Sinopsis
Daily update on current cyber security threats
Episodios
-
![ISC StormCast for Wednesday, March 20th 2019]()
ISC StormCast for Wednesday, March 20th 2019
19/03/2019 Duración: 06minCloudflare Releases Proxy Detection Tools https://blog.cloudflare.com/monsters-in-the-middleboxes/ Business Email Compromise Moving to SMS https://www.agari.com/email-security-blog/bec-goes-mobile/ JavaScript Requests Without Same Origin Policy Limitations https://www.forcepoint.com/blog/security-labs/attacking-internal-network-public-internet-using-browser-proxy Discovering IPv6 Hosts With UPNP https://blog.talosintelligence.com/2019/03/ipv6-unmasking-via-upnp.html#more
-
![ISC StormCast for Monday, March 18th 2019]()
ISC StormCast for Monday, March 18th 2019
18/03/2019 Duración: 05minPutty Updates https://www.chiark.greenend.org.uk/~sgtatham/putty/ Fujitsu Wireless Keyboard Vulnerabilities https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-033.txt Signed Malware Goes Undetected https://twitter.com/malwrhunterteam/status/1104082562216062978/photo/1?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1104082562216062978&ref_url=https%3A%2F%2Fwww.theregister.co.uk%2F2019%2F03%2F18%2Fsecurity_roundup_150319%2F Free Support for Ubuntu 14.04 LTS Ends in April https://lists.ubuntu.com/archives/ubuntu-announce/2019-March/000241.html Latest Mirai Version with Even More Exploits https://unit42.paloaltonetworks.com/new-mirai-variant-targets-enterprise-wireless-presentation-display-systems/
-
![ISC StormCast for Sunday, March 17th 2019]()
ISC StormCast for Sunday, March 17th 2019
17/03/2019 Duración: 07minBinary Analysis With Jupyter and Radare2 https://isc.sans.edu/forums/diary/Binary+Analysis+with+Jupyter+and+Radare2/24748/ IMAP Brute Forcing against Cloud Accounts https://www.proofpoint.com/us/threat-insight/post/threat-actors-leverage-credential-dumps-phishing-and-legacy-email-protocols Google Allows GSuite Users to Disable SMS/Voice Authentication https://gsuiteupdates.googleblog.com/2019/03/more-control-over-2-step-verification-security-phone-sms.html Sniffing Bitlocker Keys from TPM https://pulsesecurity.co.nz/articles/TPM-sniffing
-
![ISC StormCast for Friday, March 15th 2019]()
ISC StormCast for Friday, March 15th 2019
15/03/2019 Duración: 05minAnalyzing ZIP Files in Ghydra https://isc.sans.edu/forums/diary/Tip+Ghidra+ZIP+Files/24732/ 64 Bit Certificate Serial Number Revocation https://adamcaudill.com/2019/03/09/tls-64bit-ish-serial-numbers-mass-revocation/ Cisco Default Account Problem https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190313-cspcscv Intel Patches https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00185.html https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00191.html
-
![ISC StormCast for Wednesday, March 13th 2019]()
ISC StormCast for Wednesday, March 13th 2019
13/03/2019 Duración: 06minMicrosoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+March+2019+Patch+Tuesday/24742/ Adobe Updates https://helpx.adobe.com/security.html PSMiner https://blog.360totalsecurity.com/en/new-mining-worm-psminer-uses-multiple-high-risk-vulnerabilities-to-spread/ Automatic Certificate Managment Environment https://tools.ietf.org/html/rfc8555
-
![ISC StormCast for Tuesday, March 12th 2019]()
ISC StormCast for Tuesday, March 12th 2019
12/03/2019 Duración: 05minDevOps Tool StackStorm Vulnerability https://quitten.github.io/StackStorm/ Developers Will Not Code Secure By Default https://net.cs.uni-bonn.de/fileadmin/user_upload/naiakshi/Naiakshina_Password_Study.pdf Gaming Industry Supply Chain Attack https://www.welivesecurity.com/2019/03/11/gaming-industry-scope-attackers-asia/
-
![ISC StormCast for Monday, March 11th 2019]()
ISC StormCast for Monday, March 11th 2019
10/03/2019 Duración: 06minReversing HTA Files https://isc.sans.edu/forums/diary/Quick+and+Dirty+Malicious+HTA+Analysis/24728/ Apache SOLR Patch https://issues.apache.org/jira/browse/SOLR-13301 Windows 7 + Google Chrome Exploit in the Wild https://security.googleblog.com/2019/03/disclosing-vulnerabilities-to-protect.html Vulnerable Car Alarms https://www.pentestpartners.com/security-blog/gone-in-six-seconds-exploiting-car-alarms/
-
![ISC StormCast for Friday, March 8th 2019]()
ISC StormCast for Friday, March 8th 2019
08/03/2019 Duración: 06minRSA Panel Video https://www.rsaconference.com/videos/the-five-most-dangerous-new-attack-techniques-and-how-to-counter-them Disposable E-Mail Addresses https://isc.sans.edu/forums/diary/Keep+an+Eye+on+Disposable+Email+Addresses/24716/ NetApp Default Account Vulnerability https://security.netapp.com/advisory/ntap-20190305-0001/ Cisco NS-OS NX-API Privilege Escalation https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-NXAPI-cmdinj Slub Backdoor Users GitHub and Slack https://blog.trendmicro.com/trendlabs-security-intelligence/new-slub-backdoor-uses-github-communicates-via-slack/
-
![ISC StormCast for Thursday, March 7th 2019]()
ISC StormCast for Thursday, March 7th 2019
07/03/2019 Duración: 06minMore Resume Malspam. Now With Trickbot and EternalBlue https://isc.sans.edu/forums/diary/Malspam+with+passwordprotected+word+docs+still+pushing+IcedID+Bokbot+with+Trickbot/24708/ Cloudflare Deploys Rules to Protect Against Recent Drupal Exploit https://www.bleepingcomputer.com/news/security/cloudflare-deploys-firewall-rule-to-block-new-drupal-exploits/ Cisco DoS Vulnerability Activity Exploited https://www.pentestpartners.com/security-blog/cisco-rv130-its-2019-but-yet-strcpy/ MonitorKit uses macOS Game Engine to Analyze Security Events https://github.com/objective-see
-
![ISC StormCast for Wednesday, March 6th 2019]()
ISC StormCast for Wednesday, March 6th 2019
06/03/2019 Duración: 05minComcast Uses same "0000" PIN For All Number Porting Requests https://nakedsecurity.sophos.com/2019/03/05/comcast-security-nightmare-default-0000-pin-on-everybodys-account/ NSA Releases Ghidra Reverse Analysis Tool https://ghidra-sre.org/ Recent Google Chrome Vulnerability Being Exploited https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop.html?m=1 Android Monthly Security Bulletin https://source.android.com/security/bulletin/2019-03-01
-
![ISC StormCast for Tuesday, March 5th 2019]()
ISC StormCast for Tuesday, March 5th 2019
05/03/2019 Duración: 05minMacOS Unpatched Privilge Escalation Vulnerability made Public https://bugs.chromium.org/p/project-zero/issues/detail?id=1726 Windows Exploit Suggester Next Generation Released https://github.com/bitsadmin/wesng Docker Vulnerability used for Crypto Miners https://www.imperva.com/blog/hundreds-of-vulnerable-docker-hosts-exploited-by-cryptocurrency-miners/ Russian GPS Jamming Exercises https://thebarentsobserver.com/en/security/2019/03/russian-military-officials-arrive-oslo-norway-provides-facts-gps-jamming
-
![ISC StormCast for Monday, March 4th 2019]()
ISC StormCast for Monday, March 4th 2019
04/03/2019 Duración: 05minCisco Router Patch https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex Coldfusion Patch and Exploit https://www.carehart.org/blog/client/index.cfm/2019/3/1/urgent_CF_security_update_Part_1 Ransomware Impersonates Protonmail https://twitter.com/demonslay335/status/1097866931762282498 eBay Site Used for eBay Phish (article in German) https://www.heise.de/security/meldung/eBay-Phishing-auf-eBay-Seite-4324266.html
-
![ISC StormCast for Friday, March 1st 2019]()
ISC StormCast for Friday, March 1st 2019
01/03/2019 Duración: 06minEmotet Backend Analysis https://maxkersten.nl/binary-analysis-course/malware-analysis/emotet-droppers/ Kaspersky Vs. Chromecast https://www.bleepingcomputer.com/news/security/kaspersky-av-having-certificate-conflicts-with-google-chromecast/ MageCart Updates https://www.riskiq.com/research/inside-magecart/
-
![ISC StormCast for Thursday, February 28th 2019]()
ISC StormCast for Thursday, February 28th 2019
28/02/2019 Duración: 05minCoinhive Shutting Down https://coinhive.com/blog/en/discontinuation-of-coinhive Azure Blob Storage Phishing https://www.edgewave.com/phishing/feeling-blue-about-phishing/ Old 2014 Elastic Search Vulnerability Exploited https://blog.talosintelligence.com/2019/02/cisco-talos-honeypot-analysis-reveals.html Latest Drupal Vulnerability Exploited https://www.imperva.com/blog/latest-drupal-rce-flaw-used-by-cryptocurrency-miners-and-other-attackers/ F5 Big IP Patches https://support.f5.com/csp/article/K91026261
-
![ISC StormCast for Wednesday, February 27th 2019]()
ISC StormCast for Wednesday, February 27th 2019
27/02/2019 Duración: 05minThunderbolt "Thunderclap" Vulnerabilities https://thunderclap.io/thunderclap-paper-ndss2019.pdf Altering Signed PDF Documents https://www.pdf-insecurity.org/ NVidia Patches https://nvidia.custhelp.com/app/answers/detail/a_id/4772
-
![ISC StormCast for Tuesday, February 26th 2019]()
ISC StormCast for Tuesday, February 26th 2019
26/02/2019 Duración: 07minWinRAR ACE Vulnerabilty used in Malspam https://twitter.com/360TIC/status/1099987939818299392 Sextortion Email With QR Code https://isc.sans.edu/forums/diary/Sextortion+Email+Variant+With+QR+Code/24686/ ICANN Pushes DNSSEC to Defend Against DNS Zone Manipulation https://www.icann.org/news/announcement-2019-02-22-en Android FIDO2 Certification https://fidoalliance.org/android-now-fido2-certified-accelerating-global-migration-beyond-passwords/
-
![ISC StormCast for Monday, February 25th 2019]()
ISC StormCast for Monday, February 25th 2019
25/02/2019 Duración: 05minB0ront0k Linux Server Ransomware https://www.bleepingcomputer.com/news/security/b0r0nt0k-ransomware-wants-75-000-ransom-infects-linux-servers/ Cr1pt0r Ransomware Targets DLink NAS Devices https://www.bleepingcomputer.com/forums/t/691852/cr1ptt0r-ransomware-files-encrypted-readmetxt-support-topic/page-3 LinkedIn Messages Used to Push Fake Job Offers https://www.proofpoint.com/us/threat-insight/post/fake-jobs-campaigns-delivering-moreeggs-backdoor-fake-job-offers
-
![ISC StormCast for Friday, February 22nd 2019]()
ISC StormCast for Friday, February 22nd 2019
22/02/2019 Duración: 06minAdobe Re-Patches Reader/Acrobat Data Leakage Bug https://helpx.adobe.com/security/products/acrobat/apsb19-13.html Microsoft Releases Fix for DoS Vulnerability in IIS https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190005 Drupal Fixes Remote Code Execution Vulnerability https://www.drupal.org/sa-core-2019-003 Linux Kernel Code Execution Vulnerablity https://nvd.nist.gov/vuln/detail/CVE-2019-8912 MikroTik Unauthenticated Proxy https://medium.com/tenable-techblog/mikrotik-firewall-nat-bypass-b8d46398bf24
-
![ISC StormCast for Thursday, February 21st 2019]()
ISC StormCast for Thursday, February 21st 2019
21/02/2019 Duración: 06minMicrosoft Edge Whitelists Facebook to Run Flash https://bugs.chromium.org/p/project-zero/issues/detail?id=1722 Chinese Android Banking App Stores Screenshots of Other Apps https://jqknews.com/news/141073-Jingdong_Finance_denied_stealing_user_information_saying_that_the_image_cache_was_only_local.html Password Manager Vulnerabilities https://www.securityevaluators.com/casestudies/password-manager-hacking/
-
![ISC StormCast for Wednesday, February 20th 2019]()
ISC StormCast for Wednesday, February 20th 2019
20/02/2019 Duración: 06minRussian Malspam Pushing Shade/Troldesh Ransomware https://isc.sans.edu/forums/diary/More+Russian+language+malspam+pushing+Shade+Troldesh+ransomware/24668/ Bitdefender Releases GandCrab Decrypter https://labs.bitdefender.com/2019/02/new-gandcrab-v5-1-decryptor-available-now/ Bank Infrastructure Used in Phishing Attacks (russian) https://www.group-ib.ru/blog/incident SHA-2 Patch For Windows 7 / 2008 R2 SP1 https://support.microsoft.com/en-us/help/4472027/2019-sha-2-code-signing-support-requirement-for-windows-and-wsus
