Sinopsis
Daily update on current cyber security threats
Episodios
-
![ISC StormCast for Friday, June 11th, 2021]()
ISC StormCast for Friday, June 11th, 2021
11/06/2021 Duración: 06minAre Cookie Banners a Waste of Time or a Complete Waste of Time? https://isc.sans.edu/forums/diary/Are+Cookie+Banners+a+Waste+of+Time+or+a+Complete+Waste+of+Time/27436/ Citrix Application Delivery Controller Vulnerability https://support.citrix.com/article/CTX297155 VoIP Monitor GUI XSS https://www.rtcsec.com/post/2021/06/abusing-sip-for-cross-site-scripting-most-definitely/ Denial of Service Vulnerabilitiesin RabbitMQ, EMQ X,and VeneMQ https://www.synopsys.com/blogs/software-security/cyrc-advisory-rabbitmq-emqx-vernemq/
-
![ISC StormCast for Thursday, June 10th, 2021]()
ISC StormCast for Thursday, June 10th, 2021
10/06/2021 Duración: 05minArchitecture, Compilers and Black Magic https://isc.sans.edu/forums/diary/Architecture+compilers+and+black+magic+or+what+else+affects+the+ability+of+AVs+to+detect+malicious+files/27510/ ALPACA TLS Attack https://alpaca-attack.com/ALPACA.pdf Google Chrome Update https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html
-
![ISC StormCast for Wednesday, June 9th, 2021]()
ISC StormCast for Wednesday, June 9th, 2021
09/06/2021 Duración: 06minMicrosoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+June+2021+Patch+Tuesday/27506/ PuzzleMaker Attacks With Chrome Zero-Day Exploit Chain https://securelist.com/puzzlemaker-chrome-zero-day-exploit-chain/102771/ Intel Patches https://www.intel.com/content/www/us/en/security-center/default.html Adobe Updates https://helpx.adobe.com/security.html Let's Encrypt and CentOS 7 https://blog.devgenius.io/lets-encrypt-change-affects-openssl-1-0-x-and-centos-7-49bd66016af3
-
![ISC StormCast for Tuesday, June 8th, 2021]()
ISC StormCast for Tuesday, June 8th, 2021
08/06/2021 Duración: 05minAmazon Sidewalk https://isc.sans.edu/forums/diary/Amazon+Sidewalk+Cutting+Through+the+Hype/27502/ Windows Container Malware https://unit42.paloaltonetworks.com/siloscape/ Darkside Ransom Confiscated https://www.documentcloud.org/documents/20799023-affidavit-1-in-application-by-the-united-states-for-a-seizure-warrant-for-one-account-for-investigation-of-18-usc-ss-981a1a-and-other-offenses-nd-cal-321-mj-70945
-
![ISC StormCast for Monday, June 7th, 2021]()
ISC StormCast for Monday, June 7th, 2021
07/06/2021 Duración: 04minStrange Goings on With Port 37 https://isc.sans.edu/forums/diary/Strange+goings+on+with+port+37/27496/ QNAP Video Station RCE Vulnerability https://www.qnap.com/de-de/security-advisory/qsa-21-21 Updated GitHub Policy https://github.blog/2021-06-04-updates-to-our-policies-regarding-exploits-malware-and-vulnerability-research/ Cisco WebEx Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-player-kOf8zVT VMWare vCenter Server Vulnerability Actively Exploited https://thehackernews.com/2021/06/alert-critical-rce-bug-in-vmware.html
-
![ISC StormCast for Friday, June 4th, 2021]()
ISC StormCast for Friday, June 4th, 2021
04/06/2021 Duración: 06minScript to Test CIS Zoom Benchmark https://github.com/turbot/steampipe-mod-zoom-compliance F5 BIG-IP Edge Client for Windows Vulnerability https://support.f5.com/csp/article/K20346072 Fancy Product Designer Wordpress Plugin Vulnerability https://www.welivesecurity.com/2021/06/03/zero-day-popular-wordpress-plugin-exploited-take-over-websites/ WordPress Pushes Jetpack Plugin Patch https://www.bleepingcomputer.com/news/security/wordpress-force-installs-jetpack-security-update-on-5-million-sites/ We.Lock Vulnerability https://github.com/CriticalSecurity/welock
-
![ISC StormCast for Thursday, June 3rd, 2021]()
ISC StormCast for Thursday, June 3rd, 2021
03/06/2021 Duración: 05minRealtek RTL8170C Vulnerabilities https://www.vdoo.com/blog/realtek-wifi-vulnerabilities-zero-day Huawei LTE USB Stick E3372 Vulnerablity https://www.theregister.com/2021/06/02/huawei_lte_usb_stick_vulnerability/ NortonLifeLock Crypto https://investor.nortonlifelock.com/About/Investors/press-releases/press-release-details/2021/NortonLifeLock-Unveils-Norton-Crypto/default.aspx OpenPGP RNP Patch https://www.rnpgp.org/advisories/ri-2021-001/
-
![ISC StormCast for Wednesday, June 2nd, 2021]()
ISC StormCast for Wednesday, June 2nd, 2021
02/06/2021 Duración: 06minGuildma is now using Finger and Signed Binary Proxy Execution to Evade Defenses https://isc.sans.edu/forums/diary/Guildma+is+now+using+Finger+and+Signed+Binary+Proxy+Execution+to+evade+defenses/27482/ Bypassing Protected Folders Protections https://dl.acm.org/doi/10.1145/3431286 Firefox 89 Released https://www.mozilla.org/en-US/security/advisories/mfsa2021-23/ Microsoft Edge Will make https default https://blogs.windows.com/msedgedev/2021/06/01/available-for-preview-automatic-https-helps-keep-your-browsing-more-secure/
-
![ISC StormCast for Tuesday, June 1st, 2021]()
ISC StormCast for Tuesday, June 1st, 2021
01/06/2021 Duración: 04minMalicious PowerShell Hosted on script.google.com https://isc.sans.edu/forums/diary/Malicious+PowerShell+Hosted+on+scriptgooglecom/27468/ Sonicwall Advisory https://www.sonicwall.com/support/product-notification/security-advisory-on-prem-sonicwall-network-security-manager-nsm-command-injection-vulnerability/210525121534120/ Hewlett Packard Enterprise Systems Insight Manger (SIM) Advisory https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04068en_us Memory Protection Bypass in Siemens PLCs https://claroty.com/2021/05/28/blog-research-race-to-native-code-execution-in-plcs/
-
![ISC StormCast for Friday, May 28th, 2021]()
ISC StormCast for Friday, May 28th, 2021
28/05/2021 Duración: 06minAV evasion with 64-bit Executables https://isc.sans.edu/forums/diary/All+your+Base+arenearly+equal+when+it+comes+to+AV+evasion+but+64bit+executables+are+not/27466/ Unpatches WebKit Vulnerablity in iOS/macOS https://blog.theori.io/research/webkit-type-confusion/ VSCode Extension Vulnerabilities https://snyk.io/blog/visual-studio-code-extension-security-vulnerabilities-deep-dive/ M1RACLES https://m1racles.com
-
![ISC StormCast for Thursday, May 27th, 2021]()
ISC StormCast for Thursday, May 27th, 2021
27/05/2021 Duración: 05minA Survey of Bluetooth Vulnerabilities https://isc.sans.edu/forums/diary/A+Survey+of+Bluetooth+Vulnerabilities+Trends/27460/ Google Chrome Update https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html Attacks on PDF Certification https://www.pdf-insecurity.org nginx vulnerability https://x41-dsec.de/lab/advisories/x41-2021-002-nginx-resolver-copy/
-
![ISC StormCast for Wednesday, May 26th, 2021]()
ISC StormCast for Wednesday, May 26th, 2021
26/05/2021 Duración: 04minUncovering Shenenigans in an IP Address Block via Hurricane Electic's BGP Toolkit https://isc.sans.edu/forums/diary/Uncovering+Shenanigans+in+an+IP+Address+Block+via+Hurricane+Electrics+BGP+Toolkit/27456/ VMware Advisory https://www.vmware.com/security/advisories/VMSA-2021-0010.html Trend Micro Bugs https://blog.talosintelligence.com/2021/05/vuln-spotlight-trend-i.html
-
![ISC StormCast for Tuesday, May 25th, 2021]()
ISC StormCast for Tuesday, May 25th, 2021
25/05/2021 Duración: 04minApple Patches 0-Days https://www.jamf.com/blog/zero-day-tcc-bypass-discovered-in-xcsset-malware/ https://support.apple.com/en-us/HT201222 Bluetooth Vulnerabilities https://kb.cert.org/vuls/id/799380 https://francozappa.github.io/about-bias/publication/antonioli-20-bias/antonioli-20-bias.pdf NAGIOS Vulnerabilities https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/
-
![ISC StormCast for Monday, May 24th, 2021]()
ISC StormCast for Monday, May 24th, 2021
24/05/2021 Duración: 06minServerless Phishing Campaign https://isc.sans.edu/forums/diary/Serverless+Phishing+Campaign/27446/ Locking Kernel32.dll As Anti-Debugging Technique https://isc.sans.edu/forums/diary/Locking+Kernel32dll+As+AntiDebugging+Technique/27444/ WinRM Vulnerable to http.sys Vulnerability https://twitter.com/JimDinMN/status/1395071966487269376 Mozilla Firefox "Content-Type Confusion" Unsafe Code Execution https://besteffortteam.it/mozilla-firefox-content-type-confusion-unsafe-code-execution/
-
![ISC StormCast for Friday, May 21st, 2021]()
ISC StormCast for Friday, May 21st, 2021
21/05/2021 Duración: 19minNew YouTube Video Series: Everything you ever wanted to know about DNS and more https://isc.sans.edu/forums/diary/New+YouTube+Video+Series+Everything+you+ever+wanted+to+know+about+DNS+and+more/27440/ And Ransomware Just Got a Bit Meaner https://isc.sans.edu/forums/diary/And+Ransomware+Just+Got+a+Bit+Meaner+yes+it+is+possible/27438/ Attackers Scanned for Exchange Servers Five Minutes after Patch Release https://www.ehackingnews.com/2021/05/microsoft-exchange-bug-report-allowed.html GPS For Authentication: Is the Juice Worth the Squeeze @sans_edu https://www.sans.org/reading-room/whitepapers/authentication/gps-authentication-juice-worth-squeeze-40270
-
![ISC StormCast for Thursday, May 20th, 2021]()
ISC StormCast for Thursday, May 20th, 2021
20/05/2021 Duración: 06minMay 2021 Forensic Contest: Answers and Analysis https://isc.sans.edu/forums/diary/May+2021+Forensic+Contest+Answers+and+Analysis/27430/ CIS Controls V8 https://www.cisecurity.org/controls/v8/ Dell iDRAC 9 Security Update https://www.dell.com/support/kbdoc/en-us/000186420/dsa-2021-082-dell-emc-idrac-9-security-update-for-improper-authentication-vulnerability QNAP Pre-Auth Remote Code Execution in MuscStation/MalwareRemover https://www.shielder.it/advisories/qnap-musicstation-malwareremover-pre-auth-remote-code-execution/
-
![ISC StormCast for Wednesday, May 19th, 2021]()
ISC StormCast for Wednesday, May 19th, 2021
19/05/2021 Duración: 05minFrom RunDLL32 to JavaScript then PowerShell https://isc.sans.edu/forums/diary/From+RunDLL32+to+JavaScript+then+PowerShell/27428/ New Pulse Secure VPN Advisory https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44800/ Android Stalkerware Vulnerabilities https://www.welivesecurity.com/2021/05/17/android-stalkerware-threatens-victims-further-exposes-snoopers-themselves/ Double Encrypting Ransomware https://www.wired.com/story/ransomware-double-encryption/
-
![ISC StormCast for Tuesday, May 18th, 2021]()
ISC StormCast for Tuesday, May 18th, 2021
18/05/2021 Duración: 06minRansomware Defenses https://isc.sans.edu/forums/diary/Ransomware+Defenses/27420/ AXA Stops Ransomware Payments https://www.insurancejournal.com/news/international/2021/05/09/613255.htm http.sys Proof of Concept https://github.com/0vercl0k/CVE-2021-31166 Google/Mozilla colaborating on HTML Sanitizer API https://wicg.github.io/sanitizer-api/#sanitizer-api SANS Technology Institute Research Journal https://www.sans.edu/cyber-research
-
![ISC StormCast for Monday, May 17th, 2021]()
ISC StormCast for Monday, May 17th, 2021
17/05/2021 Duración: 05min"Open" Access to Industrial Systems Interfaces is Also Far From Zero https://isc.sans.edu/forums/diary/Open+Access+to+Industrial+Systems+Interface+is+Also+Far+From+Zero/27418/ Malicious Rust Macro for VSCode https://github.com/lucky/bad_actor_poc Exim PoC Released https://adepts.of0x.cc/exim-cve-2020-28018/ Newly Observed PHP-based skimmmer shows ongoing Magecart Group 12 activity https://blog.malwarebytes.com/cybercrime/2021/05/newly-observed-php-based-skimmer-shows-ongoing-magecart-group-12-activity/
-
![ISC StormCast for Friday, May 14th, 2021]()
ISC StormCast for Friday, May 14th, 2021
14/05/2021 Duración: 06minCross Browser Tracking with Schemeflood https://fingerprintjs.com/blog/external-protocol-flooding/ Cisco AnyConnect Secure Mobility Client Patch https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-ipc-KfQO9QhK MSBuild Abused By Attackers https://www.anomali.com/blog/threat-actors-use-msbuild-to-deliver-rats-filelessly
