Welcome to Episode 387 of the Microsoft Cloud IT Pro Podcast. In this episode, Scott and Ben dive into a discussion around Ben’s newly purchased Surface Pro 11th Edition – a Copilot Plus PC running on an ARM processor. Ben gives his takes on the state of the hardware and Read More
Development Features Enabled in Production https://isc.sans.edu/diary/Development%20Features%20Enabled%20in%20Prodcution/31380 Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials https://blog.talosintelligence.com/large-scale-brute-force-activity-targeting-vpns-ssh-services-with-commonly-used-login-credentials/ Cisco Secure Firewall Management Center Software Command Injection Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-v3AWDqN7 Exposing the Danger Within: Hardcoded Cloud Credentials in Popular Mobile Apps https://www.security.com/threat-intelligence/exposing-danger-within-hardcoded-cloud-credentials-popular-mobile-apps
A Network Nerd's Take on Emergency Preparedness https://isc.sans.edu/diary/A%20Network%20Nerd%27s%20Take%20on%20Emergency%20Preparedness/31356 HM Surf Vulnerability Access to Camera Exploited CVE-2024-44133 https://www.microsoft.com/en-us/security/blog/2024/10/17/new-macos-vulnerability-hm-surf-could-lead-to-unauthorized-data-access/ Fortinet releases patches for undisclosed critical FortiManager vulnerability https://www.helpnetsecurity.com/2024/10/21/fortimanager-critical-vulnerability/ ScienceLogic Vulnerability https://rackspace.service-now.com/system_status?id=detailed_status&service=4dafca5a87f41610568b206f8bbb35a6 https://docs.sciencelogic.com/latest/Content/Web_Admin_and_Accounts/System_Administration/sys_admin_system_upgrade.htm
Microsoft 365: Partially incomplete log data due to monitoring agent issue https://m365admin.handsontek.net/multiple-services-partially-incomplete-log-data-due-to-monitoring-agent-issue/ End-to-End Encrytped Cloud Storage in the Wild: A Broken Ecosystem https://brokencloudstorage.info/paper.pdf ESET Branded Malware https://x.com/ESETresearch/status/1847192384448172387 Synology Update https://www.synology.com/en-us/security/advisory/Synology_SA_24_17 Spring Framework Update CVe-2024-38819 CVE-2024-38820 https://spring.io/blog/2024/10/17/spring-framework-cve-2024-38819-and-cve-2024-38820-published Grafana Security Release CVE-2024-9264 https://grafana.com/blog/2024/10/17/grafana-security-release-critical-severity-fix-for-cve-2024-9264/
Phishing Page Delivered Through a Blob URL https://isc.sans.edu/diary/Phishing%20Page%20Delivered%20Through%20a%20%20Blob%20URL/31350 Fortinet Fortigate CVE 2024-23113 deep dive https://labs.watchtowr.com/fortinet-fortigate-cve-2024-23113-a-super-complex-vulnerability-in-a-super-secure-appliance-in-2024/ This New Supply Chain Attack Technique Can Trojanize All Your CLI Commands https://checkmarx.com/blog/this-new-supply-chain-attack-technique-can-trojanize-all-your-cli-commands/
Windows PPTP and L2TP Deprecation https://techcommunity.microsoft.com/t5/windows-server-news-and-best/pptp-and-l2tp-deprecation-a-new-era-of-secure-connectivity/ba-p/4263956 BIG-IP LTM Systems Unencrypted Cookie Exploitation https://www.cisa.gov/news-events/alerts/2024/10/10/best-practices-configure-big-ip-ltm-systems-encrypt-http-persistence-cookies https://www.welivesecurity.com/en/eset-research/telekopye-hits-new-hunting-ground-hotel-booking-scams/ https://www.welivesecurity.com/en/eset-research/telekopye-hits-new-hunting-ground-hotel-booking-scams/
Welcome to Episode 386 of the Microsoft Cloud IT Pro Podcast. In this episode, we explore three powerful tools designed to improve automation, testing, and security in modern development and operations workflows: Maester, Pester, and SCUBA. Whether you’re a DevOps engineer, PowerShell enthusiast, or security professional, this episode is packed Read More
From Perfctl to InfoStealer https://isc.sans.edu/diary/From%20Perfctl%20to%20InfoStealer/31334 Wazuh Abused by Miner Campaign https://securelist.com/miner-campaign-misuses-open-source-siem-agent/114022/ USB Sticks Still Bridge Airgaps https://www.welivesecurity.com/en/eset-research/mind-air-gap-goldenjackal-gooses-government-guardrails/ Fortigate Vulnerability now being exploited https://nvd.nist.gov/vuln/detail/CVE-2024-23113
Microsoft Patch Tuesday - October 2024 https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20-%20October%202024/31336 Adobe Patches https://helpx.adobe.com/security/security-bulletin.html The Disappearance of an Internet Domain https://every.to/p/the-disappearance-of-an-internet-domain
macOS Sequoia: System/Network Admins, Hold On! https://isc.sans.edu/diary/macOS%20Sequoia%3A%20System%20Network%20Admins%2C%20Hold%20On!/31330 Cisco Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv34x-privesc-rce-qE33TCms Apple iTunes PoC https://github.com/mbog14/CVE-2024-44193 Attackers used ISP's Wiretap System to Spy on Users https://www.wsj.com/politics/national-security/china-cyberattack-internet-providers-260bd835 https://www.bleepingcomputer.com/news/security/atandt-verizon-reportedly-hacked-to-target-us-govt-wiretapping-platform/
Security Related Docker Containers https://isc.sans.edu/diary/Security%20related%20Docker%20containers/31318 CUPS DDoS Attack https://www.akamai.com/blog/security-research/october-cups-ddos-threat Draytek Vulnerabilities https://www.forescout.com/resources/draybreak-draytek-research/ SANS Munich (free Community Night Tuesday October 15th) https://www.sans.org/cyber-security-training-events/munich-october-2024/
