Microsoft Updates https://isc.sans.edu/forums/diary/Microsoft+Patch+Tuesday+August+2017/22694/ Adobe Updates https://helpx.adobe.com/security.html Android Patches https://source.android.com/security/bulletin/2017-08-01 How Are People Fooled By This? Email To Sign a Contract Provides Malware https://isc.sans.edu/forums/diary/How+are+people+fooled+by+this+Email+to+sign+a+contract+provides+malware+instead/22696/
PHPMyAdmin Scans https://isc.sans.edu/forums/diary/Increase+of+phpMyAdmin+scans/22688/ Hotspot Shield Leakes Private User Data https://cdt.org/files/2017/08/FTC-CDT-VPN-complaint-8-7-17.pdf Debian Turning Off Support for TLS 1.0/1.1 https://lists.debian.org/debian-devel-announce/2017/08/msg00004.html Ongoing Phishing Attacks Against Google Chrome Plugin Developers https://www.bleepingcomputer.com/news/security/chrome-extension-developers-under-a-barrage-of-phishing-attacks/
Opengraph Used to Obfuscate Facebook Links https://isc.sans.edu/forums/diary/Use+of+the+Open+Graph+Protocol+to+Disguise+Malicious+Facebook+Links/22684/ Cerber Adding Bitcoin and Password Stealer to Crypto Ransomware http://blog.trendmicro.com/trendlabs-security-intelligence/cerber-ransomware-evolves-now-steals-bitcoin-wallets/ Symantec Selling Certificate Business To Digicert https://www.heise.de/security/meldung/Nachspiel-einer-fatalen-Panne-Symantec-verkauft-Zertifikatssparte-an-DigiCert-3793482.html Siemens Medical Imaging Systems Vulnerable to Old Windows Flaws https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-822184.pdf
Detect SMB Versions with nmap https://isc.sans.edu/forums/diary/Rooting+Out+Hosts+that+Support+Older+Samba+Versions/22672/ CopyFish Google Chrome Extension Replaced by Adware https://a9t9.com/blog/chrome-extension-adware/ StartCom Applying to be Included in Mozilla SSL CAs again https://bugzilla.mozilla.org/show_bug.cgi?id=1311832#c12 McAffee Uses Mixed SSL/nonSSL Content For Online Malware Scan https://blogs.securiteam.com/index.php/archives/3350 Netflix Releases DoS Testing Tool https://medium.com/netflix-techblog/starting-the-avalanche-640e69b14a06
MSFT Re-Releases June Outlook Update https://support.office.com/en-us/article/Outlook-known-issues-in-the-June-2017-security-updates-3f6dbffd-8505-492d-b19f-b3b89369ed9b?ui=en-US&rs=en-US&ad=US&fromAR=1 Iranian Hackers Use Social Media To Collect Data https://www.darkreading.com/attacks-breaches/iranian-hackers-ensnared-targets-via-phony-female-photographer/d/d-id/1329502?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple ShieldFS Self Healing Filesystem http://shieldfs.necst.it/continella-shieldfs-2016.pdf
SMBloris DoS Attack Locks Up Windows https://twitter.com/jennamagius/status/891434286212984832 https://isc.sans.edu/forums/diary/SMBLoris+the+new+SMB+flaw/22662/ Text Banking Attacks https://isc.sans.edu/forums/diary/Text+Banking+Scams/22666/ Nissan Leaf WiFi Vulnerability https://github.com/HackingThings/Publications/blob/cdb72df7c3feffd02593a31d67a34ae353b09114/2017/DC25_Driving%20down%20the%20rabbit%20hole-Mickey_Jesse_Oleksander.pdf
Malspam Pushing Emotet Malware https://isc.sans.edu/forums/diary/Malspam+pushing+Emotet+malware/22650/ Broadpwn Released http://blog.exodusintel.com/2017/07/26/broadpwn/ Microsoft Announces Windows 10 Bug Bounty https://blogs.technet.microsoft.com/msrc/2017/07/26/announcing-the-windows-bounty-program/ Custom Map Vulnearbilty in Valve Games https://oneupsecurity.com/research/remote-code-execution-in-source-games
Adobe Announces End of Flash for 2020 https://blogs.adobe.com/conversations/2017/07/adobe-flash-update.html JA3 Hash To Fingerprint SSL/TLS Connections https://github.com/salesforce/ja3 https://engineering.salesforce.com/open-sourcing-ja3-92c9e53c3c41 New Wave of Apple iCloud Ransom Attacks https://www.heise.de/mac-and-i/meldung/Erneut-iCloud-Erpressungswelle-ueber-Meinen-Mac-suchen-und-Mein-iPhone-suchen-3782075.html
Uber Drivers Targeted in Social Engineering Scam https://isc.sans.edu/forums/diary/Uber+drivers+new+threat+the+passenger/22626/ Mac Malware FruitFly2 https://motherboard.vice.com/en_us/article/zmv79w/mysterious-mac-malware-has-infected-hundreds-of-victims-for-years Exploit Released for Critical Netscaler SD WAN 9.1.2 Vulnerability http://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-6316
Bots Searching for Keys and Config Files https://isc.sans.edu/forums/diary/Bots+Searching+for+Keys+Config+Files/22630/ Apple Updates Everything https://support.apple.com/en-us/HT201222 Trend Micro Sees SambaCry Exploits http://blog.trendmicro.com/trendlabs-security-intelligence/linux-users-urged-update-new-threat-exploits-sambacry/ Google Increases Developer Scrutiny https://developers.googleblog.com/2017/05/updating-developer-identity-guidelines.html
SMS Phishing Asks Victims to Upload Picture of Token Card https://isc.sans.edu/forums/diary/SMS+Phishing+induces+victims+to+photograph+its+own+token+card/22616/ Critical FreeRADIUS Update https://guidovranken.wordpress.com/2017/07/17/11-remote-vulnerabilities-inc-2x-rce-in-freeradius-packet-parsers/ OS X Malware Installs Crypto Messenger Signal https://blog.checkpoint.com/2017/07/13/osxdok-refuses-go-away-money/
Malware Loads ffmpeg For Video Recording Features https://blog.malwarebytes.com/threat-analysis/2017/07/malware-abusing-ffmpeg/ Password Managers and Cloud Storage https://discussions.agilebits.com/discussion/76956/can-i-still-buy-standalone-license-for-the-1password-no-longer-being-marketed/p8 SAP Point of Sales Express Patch https://erpscan.com/press-center/blog/sap-cyber-threat-intelligence-report-july-2017/ Roderick Currie: Car Hacking Developments https://www.sans.org/reading-room/whitepapers/internet/developments-car-hacking-36607
