In Episode 53, Scott and Ben give a rundown of the latest updates and enhancements in Microsoft Teams. What’s new in Microsoft Teams – February update Collaborate securely with anyone in Microsoft Teams Intelligent Communications takes the next step with calling in Teams Quick start guide: Configuring Calling Plans in Read More
Ransomware News: GlobeImposter Gets A Facelift, GandCrab is Still Out there https://isc.sans.edu/forums/diary/Ransomware+news+GlobeImposter+gets+a+facelift+GandCrab+is+still+out+there/23417/ How to Break Encryption https://blog.malwarebytes.com/threat-analysis/2018/03/encryption-101-how-to-break-encryption/ Bypassing Adobe Flash Security Protections https://securingtomorrow.mcafee.com/mcafee-labs/hackers-bypassed-adobe-flash-protection-mechanism/ Hundreds of Bitcoin Mining Servers Stolen in Iceland https://www.theguardian.com/world/2018/mar/07/hundreds-of-bitcoin-mining-servers-stolen-in-iceland Several Android Mail Apps Send Password To Developer (article in German) https://www.kuketz-blog.de/mail-apps-zahlreiche-android-apps-uebermitteln-login-passwort/
Exploit for CVE-2018-6789 https://devco.re/blog/2018/03/06/exim-off-by-one-RCE-exploiting-CVE-2018-6789-en/ Microsoft Fixes USB Issues Introduced By February Patches https://support.microsoft.com/en-us/help/4090913/march5-2018kb4090913osbuild16299-251 123 Reg Looses Backups https://www.bleepingcomputer.com/news/business/123-reg-backup-snafu-causes-clients-to-lose-files-since-august-2017/ Android March Security Bulletin https://source.android.com/security/bulletin/2018-03-01#media-framework
Malicious Bash Script with Multiple Features https://isc.sans.edu/forums/diary/Malicious+Bash+Script+with+Multiple+Features/23411/ More Memcached DDoS Attacks https://www.arbornetworks.com/blog/asert/netscout-arbor-confirms-1-7-tbps-ddos-attack-terabit-attack-era-upon-us/ Spring Framework Vulnerability https://lgtm.com/blog/spring_data_rest_CVE-2017-8046 LTE Vulnerabilities http://homepage.divms.uiowa.edu/~comarhaider/publications/LTE_NDSS18_paper.pdf
52. That's quite a number. It's not the number of updates we have to talk about in this episode, but it is the number of episodes we've released. With that being said, Episode 52 is all about news for the month of February 2018. We have updates in Azure, the Read More
How Did This Memcache Thing Happen? https://isc.sans.edu/forums/diary/How+did+this+Memcache+thing+happen/23391/ Trustico TLS Certificate Revocation https://groups.google.com/forum/#!msg/mozilla.dev.security.policy/wxX4Yv0E3Mk/QZt8UPhKAwAJ Flash on Its Way Out https://www.bleepingcomputer.com/news/security/google-chrome-flash-usage-declines-from-80-percent-in-2014-to-under-8-percent-today/ DNSSEC Is Getting Better But Still Struggeling http://www.theregister.co.uk/2018/02/28/dutch_name_authority_dnssec_validation_errors_can_be_eliminated/ Smart TV Firmware Flaws https://www.av-comparatives.org/wp-content/uploads/2018/02/avc_sigma_medion_201802.pdf
Memcached Servers Used in Reflective DDoS Attacks https://isc.sans.edu/forums/diary/Why+we+Dont+Deserve+the+Internet+Memcached+Reflected+DDoS+Attacks/23389/ Malspam Pushing Formbook Info Stealer https://isc.sans.edu/forums/diary/Malspam+pushing+Formbook+info+stealer/23387/ Various SAML Parsers Affected by Comment Parsing Vulnerability https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations
Enumerating S3 Buckets https://github.com/jordanpotti/AWSBucketDump Creating AWS Network Diagrams https://github.com/duo-labs/cloudmapper Selling Macs and "Find my Mac" Feature https://medium.com/@mulligan/how-i-sold-an-old-mac-and-unknowingly-tracked-its-location-for-over-3-years-9a35cd3ca4cf Apple Stopping Support for 1st Gen Apple TV and iTunes on Windows XP / Vista https://support.apple.com/en-us/HT208104
Retrieving Malware Over Tor On Windows (Update) https://isc.sans.edu/forums/diary/Retrieving+malware+over+Tor+on+Windows/23379/ Blackholing Advertising Sites with Pi-Hole https://isc.sans.edu/forums/diary/Blackhole+Advertising+Sites+with+Pihole/23377/ Taxslayer Consent Degree with FTC https://biglawbusiness.com/cybersecurity-enforcers-wake-up-to-unauthorized-computer-access-via-credential-stuffing/ Fortinet (OMG) Mirai https://www.fortinet.com/blog/threat-research/omg--mirai-based-bot-turns-iot-devices-into-proxy-servers.html
In Episode 51, Ben schools Scott on Microsoft 365. Introducing Microsoft 365 “A complete, intelligent solution, including Office 365, Windows 10, and Enterprise Mobility + Security, that empowers everyone to be creative and work together, securely.” Windows 10 Pro, Enterprise & Education Compare Windows 10 editions Windows 10 Enterprise E3 Read More
In Episode 50, Ben and Scott sit down with Waldek Mastykarz to talk about the Office 365 CLI - why it exists, how to get started, what's available today, and how to keep up-to-date as the project grows. https://aka.ms/o365cli Waldek's Blog About Waldek Waldek Mastykarz is a Product Owner at Read More
Ben and Scott are back again in Episode 49 with a recap of your Office 365 news for January 2018. This month it is all about Yammer, SharePoint Online, OneDrive for Business, and Azure Active Directory. Seen Counts in Yammer Manage Yammer users across their life cycle from Office 365 Read More
Episode 48 Scott and Ben jump back into Azure to discuss Azure Log Analytics: Change Tracking and Update Management. As you start to move workloads into Azure IaaS, this is something you'll definitely want to take a look at for better management of your Azure servers. Preview: Update management, inventory, Read More
