoft Windows Patch Breaks Access 97 https://borncity.com/win/2019/01/11/windows-january-2019-updates-breaks-access-to-access-dbs/ Snorpy Assists in Snort Rule Writing https://isc.sans.edu/forums/diary/Snorpy+a+Web+Base+Tool+to+Build+SnortSuricata+Rules/24522/ Packet Challenge

ISC StormCast for Friday, January 11th 2019 January 10, 2019

Old Tricks still work: I love you Malspam https://isc.sans.edu/forums/diary/Heartbreaking+Emails+Love+You+Malspam/24512/ Juniper Updates Released https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10916&cat=SIRT_1&actp=LIST https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10918&cat=SIRT_1&actp=LIST New Systemd/Journald Exploit Release https://www.qualys.com/2019/01/09/system-down/system-down.txt Global DNS Hijacking https://www.fireeye.com/blog/threat-research/2019/01/global-dns-hijacking-campaign-dns-record-manipulation-at-scale.html

Episode 107 – What’s New in Office 365 January 10, 2019

Ben and Scott discuss what's new in Office 365, including the re-introduction of custom tags on OneNote, new voice features and admin roles in Microsoft Teams, and a slew of updates to SharePoint web parts.

ISC StormCast for Thursday, January 10th 2019 January 09, 2019

Simple Mechanism for Creating Certificates https://blog.filippo.io/mkcert-valid-https-certificates-for-localhost/ Review of Smartphone Face Recognition https://www.consumentenbond.nl/veilig-internetten/gezichtsherkenning-te-hacken Google Public DNS now supports DNS-over-TLS https://security.googleblog.com/2019/01/google-public-dns-now-supports-dns-over.html Malwarebytes Freezes Windows 7 https://forums.malwarebytes.com/topic/241223-malwarebytes-for-windows-and-windows-7-freezelock-up/ German Police Looking for MAC Address https://polizei.brandenburg.de/pressemeldung/f8-e0-79-af-57-eb-cyber-fahndung-nach-ma/1310909

ISC StormCast for Wednesday, January 9th 2019 January 08, 2019

Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+January+2019+Patch+Tuesday/24504/ https://patchtuesdaydashboard.com/ Adobe Updates https://helpx.adobe.com/security.html Google Play Store Adware https://blog.trendmicro.com/trendlabs-security-intelligence/adware-disguised-as-game-tv-remote-control-apps-infect-9-million-google-play-users/ Ethereum Classic 51% Attack https://blog.coinbase.com/ethereum-classic-etc-is-currently-being-51-attacked-33be13ce32de

ISC StormCast for Tuesday, January 8th 2019 January 07, 2019

Malware of the Day: Encrypted Word Document https://isc.sans.edu/forums/diary/Analyzing+Encrypted+Malicious+Office+Documents/24498/ Apple iOS Apps Reaching Out to Malware Server https://www.wandera.com/risky-apps/ NCSC Offers Assistance Against Attacks from Foreign Governments https://www.dni.gov/index.php/ncsc-how-we-work/ncsc-know-the-risk-raise-your-shield/ncsc-awareness-materials Hardware Agnostic Side Channel Attacks https://arxiv.org/abs/1901.01161

ISC StormCast for Monday, January 7th 2019 January 06, 2019

Malware in TAR Files https://isc.sans.edu/forums/diary/Malicious+tar+Attachments/24496/ ReiKey MacOS Keystoke Logger Detector https://objective-see.com/products/reikey.html Phishing Tool Kit uses Simple Substituion Fonts https://www.proofpoint.com/us/threat-insight/post/phishing-template-uses-fake-fonts-decode-content-and-evade-detection

ISC StormCast for Friday, January 4th 2019 January 03, 2019

Malware Leaks Victim Data via FTP https://isc.sans.edu/forums/diary/Malicious+Script+Leaking+Data+via+FTP/24484/ Hijacking Dormant Twitter Accounts https://techcrunch.com/2019/01/02/hackers-islamic-state-propaganda-twitter/ Android Authentication Bypass via Skype https://www.youtube.com/watch?v=EiEcwOfTFqI Critical Adobe Updates https://helpx.adobe.com/security/products/acrobat/apsb19-02.html FilesLocker Ransomware Master Key Published https://www.bleepingcomputer.com/news/security/master-decryption-key-released-for-fileslocker-ransomware/

Episode 106 – History of OneDrive January 03, 2019

In Episode 106, Ben sits down with Jason Moore, Head of OneDrive Product, Partner Group Program Manager at Microsoft and Stephen Rose Sr Product Marketing Manager- OneDrive at Live! 360 Orlando. They take a walk down memory lane and discuss the history of OneDrive and how and the components and functionality of Read More

ISC StormCast for Thursday, January 3rd 2019 January 02, 2019

Gift Card Scams https://isc.sans.edu/forums/diary/Gift+Card+Scams+on+the+rise/24482/ WiFi Chipset Exploit https://2018.zeronights.ru/wp-content/uploads/materials/19-Researching-Marvell-Avastar-Wi-Fi.pdf?fbclid=IwAR07FmZGKLKdJAKI4g0o-Wm-dLGwclV8Hhi-L4_HRlklldY8UC6WY72AdAw

ISC StormCast for Wednesday, January 2nd 2019 January 01, 2019

Bypassing Vein Scanner Authentication (in german) https://media.ccc.de/v/35c3-9545-venenerkennung_hacken Hacking Smart Lightbulbs and Firmware Exploits https://media.ccc.de/v/35c3-9723-smart_home_-_smart_hack European Union Offers Bug Bounty for Open Source Software https://juliareda.eu/fossa/ Bypassing Google ReCaptcha https://github.com/ecthros/uncaptcha2

ISC StormCast for Friday, December 28th 2018 December 27, 2018

Phishing Attack Uses IP Counter https://isc.sans.edu/forums/diary/Matryoshka+Phish/24460/ JungleSec Ransomware Attacks via IPMI https://www.bleepingcomputer.com/news/security/junglesec-ransomware-infects-victims-through-ipmi-remote-consoles/ Microsoft Edge PoC RCE Exploit https://github.com/phoenhex/files/blob/master/pocs/cve-2018-8629-chakra.js

Episode 105 – From AzureRm to Az in Azure PowerShell December 27, 2018

In Episode 105, Ben and Scott get into the news around the latest release of Azure PowerShell and the transition from AzureRm to Az and the impacts it has on existing PowerShell-based automation for Azure. They also get into how you can protect your IaaS SQL Servers that are hosted in Read More

Older Entries Newer Entries