Sinopsis
Daily update on current cyber security threats
Episodios
-
![ISC StormCast for Tuesday, September 15th 2020]()
ISC StormCast for Tuesday, September 15th 2020
15/09/2020 Duración: 05minNot Everything About ".well-known" is Well Known https://isc.sans.edu/forums/diary/Not+Everything+About+wellknown+is+Well+Known/26564/ BLE Lock Vulnerable to Replay Attack https://www.pentestpartners.com/security-blog/360lock-smart-lock-review/ Mobile Iron Exploit Released https://blog.orange.tw/2020/09/how-i-hacked-facebook-again-mobileiron-mdm-rce.html
-
![ISC StormCast for Monday, September 14th 2020]()
ISC StormCast for Monday, September 14th 2020
14/09/2020 Duración: 06minPillaging and Protecting the Clipboard https://isc.sans.edu/forums/diary/Whats+in+Your+Clipboard+Pillaging+and+Protecting+the+Clipboard/26556/ Critical Vulnerability in PANOS https://security.paloaltonetworks.com/CVE-2020-2040 Linux VoIP Softswitch Malware https://www.welivesecurity.com/2020/09/10/who-callin-cdrthief-linux-voip-softswitches/ CVE-2020-1472 Zerologon Privilege Escalation Vulnerability https://www.secura.com/blog/zero-logon
-
![ISC StormCast for Friday, September 11th 2020]()
ISC StormCast for Friday, September 11th 2020
11/09/2020 Duración: 07minRecent Dridex Activity https://isc.sans.edu/forums/diary/Recent+Dridex+activity/26550/ Zoom Bombings and Zoom 2FA https://arxiv.org/abs/2009.03822 https://blog.zoom.us/secure-your-zoom-account-with-two-factor-authentication/ AMD Server CPUs May Be Locked to Particular Motherboard https://www.servethehome.com/amd-psb-vendor-locks-epyc-cpus-for-enhanced-security-at-a-cost/ BLURtooth Vulnerability https://www.bluetooth.com/learn-about-bluetooth/bluetooth-technology/bluetooth-security/blurtooth/
-
![ISC StormCast for Thursday, September 10th 2020]()
ISC StormCast for Thursday, September 10th 2020
10/09/2020 Duración: 05minMacOS 11 Network Traffic https://isc.sans.edu/forums/diary/A+First+Look+at+macOS+11+Big+Sur+Network+Traffic+New+Now+with+more+GREASE/26548/ Azure Offers Automatic Windows VM Patching https://azure.microsoft.com/en-us/updates/automatic-vm-guest-patching-now-in-preview/ WeaveScope Used to Attack Docker Infrastructure https://www.intezer.com/blog/cloud-workload-protection/attackers-abusing-legitimate-cloud-monitoring-tools-to-conduct-cyber-attacks/
-
![ISC StormCast for Wednesday, September 9th 2020]()
ISC StormCast for Wednesday, September 9th 2020
09/09/2020 Duración: 06minMicrosoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+September+2020+Patch+Tuesday/26544/ Adobe Security Bulletins https://helpx.adobe.com/security.html Intel Patches https://www.intel.com/content/www/us/en/security-center/default.html
-
![ISC StormCast for Tuesday, September 8th 2020]()
ISC StormCast for Tuesday, September 8th 2020
08/09/2020 Duración: 05minA Blast From The Past: XXEncoded VB 6.0 Trojan https://isc.sans.edu/forums/diary/A+blast+from+the+past+XXEncoded+VB60+Trojan/26538/ Office: About OLE and ZIP Files https://isc.sans.edu/forums/diary/Office+About+OLE+and+ZIP+Files/26540/ Go XSS Vulnerability https://seclists.org/fulldisclosure/2020/Sep/5 "Baka" JavaScript Skimmer https://usa.visa.com/content/dam/VCOM/global/support-legal/documents/visa-security-alert-baka-javascript-skimmer.pdf
-
![ISC StormCast for Friday, September 4th 2020]()
ISC StormCast for Friday, September 4th 2020
04/09/2020 Duración: 06minSandbox Evasion Using NTP https://isc.sans.edu/forums/diary/Sandbox+Evasion+Using+NTP/26534/ Android DNS over HTTPS https://blog.chromium.org/2020/09/a-safer-and-more-private-browsing.html Cisco Jabber Vulnerability Fullowup https://watchcom.no/nyheter/nyhetsarkiv/uncovers-cisco-jabber-vulnerabilities/
-
![ISC StormCast for Thursday, September 3rd 2020]()
ISC StormCast for Thursday, September 3rd 2020
03/09/2020 Duración: 06minPython and Risky Windows API Calls https://isc.sans.edu/forums/diary/Python+and+Risky+Windows+API+Calls/26530/ QNAP Updates https://www.qnap.com/en/release-notes/qts/4.3.6.1411/20200825 https://www.qnap.com/en/release-notes/qts/4.4.3.1400/20200817 iOS 13.7 Update https://support.apple.com/en-us/HT201222 Cisco Jabber Update https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-jabber-UyTKCPGg MoFi Router Vulnerabilities https://www.criticalstart.com/critical-vulnerabilities-discovered-in-mofi-routers/
-
![ISC StormCast for Wednesday, September 2nd 2020]()
ISC StormCast for Wednesday, September 2nd 2020
02/09/2020 Duración: 06minExposed Domain Controllers Used in DDoS Attacks https://isc.sans.edu/forums/diary/Exposed+Windows+Domain+Controllers+Used+in+CLDAP+DDoS+Attacks/26526/ Microsoft Reviving SHA-1 https://techcommunity.microsoft.com/t5/microsoft-security-baselines/security-baseline-for-microsoft-edge-version-85/ba-p/1618585 Trend Micro Updating Anti Malware Products https://success.trendmicro.com/solution/000263632 Public Voter Data Sold as "Breach" https://www.cyberscoop.com/russia-hack-michigan-voter-data-kommersant/
-
![ISC StormCast for Tuesday, September 1st 2020]()
ISC StormCast for Tuesday, September 1st 2020
01/09/2020 Duración: 05minFinding The Original Maldoc https://isc.sans.edu/forums/diary/Finding+The+Original+Maldoc/26520/ Slack Remote Code Execution https://hackerone.com/reports/783877 Apple Approved Malware https://objective-see.com/blog/blog_0x4E.html Cisco IOS XR Bug Exploited https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz
-
![ISC StormCast for Monday, August 31st 2020]()
ISC StormCast for Monday, August 31st 2020
31/08/2020 Duración: 07minCenturyLink Outage https://blog.cloudflare.com/analysis-of-todays-centurylink-level-3-outage/ New Zealand Stock Market Denial of Service Attack https://www.theregister.com/2020/08/27/nzx_ddos_third_day/ Pulse Connect Secure RCE Patch https://www.gosecure.net/blog/2020/08/26/forget-your-perimeter-rce-in-pulse-connect-secure/
-
![ISC StormCast for Friday, August 28th 2020]()
ISC StormCast for Friday, August 28th 2020
28/08/2020 Duración: 07minA Reminder about Security.txt https://isc.sans.edu/forums/diary/Securitytxt+one+small+file+for+an+admin+one+giant+help+to+a+security+researcher/26510/ DNS Queries to Root Name Servers https://blog.apnic.net/2020/08/21/chromiums-impact-on-root-dns-traffic/ https://www.zdnet.com/article/chromium-dns-hijacking-detection-accused-of-being-around-half-of-all-root-queries/ Microsoft Extends Windows 10 1803 Deadline https://support.microsoft.com/en-us/help/13853/windows-lifecycle-fact-sheet LemonDuck Adding New Tricks https://news.sophos.com/en-us/2020/08/25/lemon_duck-cryptominer-targets-cloud-apps-linux/
-
![ISC StormCast for Thursday, August 27th 2020]()
ISC StormCast for Thursday, August 27th 2020
27/08/2020 Duración: 05minMalicious Excel Sheet with a NULL VT Score https://isc.sans.edu/forums/diary/Malicious+Excel+Sheet+with+a+NULL+VT+Score/26506/ APT Attack Uses Autodesk Plugin https://www.bitdefender.com/files/News/CaseStudies/study/365/Bitdefender-PR-Whitepaper-APTHackers-creat4740-en-EN-GenericUse.pdf Firefox Update https://www.mozilla.org/en-US/security/advisories/mfsa2020-36/ Arrest in Insider Attack https://www.justice.gov/opa/press-release/file/1308766/download
-
![ISC StormCast for Wednesday, August 26th 2020]()
ISC StormCast for Wednesday, August 26th 2020
26/08/2020 Duración: 05minKeep an Eye on LOLBins https://isc.sans.edu/forums/diary/Keep+An+Eye+on+LOLBins/26502/ Malicious iOS Adnetwork SDK https://snyk.io/research/sour-mint-malicious-sdk/ Apache Update https://httpd.apache.org/security/vulnerabilities_24.html Google Chrome User-Agent Client Hints https://web.dev/user-agent-client-hints/
-
![ISC StormCast for Tuesday, August 25th 2020]()
ISC StormCast for Tuesday, August 25th 2020
25/08/2020 Duración: 05minTracking a Malware Campaign Through VT https://isc.sans.edu/forums/diary/Tracking+A+Malware+Campaign+Through+VT/26498/ Zoom Outage https://www.cnn.com/2020/08/24/us/zoom-outage-worldwide-trnd/index.html RDP Remains a Top Target https://www.group-ib.com/media/iran-cybercriminals/?utm_source=bleeping_computer&utm_medium=article&utm_campaign=referral Microsoft Introduces Application Guard https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/install-app-guard?view=o365-worldwide Safari File Sharing Bug https://blog.redteam.pl/2020/08/stealing-local-files-using-safari-web.html
-
![ISC StormCast for Monday, August 24th 2020]()
ISC StormCast for Monday, August 24th 2020
24/08/2020 Duración: 06minA Word of Caution: Helping Cyber Stalking Victims https://isc.sans.edu/forums/diary/A+Word+of+Caution+Helping+Out+People+Being+Stalked+Online/26422/ RDP and Telnet Scans https://isc.sans.edu/forums/diary/Remote+Desktop+TCP3389+and+Telnet+TCP23+What+might+they+have+in+Common/26492/ Thales Cinterion Input Validation Vulnerability https://www.thalesgroup.com/en/markets/digital-identity-and-security/iot/resources/security-updates-cinterion-iot-modules Google Drive File Extension Spoofing https://thehackernews.com/2020/08/google-drive-file-versions.html
-
![ISC StormCast for Friday, August 21st 2020]()
ISC StormCast for Friday, August 21st 2020
21/08/2020 Duración: 06minOffice 365 Mail Forwarding Rules (and other Mail Rules too) https://isc.sans.edu/forums/diary/Office+365+Mail+Forwarding+Rules+and+other+Mail+Rules+too/26484/ Spoofing GMail/GSuite Customers https://ezh.es/blog/2020/08/the-confused-mailman-sending-spf-and-dmarc-passing-mail-as-any-gmail-or-g-suite-customer/ Microsoft Updates DisableAntiSpyware Registry Key https://docs.microsoft.com/en-us/windows-hardware/customize/desktop/unattend/security-malware-windows-defender-disableantispyware Acoustic Based Physical Key Inference https://www.comp.nus.edu.sg/~junhan/papers/SpiKey_HotMobile20_CamReady.pdf
-
![ISC StormCast for Thursday, August 20th 2020]()
ISC StormCast for Thursday, August 20th 2020
20/08/2020 Duración: 06minExample of a Word Document Delivering Qakbot https://isc.sans.edu/forums/diary/Example+of+Word+Document+Delivering+Qakbot/26482/ PGP/SMime Implementation Weaknesses https://www.nds.ruhr-uni-bochum.de/media/nds/veroeffentlichungen/2020/08/15/mailto-paper.pdf Windows 8.1 / 2012 Special Patch https://support.microsoft.com/en-us/help/4578013/security-update-for-windows-8-1-rt-8-1-and-server-2012-r2 Fileless Cryptomining Worm https://www.helpnetsecurity.com/2020/08/19/fileless-worm-p2p-botnet/
-
![ISC StormCast for Wednesday, August 19th 2020]()
ISC StormCast for Wednesday, August 19th 2020
19/08/2020 Duración: 05minUsing APIs to Track Attackers https://isc.sans.edu/forums/diary/Using+APIs+to+Track+Attackers/26472/ Jenkins Security Advisory https://www.jenkins.io/security/advisory/2020-08-17/ Chrome Will Warn of Insecure Forms https://blog.chromium.org/2020/08/protecting-google-chrome-users-from.html Reminder: September 1st Certificate Expiration Change https://www.ssl.com/blogs/398-day-browser-limit-for-ssl-tls-certificates-begins-september-1-2020/ Cryptojacking Worm Steals AWS Credentials https://www.helpnetsecurity.com/2020/08/18/worm-steals-aws-credentials/
-
![ISC StormCast for Tuesday, August 18th 2020]()
ISC StormCast for Tuesday, August 18th 2020
18/08/2020 Duración: 05minApache Struts Patch and PoC Exploit https://www.tenable.com/blog/cve-2019-0230-apache-struts-potential-remote-code-execution-vulnerability https://cwiki.apache.org/confluence/display/WW/S2-059 Emotet Bug Used to Inoculate Systems https://www.binarydefense.com/emocrash-exploiting-a-vulnerability-in-emotet-malware-for-defense/
