Mining Live Networks for OUI Data Oddness https://isc.sans.edu/forums/diary/Mining+Live+Networks+for+OUI+Data+Oddness/25404/ iTerm2 Vulnerability https://groups.google.com/forum/#!topic/iterm2-discuss/57k_AuLdQa4 Apple Updater Exploited in Bitpaymer Campaign https://blog.morphisec.com/apple-zero-day-exploited-in-bitpaymer-campaign
In Episode 146, Ben and Scott start to break down Azure Resource Manager templates and some of the tooling and benefits to managing your Azure infrastructure (and yes, that includes PaaS services!) as code. Sponsors ShareGate - ShareGate's industry-leading products help IT professionals worldwide migrate their business to the Office Read More
What Data Does Vidar Malware Steal https://isc.sans.edu/forums/diary/What+data+does+Vidar+malware+steal+from+an+infected+host/25398/ NTLM MIC Bypass https://www.preempt.com/blog/drop-the-mic-2-active-directory-open-to-more-ntlm-attacks/ Threats on Google Play https://news.drweb.com/show/review/?i=13446#google
Cloudflare Warp + NordVPN on iOS Leads to Traffic in the Clear https://awakened1712.github.io/hacking/hacking-whatsapp-gif-rce/ WhatsApp Bug https://awakened1712.github.io/hacking/hacking-whatsapp-gif-rce/ MacOS Catalina and Safari Update Released https://www.macrumors.com/2019/10/07/apple-releases-macos-catalina/ https://support.apple.com/en-us/HT201222 (nothing new yet) Magecart Still Going Strong https://www.theregister.co.uk/2019/10/04/magecart/ (original RiskIQ report requires Registration)
visNetwork for Network Data https://isc.sans.edu/forums/diary/visNetwork+for+Network+Data/25390/ Android Priv. Escalation Vulnerability Exploited in the Wild https://bugs.chromium.org/p/project-zero/issues/detail?id=1942 Signal Evesdropping Vulnerability https://bugs.chromium.org/p/project-zero/issues/detail?id=1943
Last Files Ransomware is Back With New Ruse https://isc.sans.edu/forums/diary/LostFiles+Ransomware/25382/ tcpdump vulnerabilities https://www.tcpdump.org/tcpdump-changes.txt TLS Manipulating Malware https://securelist.com/compfun-successor-reductor/93633/ Luasz Cyra: Pass the Hash in Windows 10 https://www.sans.org/reading-room/whitepapers/testing/paper/39170
In Episode 145, Ben and Scott break out their soup bowls and continue digging into their acronym soup with Azure Information Protection labels and their various flavors - unified labels, sensitivity labels, and retention labels. Sponsors Opsgility - Your Cloud enablement partner to help guide your organization through all phases Read More
PDF Encryption Flaw https://web-in-security.blogspot.com/2019/09/pdfex-major-security-flaws-in-pdf.html Windows 7 Security Updates Beyond 2020 https://www.microsoft.com/en-us/microsoft-365/blog/2019/10/01/windows-small-midsize-businesses-stay-secure-current/ ODT Documents Used to Distribute Malware https://blog.talosintelligence.com/2019/09/odt-malware-twist.html
Maldoc, PowerShell and BITS https://isc.sans.edu/forums/diary/Maldoc+PowerShell+BITS/25372/ Yet Another Critical Exim Flaw https://nvd.nist.gov/vuln/detail/CVE-2019-16928 CISCO Introduces Semianual Patch Day https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-72547 Windows 2019 to make it easier to disable legacy TLS Versions https://www.microsoft.com/security/blog/2019/09/30/tls-version-enforcement-capabilities-now-available-certificate-binding-windows-server-2019
vBulletin Botnet https://twitter.com/bad_packets/status/1177256656322695168 Cisco Industrial Router Security Bulletin https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ios-gos-auth Sniffle Bluetooth Sniffer https://github.com/nccgroup/sniffle Outlook on the web blocking more extensions https://techcommunity.microsoft.com/t5/Exchange-Team-Blog/Changes-to-File-Types-Blocked-in-Outlook-on-the-web/ba-p/874451
