Sans Internet Storm Center Daily Network/cyber Security And Information Security Podcast

Sans Internet Storm Center Daily Network/cyber Security And Information Security Podcast

Autor: Vários
Narrador: Vários
Editor: Podcast
Duración: 257:30:05

Mas informaciones

Sinopsis

Daily update on current cyber security threats

Show more

Episodios

ISC StormCast for Thursday, January 19th 2017

18/01/2017 Duración: 06min

US-Cert Considers Netbios/SMBv1 Harmfull https://www.us-cert.gov/ncas/current-activity/2017/01/16/SMB-Security-Best-Practices IPv6 Atomic Fragments Can Lead to DDoS Attack https://tools.ietf.org/html/rfc8021 Facebook Was Affectd by ImageTragick Flaw http://4lemon.ru/2017-01-17_facebook_imagetragick_remote_code_execution.html Malwarebytes Identifies Old Mac Backdoor https://blog.malwarebytes.com/threat-analysis/2017/01/new-mac-backdoor-using-antiquated-code/ Oracle Quarterly Critical Patch Update http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA

Escucha
ISC StormCast for Wednesday, January 18th 2017

17/01/2017 Duración: 05min

domain_stats.py: A Web API For SEIM Phishing Hunts; https://isc.sans.edu/forums/diary/domainstatspy+a+web+api+for+SEIM+phishing+hunts/21943/ Mutiple RCE in ZyXEL/Billion/True Online Routers http://seclists.org/fulldisclosure/2017/Jan/40 Dovecot Passes Security Audit https://wiki.mozilla.org/images/4/4d/Dovecot-report.pdf Dutch Web Developers Left Backdoors Behind http://www.theregister.co.uk/2017/01/17/police_warn_of_dutch_developer_who_built_backdoors_for_carding/ Mobile Applications Contain Secrets https://hackernoon.com/we-reverse-engineered-16k-apps-heres-what-we-found-51bdf3b456bb

Escucha
ISC StormCast for Tuesday, January 17th 2017

16/01/2017 Duración: 05min

Whitelisting File Extensions in Apache https://isc.sans.edu/forums/diary/Whitelisting+File+Extensions+in+Apache/21937/ Wordpress 4.7.1 Updates PHPMailer https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/ Tricky Phishing Attacks Harvesting Google Passwords https://www.wordfence.com/blog/2017/01/gmail-phishing-data-uri/ More Refined Browser Fingerprinting Via GPU Features https://drive.google.com/file/d/0B4s900Byvv1ibW5uc1NiU2g3R3c/view

Escucha
ISC StormCast for Monday, January 16th 2017

15/01/2017 Duración: 07min

Backup Files Are Good if They are Outside Your Web Servers Document Root https://isc.sans.edu/forums/diary/Backup+Files+Are+Good+but+Can+Be+Evil/21935/ Exploiting Apache Server Status http://blog.mazinahmed.net/2017/01/exploiting-misconfigured-apache-server-status-instances.html WhatsApp Backdoor Controversy https://www.theguardian.com/technology/2017/jan/13/whatsapp-backdoor-allows-snooping-on-encrypted-messages https://whispersystems.org/blog/there-is-no-whatsapp-backdoor/ Hardening Windows 10 https://blogs.technet.microsoft.com/mmpc/2017/01/13/hardening-windows-10-with-zero-day-exploit-mitigations/ Injecting JavaScript Into PDFs http://insert-script.blogspot.in/2016/10/pdf-how-to-steal-pdfs-by-injecting.html

Escucha
ISC StormCast for Friday, January 13th 2017

13/01/2017 Duración: 06min

System Resources Utilization Monitor #SRUM https://isc.sans.edu/forums/diary/System+Resource+Utilization+Monitor/21927/ Docker Fixes Privilege Escalation Vulnerability http://seclists.org/fulldisclosure/2017/Jan/21 Taking Over Expired Name Servers https://thehackerblog.com/respect-my-authority-hijacking-broken-nameservers-to-compromise-your-target/ Updated Certificate Revocation Data https://isc.sans.edu/crls.html Shadow Broker Releasing More Tools and Going Dark https://heimdalsecurity.com/blog/security-alert-the-shadow-brokers-windows-hacking-tools/ Extracting Fingerprints from Selfies http://www.japantimes.co.jp/news/2017/01/11/national/crime-legal/researchers-warn-fingerprint-theft-peace-sign/

Escucha
ISC StormCast for Thursday, January 12th 2017

12/01/2017 Duración: 06min

Hancitor/Pny/Vawtrak installed by Malicious Word Document in Fake Parking Ticket E-Mail https://isc.sans.edu/forums/diary/HancitorPonyVawtrak+malspam/21919/ Godaddy Revokes > 6,000 SSL Certs After Validation Bug https://www.godaddy.com/garage/godaddy/information-about-ssl-bug/ DVR Master Password List Leaked https://www.pentestpartners.com/blog/leaked-dvr-creds-added-to-the-iot-fail-list/ Autofill Enables Information Leakage https://github.com/anttiviljami/browser-autofill-phishing

Escucha
ISC StormCast for Wednesday, January 11th 2017

11/01/2017 Duración: 05min

Microsoft Patch Tuesday Summary https://isc.sans.edu/forums/diary/January+2017+Microsoft+Patch+Tuesday/21915/ Adobe Patch Tuesday Summary https://isc.sans.edu/forums/diary/Adobe+January+2017+Patches/21917/ Port 37777 "MapTable" Requests https://isc.sans.edu/forums/diary/Port+37777+MapTable+Requests/21913/ CVE 2016-7200/7201 Exploit Included in Sundown Exploit Kit http://malware.dontneedcoffee.com/2017/01/CVE-2016-7200-7201.html

Escucha
ISC StormCast for Tuesday, January 10th 2017

09/01/2017 Duración: 05min

Damn Vulnerable Web Sockets (DVWS) Demonstrates WebSocket Vulnerabilities https://github.com/interference-security/DVWS St. Jude Medical Patches Vulnerable Cardiac Devices https://threatpost.com/st-jude-medical-patches-vulnerable-cardiac-devices/122955/ Cracking Hashes of Passwords 12 Characters and Longer http://www.netmux.com/blog/cracking-12-character-above-passwords VNC Library Update https://www.debian.org/security/2017/dsa-3753

Escucha
ISC StormCast for Monday, January 9th 2017

09/01/2017 Duración: 05min

Careful With Security Tools That Submit Files to Virustotal https://isc.sans.edu/forums/diary/Great+Misadventures+of+Security+Vendors+Absurd+Sandboxing+Edition/21895/ Vulnerable Security Tools Can Be Used Against You https://isc.sans.edu/forums/diary/Using+Security+Tools+to+Compromize+a+Network/21903/ Elaborate Ransomware Attacks http://www.actionfraud.police.uk/news/department-of-education-ransomware-alert-jan17 E-Mail and iTunes Popup Extortion https://blog.malwarebytes.com/101/mac-the-basics/2017/01/tech-support-scam-page-attempts-denial-of-service-via-mail-app/

Escucha
ISC StormCast for Friday, January 6th 2017

06/01/2017 Duración: 06min

Google.com.br DNS Hijack https://www.linkedin.com/pulse/googlecombr-hacked-renato-marinho Attackers Use Stolen Passwords To Take Over Spreadshirt.com Accounts. https://www.heise.de/security/meldung/Angriff-auf-Spreadshirt-Konten-3589579.html (sorry, only in German) Ransomware Adding DDoS Component https://www.bleepingcomputer.com/news/security/firecrypt-ransomware-comes-with-a-ddos-component/ Old Malware Returning in Targeted Attacks https://blogs.forcepoint.com/security-labs/mm-core-memory-backdoor-returns-bigboss-and-sillygoose

Escucha
ISC StormCast for Thursday, January 5th 2017

05/01/2017 Duración: 05min

GRE Packets May Be Related To Linux Kernel Bug http://www.openwall.com/lists/oss-security/2016/10/13/11 Insecure MongoDB Instances Hit By Fake Ransomware https://twitter.com/0xDUDE Android Security Update https://source.android.com/security/bulletin/2017-01-01.html Identifying WordPress Websites on Local Networks https://www.netsparker.com/blog/web-security/bruteforce-wordpress-local-networks-xshm-attack/

Escucha
ISC StormCast for Wednesday, January 4th 2017

03/01/2017 Duración: 04min

Removing "Ransom Ware" From Android Based LG TVs https://www.youtube.com/watch?v=0WZ4uLFTHEE libpng Patches 30 Year Old Bug http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.567619 Kaspersky Antivirus SSL Interception Vulnerability https://bugs.chromium.org/p/project-zero/issues/detail?id=978 Thunderbird Update Fixes Critical Vulnerability https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/

Escucha
ISC StormCast for Tuesday, January 3rd 2017

03/01/2017 Duración: 05min

AT&T 2G Network Shutdown https://www.att.com/esupport/article.html#!/wireless/KM1084805 Leap Second https://blog.cloudflare.com/how-and-why-the-leap-second-affected-cloudflare-dns/ Thunderbird Patch https://www.heise.de/security/meldung/Thunderbird-Mozilla-schliesst-mit-Sicherheitsupdate-kritische-Luecken-3583472.html iMessage Crash https://vincedes3.com/crash-message-app-iphone/ Truffle Hog https://github.com/dxa4481/truffleHog

Escucha
ISC StormCast for Friday, December 30th 2016

30/12/2016 Duración: 03min

Protocol 47 (GRE) Traffic https://isc.sans.edu/forums/diary/Increase+in+Protocol+47+denys/21865/ US Cert Releases "Grizzly Steppe" Report https://www.us-cert.gov/security-publications/GRIZZLY-STEPPE-Russian-Malicious-Cyber-Activity Android Malware Changes Router DNS Settings https://securelist.com/blog/mobile/76969/switcher-android-joins-the-attack-the-router-club/

Escucha
ISC StormCast for Thursday, December 29th 2016

29/12/2016 Duración: 05min

More PHPMailer Issues. Update Again https://github.com/PHPMailer/PHPMailer/wiki/About-the-CVE-2016-10033-and-CVE-2016-10045-vulnerabilities CCC Talk: Lockpicking in the IoT https://media.ccc.de/v/33c3-8019-lockpicking_in_the_iot CCC Talk: IPv6 Scanning https://media.ccc.de/v/33c3-8061-you_can_-j_reject_but_you_can_not_hide_global_scanning_of_the_ipv6_internet

Escucha
ISC StormCast for Wednesday, December 28th 2016

28/12/2016 Duración: 05min

Using Daemonlogger as a Software Tap https://isc.sans.edu/forums/diary/Using+daemonlogger+as+a+Software+Tap/21859/ CCC Conference https://events.ccc.de/congress/2016/wiki/Main_Page PHPMailer Exploit Released https://legalhackers.com/exploits/CVE-2016-10033/PHPMailer-RCE-exploit-poc.txt Patch For Exim Mail Server https://exim.org/static/doc/CVE-2016-9963.txt Signal Uses Domain Fronting To Evade Censor Ship https://whispersystems.org/blog/doodles-stickers-censorship/

Escucha
ISC StormCast for Tuesday, December 27th 2016

27/12/2016 Duración: 06min

Criticial RCE Flaw in PHPMailer https://isc.sans.edu/forums/diary/Critical+security+update+PHPMailer+5218+CVE201610033/21855/ Malware Delays Execution with "Ping" https://isc.sans.edu/forums/diary/Pinging+All+The+Way/21849/ Apple Extends TLS Deadline https://isc.sans.edu/forums/diary/Pinging+All+The+Way/21849/

Escucha
ISC StormCast for Thursday, December 22nd 2016

21/12/2016 Duración: 04min

Mirai Trying Various Telnet Alternatives https://isc.sans.edu/forums/diary/UPDATED+x1+Mirai+Scanning+for+Port+6789+Looking+for+New+Victims+Now+hitting+tcp23231/21833/ Ukraining Power Outages http://uawire.org/news/ukrenergo-claims-that-blackouts-in-kyiv-could-have-been-caused-by-hackers OurMine Hacks Netflix and Other Twitter Accounts http://www.bbc.com/news/technology-38390343?ocid=socialflow_twitter Methbot Generating Millions of Dollars With Click Fraud http://go.whiteops.com/rs/179-SQE-823/images/WO_Methbot_Operation_WP.pdf

Escucha
ISC StormCast for Wednesday, December 21st 2016

21/12/2016 Duración: 05min

vSphere Data Protection Known SSH Key http://www.vmware.com/security/advisories/VMSA-2016-0024.html nmap Update https://nmap.org/download.html SCCM Software Metering https://www.fireeye.com/blog/threat-research/2016/12/do_you_see_what_icc.html CryptXXX Version 3 Decryptor Available https://noransom.kaspersky.com Airline Inflight Entertainment System Hack http://blog.ioactive.com/2016/12/in-flight-hacking-system.html SEC503, Intrusion Detection in Depth: Brussles January 16th-21st 2017 https://www.sans.org/event/brussels-winter-2017/course/intrusion-detection-in-depth

Escucha
ISC StormCast for Tuesday, December 20th 2016

20/12/2016 Duración: 04min

Mirai Likely Behind Port 6789 Scans. Yet Another Backdoor https://isc.sans.edu/forums/diary/Mirai+Scanning+for+Port+6789+Looking+for+New+Victims/21833/ OpenSSH update https://www.openssh.com/releasenotes.html#7.4 Google Releases Tool to Audit Crypto Libraries https://security.googleblog.com/2016/12/project-wycheproof.html Escaping A Restricted Shell https://humblesec.wordpress.com/2016/12/08/escaping-a-restricted-shell/

Escucha

|<
<<
>>
>|

página 106 de 116