Ben and Scott sit down at Microsoft Ignite with Ramiro Calderon, Principal Program Manager - Azure Active Directory, and Stefan van der Wiele, Senior Program Manager - Azure Active Directory, to talk about Azure Active Directory and how as the core of authentication for Office 365, Azure, and Microsoft you Read More
Avast Online Security and Avast Secure Browser Blocked for Spying on Users https://palant.de/2019/10/28/avast-online-security-and-avast-secure-browser-are-spying-on-you/ Google Android Updates https://source.android.com/security/bulletin/2019-12-01 Strandhogg Vulnerability https://promon.co/security-news/strandhogg/ Firefox 71 Released https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/
Agent Tesla Malware Sample Analysis https://isc.sans.edu/forums/diary/Finding+an+Agent+Tesla+malware+sample/25554/ Search With SauronEye https://isc.sans.edu/forums/diary/ISC+Snapshot+Search+with+SauronEye/25558/ Splunk Y2K20 Patch https://docs.splunk.com/Documentation/Splunk/8.0.0/ReleaseNotes/FixDatetimexml2020 Google TAG Quarterly Summary https://blog.google/technology/safety-security/threat-analysis-group/protecting-users-government-backed-hacking-and-disinformation/
In Episode 153, Ben sits down at Microsoft Ignite with Stephen Rose, Sr PMM, Microsoft 365 Storytelling and Branding Team, to talk about what it takes to align demos across the Microsoft 365 product suite and how to craft a great story. Sponsors ShareGate – ShareGate’s industry-leading products help IT professionals Read More
Playing With Phishing https://isc.sans.edu/forums/diary/Lessons+learned+from+playing+a+willing+phish/25552/ HPE SSD Drives will Stop Working in 3 years https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00092491en_us Malicious Android SDK Captures Social Media Data https://help.twitter.com/en/sdk-issue Kasperski API Exposed to Websites https://palant.de/2019/11/26/internal-kaspersky-api-exposed-to-websites/ Malicious Ad Statistics https://www.confiant.com/Demand-Quality-Report-Q3-2019
DNS over HTTPS (DoH) in SOHO Networks https://isc.sans.edu/forums/diary/My+Little+DoH+Setup/25548/ Fortinet Weak Crypto https://sec-consult.com/en/blog/advisories/weak-encryption-cipher-and-hardcoded-cryptographic-keys-in-fortinet-products/ Tracking Web Users via DNS https://github.com/uBlockOrigin/uBlock-issues/issues/780
Web Filter Misconfiguration Abused for Recognisance https://isc.sans.edu/forums/diary/Abusing+Web+Filters+Misconfiguration+for+Reconnaissance/25538/ Local Malware Analysis with Malice https://isc.sans.edu/forums/diary/Local+Malware+Analysis+with+Malice/25544/ Multiple Vulnerabilities in VNC https://www.kaspersky.com/blog/vnc-vulnerabilities/31462/
In Episode 152, Ben and Scott sit down with Steven Murawski, Lead Cloud Ops Advocate at Microsoft, at Microsoft Ignite to talk about the power and freedom that comes from managing your infrastructure as code using tools like Azure Repos and Azure Pipelines inside of Azure DevOps. You can follow Read More
JAWS DVR Bot https://isc.sans.edu/forums/diary/Cheap+Chinese+JAWS+of+DVR+Exploitability+on+Port+60001/25530/ TianFu Cup https://twitter.com/TianfuCup Microsoft Access Hotfix https://support.microsoft.com/en-us/help/4484198/november-18-2019-update-for-office-2016-kb4484198 Windows 10 DNS over HTTPS https://techcommunity.microsoft.com/t5/Networking-Blog/Windows-will-improve-user-privacy-with-DNS-over-HTTPS/ba-p/1014229 Android Camera Permission Mixup https://www.checkmarx.com/blog/how-attackers-could-hijack-your-android-camera
Carriers Filter SMS Messages Sent By Applications https://isc.sans.edu/forums/diary/SMS+and+2FA+Another+Reason+to+Move+away+from+It/25526/ Intel Removing BIOS Downloads for EOL Hardware https://www.vogons.org/viewtopic.php?f=46&t=69184 https://news.ycombinator.com/item?id=21563309 Outlook 365 Remains Top Phishing Target https://info.phishlabs.com/blog/active-office-365-phishing-campaign-targeting-admin-credentials
In Episode 151, Ben sits down at Microsoft Ignite with Gagan Gulati, Head of Product for Azure Information Protection, and Adam Hall, Director, Microsoft Security to discuss the history of information protection at Microsoft and the material impacts of protecting your organization’s sensitive data in Office 365, including the transition Read More
Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/November+2019+Microsoft+Patch+Tuesday/25516/ Adobe Update https://helpx.adobe.com/security.html Facebook Camera Bug https://www.cnet.com/news/facebook-bug-has-camera-activated-while-people-are-using-the-app McAfee Anti Virus Bypass and Persistance https://safebreach.com/Post/McAfee-All-Editions-MTP-AVP-MIS-Self-Defense-Bypass-and-Potential-Usages-CVE-2019-3648
Are We Going Back to TheMoon And How is Liquor Involved https://isc.sans.edu/forums/diary/Are+We+Going+Back+to+TheMoon+and+How+is+Liquor+Involved/25512/ New Update for Magento Shopping Cart https://magento.com/security/patches/latest-magento-security-update-helps-protect-recently-reported-rce-vulnerability https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update ZoneAlarm vBulletin Forum Breached https://thehackernews.com/2019/11/zonealarm-forum-data-breach.html CSS Injection in Slack to Log Keystrokes https://fletchto99.dev/2019/november/slack-vulnerability/
Microsoft Applications Diverted from Their Main Use https://isc.sans.edu/forums/diary/Microsoft+Apps+Diverted+from+Their+Main+Use/25502/ Did Bluekeep Malware Afect Patching https://isc.sans.edu/forums/diary/Did+the+recent+malicious+BlueKeep+campaign+have+any+positive+impact+when+it+comes+to+patching/25506/ Pwn2Own Summary https://www.zerodayinitiative.com/blog/2019/11/7/pwn2own-tokyo-2019-day-two-final-results State of Javascript Framework Security https://snyk.io/wp-content/uploads/snyk-javascript_report_2019.pdf DShield/ISC Honeypot Update https://isc.sans.edu/honeypot.html
