Privacy Preserving Protocols to Trace Covid19 Exposure https://isc.sans.edu/forums/diary/Privacy+Preserving+Protocols+to+Trace+Covid19+Exposure/26066/ Google Chrome Update https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_27.html https://docs.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security Updated Version of Sysmon https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon https://techcommunity.microsoft.com/t5/sysinternals-blog/sysmon-v11-0-livekd-v5-63-process-explorer-v16-32-coreinfo-v3-5/ba-p/1345153 Shade Ransomware Keys Released https://github.com/shade-team/keys/blob/master/README.md Exploiting the Exploiters https://medium.com/@curtbraz/exploiting-the-exploiters-46fd0d620fd8
Agent Tesla Delivered by the Same Phishing Campagin for Over a Year https://isc.sans.edu/forums/diary/Agent+Tesla+delivered+by+the+same+phishing+campaign+for+over+a+year/26062/ VMWare ESXi Patch https://www.vmware.com/security/advisories/VMSA-2020-0008.html Microsoft Guidance For Ransomware Response https://www.microsoft.com/security/blog/2020/04/28/ransomware-groups-continue-to-target-healthcare-critical-services-heres-how-to-reduce-risk/ Adobe Security Patches https://helpx.adobe.com/security.html
Powershell Payload Stored in a PSCredential Object https://isc.sans.edu/forums/diary/Powershell+Payload+Stored+in+a+PSCredential+Object/26058/ Microsoft Teams Account Takeover Bug https://www.cyberark.com/threat-research-blog/beware-of-the-gif-account-takeover-vulnerability-in-microsoft-teams/ USB Drives used to Spread Crypto Coin Mining Botnet https://www.welivesecurity.com/2020/04/23/eset-discovery-monero-mining-botnet-disrupted/
GCC's New Security Analyzer Finds Flaw in OpenSSL https://developers.redhat.com/blog/2020/03/26/static-analysis-in-gcc-10/ IBM Spectrum Protect Server Stack Based Buffer Overflow https://www.ibm.com/support/pages/node/6195706 Possible Issues With Cummulative Windows Updates https://www.reddit.com/search/?q=KB4549951 Using a GPU as a Radio https://duo.com/labs/research/finding-radio-sidechannels Comparing Red Team Platforms https://redcanary.com/blog/comparing-red-team-platforms/
In Episode 174, Ben and Scott dive into Azure App Service for Linux and Azure Web App for Containers as a hosting option for microservices and more. Transcript Email Download New Tab - [Ben] Welcome to episode 174 of the Microsoft cloud IT Pro podcast recorded live on April, 16, Read More
iOS Mail 0Day https://blog.zecops.com/vulnerabilities/unassisted-ios-attacks-via-mobilemail-maild-in-the-wild/ Zoom 5 To Be Released Shortly Addressing Encryption Issues https://blog.zoom.us/wordpress/2020/04/22/zoom-hits-milestone-on-90-day-security-plan-releases-zoom-5-0/ OpenSSL Fixes DOS Flaw https://www.openssl.org/news/secadv/20200421.txt
SpectX: Log Parser for DFIR https://isc.sans.edu/forums/diary/SpectX+Log+Parser+for+DFIR/26040/ Microsoft Patches Autodesk Library in Office https://www.autodesk.com/trust/security-advisories/adsk-sa-2020-0002 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200004 Stripe Data Collection https://mtlynch.io/stripe-recording-its-customers/ IBM Data Risk Manager Vulnerabilities https://github.com/pedrib/PoC/blob/master/advisories/IBM/ibm_drm/ibm_drm_rce.md
Applocker vs. Living off the Land Attacks https://isc.sans.edu/forums/diary/Using+AppLocker+to+Prevent+Living+off+the+Land+Attacks/26032/ Netlink GPON 0-Day https://blog.netlab.360.com/multiple-fiber-routers-are-being-compromised-by-botnets-using-0-day-en/ Windows Security Crashing After Definition Update https://www.askwoody.com/2020/reports-of-windows-security-nee-microsoft-security-essentials-crashing-after-installing-this-mornings-definition-updates/ 700 Malicious Ruby Gems Found https://thehackernews.com/2020/04/rubygem-typosquatting-malware.html vCenter Exploit for CVE-2020-3952 https://www.guardicore.com/2020/04/pwning-vmware-vcenter-cve-2020-3952/
In Episode 173, Ben and Scott talk about their experiences with online meeting platforms such as Zoom, Microsoft Teams, and Slack as all of us continue to cope with remote work. Transcript Email Download New Tab - Welcome to Episode 173 of the Microsoft Cloud IT Pro podcast recorded live Read More
Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+April+2020+Patch+Tuesday/26022/ Adobe Security Bulletins https://helpx.adobe.com/security.html Microsoft Extending EOL For Windows 10 1709/1809 https://support.microsoft.com/en-us/help/4557164/lifecycle-changes-to-end-of-support-and-servicing-dates Dell Safe BIOS https://blog.dellemc.com/en-us/dell-technologies-bolsters-pc-security-todays-remote-workers/
Comparing the same Phishing Campaign 3 Months Appart https://isc.sans.edu/forums/diary/Look+at+the+same+phishing+campaign+3+months+apart/26018/ Setting 3D Printers On Fire https://www.coalfire.com/The-Coalfire-Blog/April-2020/With-IoT-Common-Devices-Pose-New-Threats Junos OS: vMX Default Credentials https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10998 DNS is Changing: So What? (@Mic Webinar) https://www.sans.org/webcasts/113635
In Episode 172, Ben and Scott break down some announced changes around the rebranding of several Office 365 for Business SKUs to Microsoft 365. Sponsors ShareGate – ShareGate’s industry-leading products help IT professionals worldwide migrate their business to the Office 365 or SharePoint, automate their Office 365 governance, and understand their Read More
German Malspam Pushes ZLoader Malware; Decrypting HTTPs https://isc.sans.edu/forums/diary/German+malspam+pushes+ZLoader+malware/25996/ Microsoft Purchases Corp.com https://krebsonsecurity.com/2020/04/microsoft-buys-corp-com-so-bad-guys-cant/ Microsoft Delaying Removal of Basic Authentiation from Exchange Online https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-and-exchange-online-april-2020-update/ba-p/1275508 Dark Nexus Botnet https://www.bitdefender.com/files/News/CaseStudies/study/319/Bitdefender-PR-Whitepaper-DarkNexus-creat4349-en-EN-interactive.pdf
