In Episode 84, Ben and Scott talk about the latest announcements from Microsoft Ignite 2018. There are so many things we could talk about, but we've focused on Office 365, the Microsoft security stack, and some of the newest services coming in Azure IaaS. Sponsors Mover.io - Scan, Plan, Migrate, Report. Read More
Odd DNS Requests from Firewalls https://isc.sans.edu/forums/diary/Suspicious+DNS+Requests+Issued+by+a+Firewall/24128/ Securing API Connections https://isc.sans.edu/forums/diary/The+danger+of+sending+information+for+API+consumption+without+adequate+security+measures/24130/ Microsoft JET Database 0day https://www.zerodayinitiative.com/advisories/ZDI-18-1075/ Western Digital Releases Patch for MyCloud Drives https://support.wdc.com/knowledgebase/answer.aspx?ID=25952&s Job Offers With Malware Attachment https://www.bleepingcomputer.com/news/security/malware-disguised-as-job-offers-distributed-on-freelance-sites/
In Episode 83, Ben and Scott talk with Iain Foulds about his new book, Learn Azure in a Month of Lunches and how it can help those that are just getting started with Azure or the cloud get up to speed in just a month! Tweet @msclouditpro with the hashtag Read More
Adobe Releases Special Patch for Acrobat and Reader https://helpx.adobe.com/security/products/acrobat/apsb18-34.html Akamai State of the Internet Report https://www.akamai.com/us/en/about/our-thinking/state-of-the-internet-report/global-state-of-the-internet-security-ddos-attack-reports.jsp Peekabo DVR Vulnerability https://www.tenable.com/blog/tenable-research-advisory-peekaboo-critical-vulnerability-in-nuuo-network-video-recorder
Analyzing Office Docs https://isc.sans.edu/forums/diary/Dissecting+Malicious+MS+Office+Docs/24108/ Apple Updates Everything but macOS https://support.apple.com/en-us/HT201220 FBot Botnet https://blog.netlab.360.com/threat-alert-a-new-worm-fbot-cleaning-adbminer-is-using-a-blockchain-based-dns-en/ Related STI Paper: Botnet Reciliency via Private Blockchain (Jonathan Sweeny) https://www.sans.org/reading-room/whitepapers/covert/botnet-resiliency-private-blockchains-38050
In Episode 82, Ben and Scott are joined by Karuana Gatimu, Principal PM Manager in the Insights and Outreach team in Microsoft Engineering, where they discuss the latest happenings with Microsoft Teams - convergence with Skype for Business, Microsoft Teams governance, and the Office 365 Champions program. Don't forget to stop by Read More
So What is Going on With IPv4 Fragments these Days? https://isc.sans.edu/forums/diary/So+What+is+Going+on+With+IPv4+Fragments+these+Days/24092/ Magacart Javascript Injection Attacks https://www.bleepingcomputer.com/news/security/feedify-service-compromised-with-magecart-information-stealing-script/ Bypassing CSP using Polyglot JPEGs https://portswigger.net/blog/bypassing-csp-using-polyglot-jpegs
"findstr" used to extract malware from LNK files https://isc.sans.edu/forums/diary/What+is+dikona+or+glirote3/24084/ Tor Browser Javascript Vulnerability https://www.bleepingcomputer.com/news/security/exploit-affecting-tor-browser-burned-in-a-tweet/ Trend Micro App Leaks Data / Removed from Appstore https://forums.malwarebytes.com/topic/217353-get-rid-of-open-any-files-rar-support/?tab=comments#comment-1194838 Chrome removes Subdomains from URL Bar https://bugs.chromium.org/p/chromium/issues/detail?id=881410
Crypto Mining in a Windows Headless Browser https://isc.sans.edu/forums/diary/Crypto+Mining+in+a+Windows+Headless+Browser/24078/ MacOS Adware Doctor Stealing Browser History https://twitter.com/privacyis1st/status/1031428304543395840 https://objective-see.com/blog/blog_0x37.html VPN Applications with Privilege Escalation Vulnerabilities https://blog.talosintelligence.com/2018/09/vulnerability-spotlight-Multi-provider-VPN-Client-Privilege-Escalation.html Keybase Extension Allws Access By Scripts from Any Site https://palant.de/2018/09/06/keybase-our-browser-extension-subverts-our-encryption-but-why-should-we-care
Malware Uses Powershell to Comple C# Code on the Fly https://isc.sans.edu/forums/diary/Malicious+PowerShell+Compiling+C+Code+on+the+Fly/24072/ Stealing WiFi Credentials in Google Chrome https://www.surecloud.com/sc-blog/wifi-hijacking DNS Spoofing and Certificate Authority Domain Validation https://www.theregister.co.uk/2018/09/06/boffins_break_cas_domain_validation/ Cisco Vulnerabilities https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir&limit=30#~Vulnerabilities
In Episode 81, Ben and Scott dive into Microsoft Intune and mobile device management (MDM). Also, we'll be at Ignite, so don't forget to come by and say "Hi!". Sponsors Mover.io - Scan, Plan, Migrate, Report. Migrations that don’t suck - with Mover! Office365Mon.com - How do you know what's Read More
MEGA Chrome Extension Replaced with Password Stealer https://serhack.me/articles/mega-chrome-extension-hacked Python Package Installer May Execute Code https://github.com/mschwager/0wned Windows Scheduler Exploit Used in the Wild https://www.welivesecurity.com/2018/09/05/powerpool-malware-exploits-zero-day-vulnerability/ Where Have All My Certificates Gone? https://isc.sans.edu/forums/diary/Where+have+all+my+Certificates+gone+And+when+do+they+expire/24066/
