Analyzing a Word Document Used in a Pentest https://isc.sans.edu/forums/diary/Is+this+a+pentest/23283/ Analyzing BITS Activity https://isc.sans.edu/forums/diary/Investigating+Microsoft+BITS+Activity/23281/ CryptoJacking on YouTube due to Malicious Ads https://blog.trendmicro.com/trendlabs-security-intelligence/malvertising-campaign-abuses-googles-doubleclick-to-deliver-cryptocurrency-miners/ Coincheck Hack Nets 400M USD https://coincheck.com/en/blog/4673 PHPBB Mirror Compromissed https://www.phpbb.com/community/viewtopic.php?f=14&t=2456896 Microsoft Disables Sepctre Variant 2 Patches https://support.microsoft.com/en-us/help/4078130/update-to-disable-mitigation-against-spectre-variant-2
Ransomware As a Service https://isc.sans.edu/forums/diary/Ransomware+as+a+Service/23277/ libcurl Vulnerability http://seclists.org/oss-sec/2018/q1/94 Hide 'N Seek IoT Botnet https://labs.bitdefender.com/2018/01/new-hide-n-seek-iot-botnet-using-custom-built-peer-to-peer-communication-spotted-in-the-wild/ Container Intrusions: Assessing the Efficacy of Intrusion Detection and Analysis Methods for Linux Container Environments https://www.sans.org/reading-room/whitepapers/detection/container-intrusions-assessing-efficacy-intrusion-detection-analysis-methods-linux-container-environments-38245
In Episode 47, Ben and Scott walk through Office 365 Advanced Threat Protection (ATP) and all of the ways it can help you improve your security posture in Office 365 for both Exchange Online and SharePoint Online (including OneDrive for Business and Microsoft Teams!). Office 365 Advanced Threat Protection - Marketing Read More
Apple Patches Everything, Again https://isc.sans.edu/forums/diary/Apple+Updates+Everything+Again/23269/ OpenSSL Introduces its Version of a "Patch Tuesday" https://www.openssl.org/blog/blog/2018/01/18/f2f-london/ "Rapid" Ransomware https://id-ransomware.blogspot.ru/2018/01/rapid-ransomware.html (Russian) https://www.bleepingcomputer.com/forums/t/667032/rapid-ransomware-rapid-paymeme-how-recovery-filestxt-support-topic/page-2
HTTPs on Every Port https://isc.sans.edu/forums/diary/HTTPS+on+every+port/23261/ Curl over TOR https://isc.sans.edu/forums/diary/Retrieving+malware+over+Tor/23257/ Spectre/Meltdown Microcode Patch Problems https://newsroom.intel.com/news/root-cause-of-reboot-issue-identified-updated-guidance-for-customers-and-partners/ https://lkml.org/lkml/2018/1/21/192 DNS Rebinding Attacks Against Geth https://ret2got.wordpress.com/2018/01/19/how-your-ethereum-can-be-stolen-using-dns-rebinding/ Chinese Quantum Cryptography Satellite Link Transmits Intercontinental Videolink https://journals.aps.org/prl/abstract/10.1103/PhysRevLett.120.030501
Oracle E-Business Suite Server Can Be Attackt via WebLogic https://www.onapsis.com/blog/oracle-january-cpu-analysis-64-patches-affect-business-critical-applications Microsoft Resumes Patches for AMD Systems https://www.amd.com/en/corporate/speculative-execution Speculations About Yet Another CPU Attack https://skyfallattack.com Smiths Medfusion 4000 Vulnerabilities https://github.com/sgayou/medfusion-4000-research/blob/master/doc/README.md#summary
In Episode 46, Ben interviews Tom Resing while Scott is out on vacation. We talk about UI Text Design, SharePoint, and life at Microsoft. Hit Refresh: The Quest to Rediscover Microsoft's Soul and Imagine a Better Future for Everyone Tom Resing's Collaboration Blog About Tom Resing Tom Resing (Blog/LinkedIn) is a SharePoint content Read More
Reviewing the Spam Filters: Malspam Pushing Gozi-ISFB https://isc.sans.edu/forums/diary/Reviewing+the+spam+filters+Malspam+pushing+GoziISFB/23245/ Auditing Secure USB Keys https://www.j-michel.org/blog/2018/01/16/attacking-secure-usb-keys-behind-the-scene Malicious Open Graph title Tag Crashes iMessage https://www.macrumors.com/2018/01/16/malicious-link-ios-mac-freezes/ BIND Fixes DoS Vulnerablity https://kb.isc.org/article/AA-01542
In Episode 45, Scott and Ben look back on 2017 and put on their binoculars to peer into 2018. Episode 1 – Microsoft Teams Episode 29 – Ignite Live Show: Deep Dive on Microsoft Teams Microsoft Cloud IT Pro Podcast Ignite Episodes Roadmap for Skype for Business capabilities coming to Read More
Campaign is using a recently released WebLogic exploit to deploy a Monero miner https://isc.sans.edu/forums/diary/Campaign+is+using+a+recently+released+WebLogic+exploit+to+deploy+a+Monero+miner/23191/ Misc News about Meltdown and Spectre https://www.qualcomm.com/company/product-security/bulletins AMD Processor Flaw http://seclists.org/fulldisclosure/2018/Jan/12 Western Digital MyCloud Backdoor http://gulftech.org/advisories/WDMyCloud%20Multiple%20Vulnerabilities/125
SANS Special Webcast https://www.sans.org/webcast/recording/citrix/106815/138095 ISC Diary with Links to Patches https://isc.sans.edu/forums/diary/Spectre+and+Meltdown+What+You+Need+to+Know+Right+Now/23193/
In Episode 44, Scott and Ben tear through the Office 365 news for December 2017. One would think it would be slow at the end of the year, but no, we're jam-packed with the latest updates. Read and write Managed Metadata in SharePoint lists, append to arrays, and a new Read More
Intel CPU Vulnerablity https://meltdownattack.com Crypto Coin Mining Pool IP List https://isc.sans.edu/api/threatlist/miner Phishing to Rural America Leads to Six-figure Wire Fraud Losses https://isc.sans.edu/forums/diary/Phishing+to+Rural+America+Leads+to+Sixfigure+Wire+Fraud+Losses/23185/
In Episode 43, Scott and Ben give an overview of the storage options in Azure, touching on everything from blobs to tables and queues. Azure Storage Introduction to Azure Storage Deciding when to use Azure Blobs, Azure Files, or Azure Disks Azure Storage Blobs Pricing Introduction to Azure Files Azure Read More
