Elon Musk Themed Crypto Scams Flooding YouTube Today https://isc.sans.edu/diary/Elon%20Musk%20Themed%20Crypto%20Scams%20Flooding%20YouTube%20Today/29434 Microsoft Text to Speech Synthesizer https://arxiv.org/pdf/2301.02111.pdf Missing Windows Start Menu https://learn.microsoft.com/en-us/windows/release-health/status-windows-11-22H2#2998msgdesc
In Episode 316, Ben and Scott talk about the continued fallout from the Rackspace ransomware attack as well as some other recent hacks from LastPass and CircleCI. Then they get into their topic of the day – Azure DevOps or GitHub and which one they prefer for different tasks. Like Read More
You can catch the podcast aired live every Sunday at 7pm EST at https://www.twitch.tv/remnantgamers/You can also view any other scheduled streams or other events going on at our website https://www.remnantgamers.com/Merch:Want a Remnant Gamer Jersey of your own? Head to https://www.remnantgamers.com/copy-of-events and pick out the style that suits you best!You can Read More
Microsoft January 2023 Patch Tuesday https://isc.sans.edu/diary/Microsoft%20January%202023%20Patch%20Tuesday/29420 Cacti Unauthenticated Remote Code Execution https://www.sonarsource.com/blog/cacti-unauthenticated-remote-code-execution/ On the Security Vulnerabilities of Text-to-SQL Models https://arxiv.org/pdf/2211.15363.pdf
New Year Old Tricks: Hunting for CircleCI Configuration Files https://isc.sans.edu/diary/New%20year%2C%20old%20tricks%3A%20Hunting%20for%20CircleCI%20configuration%20files/29416 Amazon S3 Encrypts New Objects By Default https://aws.amazon.com/blogs/aws/amazon-s3-encrypts-new-objects-by-default/ MatrixSSL Buffer Overflow https://github.com/matrixssl/matrixssl/security/advisories/GHSA-fmwc-gwc5-2g29 Auth0 JsonWebToken Vulnerability CVE-2022-23529 https://unit42.paloaltonetworks.com/jsonwebtoken-vulnerability-cve-2022-23529/
Reversing AutoIT Scripts https://isc.sans.edu/diary/AutoIT%20Remains%20Popular%20in%20the%20Malware%20Landscape/29408 Can You Trust Your VSCode Extensions https://blog.aquasec.com/can-you-trust-your-vscode-extensions A Deep Dive Into Powerat https://blog.phylum.io/a-deep-dive-into-powerat-a-newly-discovered-stealer/rat-combo-polluting-pypi
More Brazil Malspam Pushing Astaroth (Guildma) in January 2023 https://isc.sans.edu/forums/diary/More%20Brazil%20malspam%20pushing%20Astaroth%20%28Guildma%29%20in%20January%202023/29404/ CircleCI Breach https://circleci.com/blog/january-4-2023-security-alert/ Twitter Leak https://www.bleepingcomputer.com/news/security/200-million-twitter-users-email-addresses-allegedly-leaked-online/ Slack Source Code Leak https://slack.com/blog/news/slack-security-update Control Web Panel Patch CVE-2022-44877 https://github.com/numanturle/CVE-2022-44877 Turla: A Galaxy of Opportunity https://www.mandiant.com/resources/blog/turla-galaxy-opportunity
In Episode 315, Ben takes Scott on a tour of Microsoft Loop and how it is working across Teams, Outlook and Word. Then they close out the episode with what tools they are using for personal work task management. Like what you hear and want to support the show? Check Read More
Update to RTRBK - Diff and File Dates in PowerShell https://isc.sans.edu/diary/Update%20to%20RTRBK%20-%20Diff%20and%20File%20Dates%20in%20PowerShell/29400 Google Chrome Sunsetting Legacy Windows Support https://support.google.com/chrome/thread/185534985/sunsetting-support-for-windows-7-8-8-1-in-early-2023?hl=en SHC used to compile cryptominer malware https://asec.ahnlab.com/en/45182/ ManageEngine Password Manager Pro SQL Injection https://pitstop.manageengine.com/portal/en/community/topic/manageengine-security-advisory important-security-fix-released-for-manageengine-password-manager-pro-2-1-2023#:~:text=critical%20security%20vulnerability ForiADC Command Injection in Web Interface https://www.fortiguard.com/psirt/FG-IR-22-061 Raspberry Robin Developments https://www.securityjoes.com/post/raspberry-robin-detected-itw-targeting-insurance-financial-institutes-in-europe
SPF and DMARC use on GOV domains in different ccTLDs https://isc.sans.edu/forums/diary/SPF+and+DMARC+use+on+GOV+domains+in+different+ccTLDs/29384/ CVE-2022-47939 ksmbd Vulnerability https://ubuntu.com/security/CVE-2022-47939 Netgear Vulnerabilities https://kb.netgear.com/000065495/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2019-0208 PyTorch Malicious Dependency https://pytorch.org/blog/compromised-nightly-dependency/
In Episode 314, Ben and Scott have a quick follow-up on the Rackspace Hosted Exchange ransomware attack (TL;DR; if you haven’t migrated to Exchange Online, do it now), a post-mortem that was published on the Azure PowerShell and PowerShell 7.3 compatibility issue that cropped up in Nov, and then discuss Read More
In Episode 313, Ben and Scott discuss the ongoing fallout from the ransomware attack that took down the hosted Exchange environment at Rackspace in December. Like what you hear and want to support the show? Check out our membership options. (more…)
Linux File System Monitoring and Actions https://isc.sans.edu/diary/Linux%20File%20System%20Monitoring%20%26%20Actions/29362 Feed of NTP Server IP Addresses https://isc.sans.edu/api/threatlist/ntpservers?json Feed of Mastodon Server IP Addresses https://isc.sans.edu/api/threatlist/mastodon?json Packet Tuesday TLS Server Hello https://www.youtube.com/watch?v=2HymU4dxWEQ Android Preparing Support for Updatable Root Certificates https://blog.esper.io/android-14-updatable-certificates/ Elastic IP Hijacking https://www.mitiga.io/blog/elastic-ip-hijacking-a-new-attack-vector-in-aws Microsoft Fixes HyperV issues With Latest Patch https://learn.microsoft.com/en-us/windows/release-health/windows-message-center#2988
Hunting for Mastodon Servers https://isc.sans.edu/diary/Hunting%20for%20Mastodon%20Servers/29358 KB5021233 Blue Screen https://learn.microsoft.com/en-us/windows/release-health/status-windows-10-22H2#2986msgdesc Edge Update will disable Internet Explorer in February https://learn.microsoft.com/en-us/deployedge/edge-learnmore-neededge Gatekeeper's Achilles heel: Unearthin a macOS vulnerability https://www.microsoft.com/en-us/security/blog/2022/12/19/gatekeepers-achilles-heel-unearthing-a-macos-vulnerability/ Corsair Bug not causing keystroke logging https://arstechnica.com/gadgets/2022/12/corsair-says-bug-not-keylogger-behind-some-k100-keyboards-creepy-behavior/ SentinelSneak: Malicious PyPi module poses as security software development kit
