How Was Your Stay At The Hotel La Playa https://isc.sans.edu/forums/diary/How+was+your+stay+at+the+Hotel+La+Playa/22069 XAgent OS X Malware https://labs.bitdefender.com/2017/02/new-xagent-mac-malware-linked-with-the-apt28/ Conference Phone Compromise https://www.contextis.com//resources/blog/phwning-boardroom-hacking-android-conference-phone/
New Tool: Packettotal.com http://www.packettotal.com What Not To Decrypt When Intercepting SSL https://isc.sans.edu/forums/diary/Stuff+I+Learned+Decrypting/22059/ webcast: https://www.sans.org/webcasts/8-ways-watch-invisible-analyzing-encrypted-network-traffic-103277 Simple Static Malware Analyzer https://github.com/secrary/SSMA Critical Firefox for Android Vulnerability https://www.mozilla.org/en-US/security/advisories/mfsa2017-04/ Ubuntu ntfs-3g Privilege Escalation https://bugs.chromium.org/p/project-zero/issues/detail?id=1072 Microsoft Patch Tuesday Changes http://www.infoworld.com/article/3139922/microsoft-windows/microsoft-to-revamp-its-documentation-for-security-patches.html
F5 Big IP Ticketbleed Vulnerability https://filippo.io/Ticketbleed/ CryptoShield Ransomware from Rig EK https://isc.sans.edu/forums/diary/CryptoShield+Ransomware+from+Rig+EK/22047/ Hancitor/Pony Malspam https://isc.sans.edu/forums/diary/HancitorPony+malspam/22053/ Apple Retaining Old Browser History Data https://blog.elcomsoft.com/2017/02/elcomsoft-extracts-deleted-safari-browsing-history-from-icloud/#more-3769 Brute Forcing LUKS Passwords https://0x00sec.org/t/breaking-encryption-hashed-passwords-luks-devices/811
Cloud Metadata URLs https://isc.sans.edu/forums/diary/Cloud+Metadata+Urls/22046/ Intel Atom C2000 Chip Failures http://www.theregister.co.uk/2017/02/06/cisco_intel_decline_to_link_product_warning_to_faulty_chip/ More W-2 Scams, Now Combined With Wire Transfer Scams https://nakedsecurity.sophos.com/2017/02/08/beware-the-latest-tax-season-spear-phishing-scam/ Macro Malware Coming to MacOS https://objective-see.com/blog/blog_0x17.html
Using Emojis as Passwords https://isc.sans.edu/forums/diary/My+Password+is+taco+Using+Emojis+for+Stronger+Passwords/22042/ Popular iOS Applications Not Using TLS https://medium.com/@chronic_9612/76-popular-apps-confirmed-vulnerable-to-silent-interception-of-tls-protected-data-2c9a2409dd1#.nv0mf6w4e Web Bluetooth Security Model https://medium.com/@jyasskin/the-web-bluetooth-security-model-666b4e7eed2#.kqtxdk70h E-Mail Spoofing in GMail https://www.linkedin.com/pulse/aware-sender-spoofing-amongst-gmail-users-renato-marinho
Malicous or Not? Help Me Decide https://isc.sans.edu/forums/diary/Malicious+Or+Not+You+decide/22040/ OpenBSD Http Server DoS Vulnerability https://pierrekim.github.io/blog/2017-02-07-openbsd-httpd-CVE-2017-5850.html Bypassing Tor Browser Via Windows DRM https://www.myhackerhouse.com/windows_drm_vs_torbrowser/ Freedom Hosting II Compromise https://www.scmagazineuk.com/major-dark-web-host-hacked-381000-sets-of-user-details-leaked-online/article/636259/
Base64 Encoded Malware Samples on Pastebin https://isc.sans.edu/forums/diary/Many+Malware+Samples+Found+on+Pastebin/22036/ Cisco Recaling Meraki Access Points over Fatal Hardware Flaw http://www.cisco.com/c/en/us/support/web/clock-signal.html SQL Injection Vulnerability in McAfee e Policy Orchastrator https://kc.mcafee.com/corporate/index?page=content&id=SB10187 Update from Microsoft on SMB 3 Vulnerability https://threatpost.com/microsoft-waits-for-patch-tuesday-to-fix-smb-zero-day/123541/ Malicious Files Sent via Whatsapp to Target Indian Military http://economictimes.indiatimes.com/news/defence/defence-security-forces-alerted-against-whatsapp-virus/articleshow/56258702.cms
SMB 3 0-Day DoS Exploit https://isc.sans.edu/forums/diary/Windows+SMBv3+Denial+of+Service+Proof+of+Concept+0+Day+Exploit/22029/ WordPress Update Silently Fixes Security Flaw https://make.wordpress.org/core/2017/02/01/disclosure-of-additional-security-fix-in-wordpress-4-7-2/ Webroot Update Patches BSOD Flaw https://community.webroot.com/t5/Product-Questions/BSOD-0x50-PAGE-FAULT-IN-NONPAGED-AREA/td-p/284302?sf54120672=1&sf54123115=1 Google Adds Support for Mandatory Two-Factor Authentication to G-Suite https://security.googleblog.com/2017/02/better-and-more-usable-protection-from.html Cisco Prime Home Vulnerablity https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-prime-home
Multiple Vulnerabilites in tcpdump https://isc.sans.edu/forums/diary/Multiple+Vulnerabilities+in+tcpdump/22017/ Quick Analysis of Data Left Available by Attackers https://isc.sans.edu/forums/diary/Quick+Analysis+of+Data+Left+Available+by+Attackers/22015/ Securing The Human Ouch! Newsletter https://securingthehuman.sans.org/ouch/ Redis CSRF Vulnerability Exploit https://github.com/dxa4481/whatsinmyredis
Fileless UAC Bypass Used to Drop Keybase Malware https://isc.sans.edu/forums/diary/Malicious+Office+files+using+fileless+UAC+bypass+to+drop+KEYBASE+malware/22011/ Apple Removes Activation Lock Test Tool After Abuse https://www.macrumors.com/2017/01/30/activation-lock-website-used-in-hack/ Multiple Vulnerabilities in tcpdump https://www.debian.org/security/2017/dsa-3775 Postscript Printer Vulnerabilities http://seclists.org/fulldisclosure/2017/Jan/89 Stop Disabling SELinux https://learntemail.sam.today/blog/stop-disabling-selinux:-a-real-world-guide/
Port 5358 Scans for Devices https://isc.sans.edu/forums/diary/Request+for+Packets+and+Logs+TCP+5358/21997/ OpenSSH Vulnerablity http://www.openwall.com/lists/oss-security/2017/01/26/2 Ransomware Hits Traffic Cameras in DC https://www.washingtonpost.com/local/public-safety/hackers-hit-dc-police-closed-circuit-camera-network-city-officials-disclose/2017/01/27/d285a4a4-e4f5-11e6-ba11-63c4b4fb5a63_print.html Hotel Hit By Ransomware http://www.thelocal.at/20170128/hotel-ransomed-by-hackers-as-guests-locked-in-rooms Not So Private Android VPNs http://www.icir.org/vern/papers/vpn-apps-imc16.pdf Google Starting its own Certificate Authority https://security.googleblog.com/2017/01/the-foundation-of-more-secure-web.html
IOCs: Risks of False Positive Floods https://isc.sans.edu/forums/diary/IOCs+Risks+of+False+Positive+Alerts+Flood+Ahead/21977/ Android Ransomware in Google Play Store http://blog.checkpoint.com/2017/01/24/charger-malware/ OpenSSL Update https://www.openssl.org/news/vulnerabilities.html#y2017 Facebook To Implement U2F (FIDO) Login https://www.facebook.com/notes/facebook-security/security-key-for-safer-logins-with-a-touch/10154125089265766 WebEx Update https://bugs.chromium.org/p/project-zero/issues/detail?id=1100
Cisco WebEx Remains Vulnerable. Other Browsers Affected https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170124-webex Malicious SVG Files Fund in the Wild https://isc.sans.edu/forums/diary/Malicious+SVG+Files+in+the+Wild/21971/ W2 Scams Hitting Again http://www.nbcdfw.com/news/local/Argyle-ISD-Employees-Hit-with-Data-Breach-411337825.html XXE Entity Vulnerability in Uber https://httpsonly.blogspot.co.ke/2017/01/0day-writeup-xxe-in-ubercom.html?m=1 Firefox 51 Released https://blog.mozilla.org/security/2017/01/20/communicating-the-dangers-of-non-secure-http/
Experimenting With IPv6 Fragments https://isc.sans.edu/forums/diary/How+to+Have+Fun+With+IPv6+Fragments+and+Scapy/21963/ Apple Updates Everything https://support.apple.com/en-us/HT201222 WebEx Secret Install URL https://bugs.chromium.org/p/project-zero/issues/detail?id=1096 Vulnerability in Symantec Norton Download Manager https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2017&suid=20170117_00 Exploit for Microsoft RDC Client on Mac https://www.wearesegment.com/research/Microsoft-Remote-Desktop-Client-for-Mac-Remote-Code-Execution
