In Episode 62, Ben and Scott take a walk through the latest news in the Microsoft world. Sponsors Join Ben and Scott at SharePoint Conference North America. Register today at sharepointna.com with the code SHOAG and save $50 on your registration. Office365AdminPortal.com - Providing admins the knowledge and tools to Read More
Loyds Bank Phish Leads to Trickbot https://isc.sans.edu/forums/diary/Nice+Phishing+Sample+Delivering+Trickbot/23641/ Firefox Group Policy Engine https://www.bleepingcomputer.com/news/software/group-policy-support-coming-to-firefox-60/ OS Vendors Fix Intel Debug Flaw https://www.kb.cert.org/vuls/id/631579 Cryptocoin Miner in Excel https://charles.dardaman.com/js_coinhive_in_excel
Parsing Windows Job Files https://isc.sans.edu/forums/diary/Adding+Persistence+Via+Scheduled+Tasks/23633/ SYN-ACK Ransomware Uses Dobbleganging Technique https://securelist.com/synack-targeted-ransomware-uses-the-doppelganging-technique/85431/ More Drupal Compromises https://badpackets.net/large-cryptojacking-campaign-targeting-vulnerable-drupal-websites/ Russia vs. Telegram https://twitter.com/instasegv/status/993521755192020992 https://www.bleepingcomputer.com/news/government/russia-blocks-50-vpns-and-proxy-services-providing-access-to-telegram/
In Episode 61, Scott and Ben dive into a listener question on the various options for cloud-based file shares, including SharePoint Online and Azure Files. Sponsors Join Ben and Scott at SharePoint Conference North America. Register today at sharepointna.com with the code SHOAG and save $50 on your registration. Office365AdminPortal.com Read More
GPS Jamming Becoming More Common https://www.avweb.com/avwebflash/news/GPS-Jamming-Major-Threat-to-Drone-230749-1.html https://www.heise.de/newsticker/meldung/GPS-unter-Beschuss-Jamming-und-Spoofing-nehmen-zu-4038137.html Windows Command Line References https://isc.sans.edu/forums/diary/Windows+Commands+Reference+An+InfoSec+Must+Have/23613/ LoJack Laptop Anti-Theft Software "Phones Home" to Russia https://asert.arbornetworks.com/lojack-becomes-a-double-agent/ Google Maps Can Be Used as a URL Shortener https://nakedsecurity.sophos.com/2018/05/01/google-maps-open-redirect-flaw-abused-by-spammers/ Retrieving DVR Credentials via "Admin Cookie" https://github.com/ezelf/CVE-2018-9995_dvr_credentials
April WebLogic Patch Incomplete and Intense Scanning for WebLogic Under Way https://www.bleepingcomputer.com/news/security/hackers-scan-the-web-for-vulnerable-weblogic-servers-after-oracle-botches-patch/ Facex Worm Spreads Malicious Chrome Extensions via Facebook https://blog.trendmicro.com/trendlabs-security-intelligence/facexworm-targets-cryptocurrency-trading-platforms-abuses-facebook-messenger-for-propagation/ $15 DTV Transmitter as a SDR https://hackernoon.com/osmo-fl2k-a-15-dtv-transmitter-fm-radio-hijack-and-gps-spoofing-device-68ac08ba7d76
A Few Sample #Drupal Exploits including CVE-2018-7602 https://isc.sans.edu/forums/diary/More+Threat+Hunting+with+User+Agent+and+Drupal+Exploits/23597/ Triggering SMB Connections to Steal NTLM Credentials via PDFs https://research.checkpoint.com/ntlm-credentials-theft-via-pdf-files/ NTFS Crash DoS Exploit Published for Windwos 10 and 7 https://github.com/mtivadar/windows10_ntfs_crash_dos Apple HomeKit / Secure Element Problems https://www.youtube.com/watch?v=1CNAMgctAp0 Azucar Assessing Azure Security https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/april/introducing-azucar/
HP iLO Ransomware https://www.bleepingcomputer.com/news/security/ransomware-hits-hpe-ilo-remote-management-interfaces/ Total Meltdown Exploit Available https://blog.xpnsec.com/total-meltdown-cve-2018-1038/ WD My Cloud EX2 Access Control Bypass https://www.trustwave.com/Resources/SpiderLabs-Blog/WD-My-Cloud-EX2-Serves-Your-Files-to-Anyone/ Hyperoptic ZTE Home Router Hardcoded Account https://www.contextis.com/resources/advisories/hyperoptic-zte-home-routers
In Episode 60, Scott and Ben spend 30 minutes talking about a magical text box that runs in the cloud - Azure Cloud Shell. Sponsors Join Ben and Scott at SharePoint Conference North America. Register today at sharepointna.com with the code SHOAG and save $50 on your registration. Office365AdminPortal.com - Read More
In Episode 59, Ben and Scott dive into Azure Network Security and walk through the concept of an Azure Virtual Datacenter. Sponsors Join Ben and Scott at SharePoint Conference North America. Register today at sharepointna.com with the code SHOAG and save $50 on your registration. Office365AdminPortal.com - Providing admins the Read More
In Episode 58, Scott and Ben sat down (virtually) with Bill Baer to discuss SPC18! We reminisce about past SharePoint Conference and what Microsoft is bringing back from past conference and new aspects will be coming to SPC18 that you can forward to. Sponsors Join Ben and Scott at SharePoint Conference Read More
In Episode 57, Scott and Ben are back with your monthly dose of cloud news. This month, it's all about Azure and Office 365, including updates to Microsoft Teams, some exciting announcements around Azure resiliency, and much more. Sponsors Join Ben and Scott at SharePoint Conference North America. Register today Read More
In Episode 56, Ben learns all about Azure Security Center from Scott. Azure Security Center Azure Security Center Pricing What is Azure Security Center? Tutorial: Define and assess security policies Tutorial: Protect your resources with Azure Security Center Quickstart: Onboard your Azure subscription to Security Center Standard
In Episode 55, Ben and Scott break down Visio Online. Visio Online Compare Visio options Visio Online Service Description Visio Online: Frequently Asked Questions Supported scenarios for installing different versions of Office, Visio, and Project on the same computer Visio Viewer for iOS
In Episode 54, Scott and Ben are back with an interview with Brian Levenson (@brian_levenson), the Microsoft 365 US Government Product Marketing Manager. Announcing Microsoft 365 for US Government New Apps and Services in Office 365 US Government Office 365 US Government Service Description Office 365 Government Community Cloud Service Read More
