Tech News

ISC StormCast for Friday, March 13th 2020 March 12, 2020

Microsoft Releases Patch for Windows SMBv3 Compression Vulnerability CVE-2020-0796 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796 Hancitor Distributed Through Coronavirus-Themed Malspam https://isc.sans.edu/forums/diary/Hancitor+distributed+through+coronavirusthemed+malspam/25892/ Avast Removes Vulnerable JavaScript Emulator From Products https://github.com/taviso/avscript Checkra1n Exploit Works Against T2 Equipped Macs https://www.idownloadblog.com/2020/03/10/luca-todesco-teases-checkra1n-hacks-on-a-t2-equipped-macbook-pros-touch-bar/

Episode 168 – Live from Collab365 GlobalCon1! March 12, 2020

In Episode 168, Ben and Scott come to you live from Collab365 GlobalCon1 (well, really the comfort of their homes) and talk about Universal Print coming to Azure, the announcement that org-wide teams are coming to Office 365 for tenants with less than 5,000 users, and the GA of PowerShell Read More

ISC StormCast for Thursday, March 12th 2020 March 11, 2020

Mystery SMB3 Flaw Update https://isc.sans.edu/forums/diary/Critical+SMBv3+Vulnerability+Remote+Code+Execution/25890/ COVID19 Malware https://blog.reasonsecurity.com/2020/03/09/covid-19-info-stealer-the-map-of-threats-threat-analysis-report/ Agent Tesla Spread by Fake Canon EOS Notification Email https://isc.sans.edu/forums/diary/Agent+Tesla+Delivered+via+Fake+Canon+EOS+Notification+on+Free+OwnCloud+Account/25884/

ISC StormCast for Wednesday, March 11th 2020 March 10, 2020

Microsoft Patch Tuesday https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200005 https://isc.sans.edu/diary.html?storyid=25886

ISC StormCast for Tuesday, March 10th 2020 March 09, 2020

Malicious Spreadsheet With Data Connection and Excel 4 Macros https://isc.sans.edu/forums/diary/Malicious+Spreadsheet+With+Data+Connection+and+Excel+4+Macros/25880/ Take a Way: Exploring the Security Implications of AMD's Cache Way Predictors https://mlq.me/download/takeaway.pdf https://www.amd.com/en/corporate/product-security Google Play Store Protect Fails Security Test https://www.av-test.org/en/news/here-s-how-well-17-android-security-apps-provide-protection/

ISC StormCast for Monday, March 9th 2020 March 08, 2020

Excel Maldocs: Hidden Sheets https://isc.sans.edu/forums/diary/Excel+Maldocs+Hidden+Sheets/25876/ Wireshark 3.2.2. Released https://www.wireshark.org/docs/relnotes/wireshark-3.2.2.html Linux PPP Vulnerability https://www.kb.cert.org/vuls/id/782301/ NordVPN Vulnerablity https://www.theregister.co.uk/2020/03/06/nordvpn_no_auth_needed_view_user_payments/ Unpatched Android Devices https://www.which.co.uk/news/2020/03/more-than-one-billion-android-devices-at-risk-of-malware-threats/

ISC StormCast for Friday, March 6th 2020 March 05, 2020

Survey Phish https://isc.sans.edu/forums/diary/Will+You+Put+Your+Password+in+a+Survey/25866/ Healthcare.gov Sending E-Mail Looking Like Phishing https://twitter.com/johullrich/status/1235740586717720577 Intel x86 Root of Trust: Loss of Trust https://blog.ptsecurity.com/2020/03/intelx86-root-of-trust-loss-of-trust.html Let's Encrypt Revises Revokation Plan https://community.letsencrypt.org/t/2020-02-29-caa-rechecking-bug/114591/2 Trust Me, I'm Certified Podcast https://www.giac.org/podcasts

Episode 167 – Azure Certification Updates! March 05, 2020

In Episode 167, Ben and Scott discuss some updates that allow you to deploy resources in Azure to scopes above a resource group and then break down some big changes coming to the Azure certifications. Sponsors ShareGate – ShareGate’s industry-leading products help IT professionals worldwide migrate their business to the Office Read More

ISC StormCast for Thursday, March 5th 2020 March 04, 2020

MSFT Subdomain Takeover https://vullnerability.com/blog/microsoft-subdomain-account-takeover Homoglyph Attacks in the News Again https://www.soluble.ai/blog/public-disclosure-emoji-to-zero-day Coronavirus Phish https://twitter.com/JCyberSec_/status/1234806881195044865

ISC StormCast for Wednesday, March 4th 2020 March 03, 2020

Introduction to EvtxEcmd (Evtx Explorer) https://isc.sans.edu/forums/diary/Introduction+to+EvtxEcmd+Evtx+Explorer/25858/ Let's Encrypt Revoking Certificates https://community.letsencrypt.org/t/revoking-certain-certificates-on-march-4/114864 Using Smart Devices in the Home Securely (NCSC Version) https://www.ncsc.gov.uk/guidance/smart-devices-in-the-home Ransomware and Cloud Backups https://www.bleepingcomputer.com/news/security/ransomware-attackers-use-your-cloud-backups-against-you/ SANS Coronavirus Training Guarantee https://www.sans.org/training-guarantee

ISC StormCast for Tuesday, March 3rd 2020 March 02, 2020

SSL Distribution by Country https://isc.sans.edu/forums/diary/Secure+vs+cleartext+protocols+couple+of+interesting+stats/25854/ Checkpoint Evasion Encyclopedia https://research.checkpoint.com/2020/cpr-evasion-encyclopedia-the-check-point-evasion-repository/ OWASP Threat Dragon https://github.com/mike-goodwin/owasp-threat-dragon-desktop SANS Free Things https://sans.org/free

ISC StormCast for Monday, March 2nd 2020 March 01, 2020

Show me Your Clipboard Data! https://isc.sans.edu/forums/diary/Show+me+Your+Clipboard+Data/25846/ Hazelcast IMDB Discover Scan https://isc.sans.edu/forums/diary/Hazelcast+IMDG+Discover+Scan/25850/ Microsoft Exchange Server Vulnerabilty Scans https://twitter.com/GossiTheDog/status/1232369036438233088 Tomcat Ghostcat Vulnerability https://lists.apache.org/thread.html/r7c6f492fbd39af34a68681dbbba0468490ff1a97a1bd79c6a53610ef%40%3Cannounce.tomcat.apache.org%3E

ISC StormCast for Friday, February 28th 2020 February 27, 2020

Ultrasonic Triggers for Cellphone Assistants. https://source.wustl.edu/2020/02/surfing-attack-hacks-siri-google-with-ultrasonic-waves/ Comparing Information Leakage from Different Browsers https://www.scss.tcd.ie/Doug.Leith/pubs/browser_privacy.pdf Cloud Snooper Attack https://news.sophos.com/en-us/2020/02/25/cloud-snooper-attack-bypasses-firewall-security-measures/

Episode 166 – Gear and Tech February 27, 2020

In Episode 166, Ben and Scott take a break from talking about the cloud and get into some of the gear and software they've picked up over the last few months. Sponsors ShareGate – ShareGate’s industry-leading products help IT professionals worldwide migrate their business to the Office 365 or SharePoint, automate Read More

ISC StormCast for Thursday, February 27th 2020 February 26, 2020

Kr00k WiFi Attack https://www.eset.com/int/kr00k/ Impersonating LTE Users https://imp4gt-attacks.net/ Zyxel RCE Vulnerablity https://www.kb.cert.org/vuls/id/498544/

ISC StormCast for Wednesday, February 26th 2020 February 25, 2020

Fraudulant Paypal Charges (links in German) https://twitter.com/iblueconnection/status/1232259071602044928 https://www.heise.de/security/meldung/Google-Pay-Luecke-in-virtuellen-Kreditkarten-erlaubt-unberechtigte-Abbuchungen-4667527.html https://stadt-bremerhaven.de/google-pay-virtuelle-paypal-kreditkarten-weisen-sicherheitsluecken-auf/ Chrome Update https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html Microsoft Public Preview For Azure AD Hybrid Environments https://techcommunity.microsoft.com/t5/azure-active-directory-identity/public-preview-of-azure-ad-support-for-fido2-security-keys-in/ba-p/1187929

ISC StormCast for Tuesday, February 25th 2020 February 24, 2020

ScrollToTextFragment Privacy Concerns in Google Chrome 80 https://github.com/WICG/ScrollToTextFragment/issues/76#issue-538137989 https://docs.google.com/document/d/1YHcl1-vE_ZnZ0kL2almeikAj2gkwCq8_5xwIae7PVik/edit#heading=h.uoiwg23pt0tx Another OpenSMTPD Vulnerability https://github.com/OpenSMTPD/OpenSMTPD/releases WhatsApp Group Invite Links in Search Engines https://twitter.com/JordanWildon/status/1230829082662842369

ISC StormCast for Monday, February 24th 2020 February 23, 2020

Old Style Excel Macro Malware https://isc.sans.edu/forums/diary/Maldoc+Excel+4+Macros+in+OOXML+Format/25830/ Simple But Efficient VBScript Obfuscation https://isc.sans.edu/forums/diary/Simple+but+Efficient+VBScript+Obfuscation/25828/ Let's Encrypt Beefs Up Validation https://letsencrypt.org/2020/02/19/multi-perspective-validation.html Google Play Store Joker / Clicken Malware https://research.checkpoint.com/2020/android-app-fraud-haken-clicker-and-joker-premium-dialer/ Google Warns of Microsoft Edge https://www.heise.de/security/meldung/l-f-Google-findet-den-neuen-Edge-Browser-doof-und-unsicher-4665634.html

ISC StormCast for Friday, February 21st 2020 February 20, 2020

Enumerating Who "Owns" a Workstation for IR https://isc.sans.edu/forums/diary/Whodat+Enumerating+Who+owns+a+Workstation+for+IR/25822/ Special Update for Adobe After Effects and Media Encoder https://helpx.adobe.com/security/products/after_effects/apsb20-09.html https://helpx.adobe.com/security/products/media-encoder/apsb20-10.html Cisco Updates https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-on-prem-static-cred-sL8rDs8 Apple To No Longer Accept Certifcates as Valid that Exceed a Lifetime of 13 months https://www.theregister.co.uk/2020/02/20/apple_shorter_cert_lifetime/ Python ReDoS Bugs https://blog.r2c.dev/posts/finding-python-redos-bugs-at-scale-using-dlint-and-r2c/

Episode 165 – Power Virtual Agents February 20, 2020

In Episode 165, Ben and Scott run through Power Virtual Agents, a feature of Power Platform that allows you to create and manage "no-code" (or to be more realistic - "low-code") bots. Sponsors ShareGate – ShareGate’s industry-leading products help IT professionals worldwide migrate their business to the Office 365 or SharePoint, Read More

Older Entries Newer Entries