ISC StormCast for Wednesday, October 23rd, 2024

Afleveringen

ISC StormCast for Wednesday, November 6th, 2024
6 nov· SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Python RAT with a Nice Screensharing Feature
https://isc.sans.edu/diary/Python%20RAT%20with%20a%20Nice%20Screensharing%20Feature/31414
Android Security Bulletin November 2024
https://source.android.com/docs/security/bulletin/2024-11-01
Malware Delivered as Virtual Machine
https://www.securonix.com/blog/crontrap-emulated-linux-environments-as-the-latest-tactic-in-malware-staging/
Fake Docusign Invoices
https://lab.wallarm.com/attackers-abuse-docusign-api-to-send-authentic-looking-invoices-at-scale/
- Luisteren Nogmaals beluisteren Doorgaan Wordt afgespeeld...
- Later beluisteren Later beluisteren
ISC StormCast for Tuesday, November 5th, 2024
5 nov· SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Analyzing an Encrypted Phishing PDF
https://isc.sans.edu/diary/Analyzing%20an%20Encrypted%20Phishing%20PDF/31404
Okta Verify Desktop MFA For Windows Password Less Login CVE-2024-9191
https://trust.okta.com/security-advisories/okta-verify-desktop-mfa-for-windows-passwordless-login-cve-2024-9191/
QNAP QuRouter Vulnerability and Patch
https://www.qnap.com/en/security-advisory/qsa-24-45
From Naptime to Big Sleep
https://googleprojectzero.blogspot.com/2024/10/from-naptime-to-big-sleep.html
Authenticated SQL injection vulnerability - ManageEngine ADManager Plus CVE-2024-48878
https://www.manageengine.com/products/ad-manager/admanager-kb/cve-2024-48878.html
- Luisteren Nogmaals beluisteren Doorgaan Wordt afgespeeld...
- Later beluisteren Later beluisteren
Zijn er afleveringen die ontbreken?

Klik hier om de feed te vernieuwen.
ISC StormCast for Monday, November 4th, 2024
4 nov· SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
October Activity with Username chenzilong
https://isc.sans.edu/diary/October%202024%20Activity%20with%20Username%20chenzilong/31400
qpdf Extracting PDF Streams
https://isc.sans.edu/diary/qpdf%3A%20Extracting%20PDF%20Streams/31406
Okta bcrypt issue
https://trust.okta.com/security-advisories/okta-ad-ldap-delegated-authentication-username/
https://medium.com/@rajat29gupta/how-bcrypts-limitations-contributed-to-okta-s-vulnerability-a-lesson-for-developers-39425c644ed5
Synology Vulnerabilities
https://www.synology.com/de-de/security/advisory/Synology_SA_24_19
https://www.synology.com/de-de/security/advisory/Synology_SA_24_18
Lastpass Fake Reviews
https://blog.lastpass.com/posts/fake-web-store-reviews-attempting-to-steal-customer-data
- Luisteren Nogmaals beluisteren Doorgaan Wordt afgespeeld...
- Later beluisteren Later beluisteren
ISC StormCast for Thursday, October 31st, 2024
31 okt· SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Scans for RDP Gateways
https://isc.sans.edu/diary/Scans%20for%20RDP%20Gateways/31398
CyberPanel Exploited
https://www.bleepingcomputer.com/news/security/massive-psaux-ransomware-attack-targets-22-000-cyberpanel-instances/
Windows Themes Files Spoofing CVE-2024-38030
https://blog.0patch.com/2024/10/we-patched-cve-2024-38030-found-another.html
QNAP Patches CVE-2024-50388, CVE-2024-50387
https://www.qnap.com/en/security-advisory/qsa-24-41
Facebook Malvertising
https://www.bitdefender.com/en-us/blog/labs/unmasking-the-sys01-infostealer-threat-bitdefender-labs-tracks-global-malvertising-campaign-targeting-meta-business-pages/
- Luisteren Nogmaals beluisteren Doorgaan Wordt afgespeeld...
- Later beluisteren Later beluisteren
ISC StormCast for Wednesday, October 30th, 2024
30 okt· SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Critical RCE Vulnerabilty in Cyberpanel
https://dreyand.rs/code/review/2024/10/27/what-are-my-options-cyberpanel-v236-pre-auth-rce
Spring WebFlux Vulnerability
https://access.redhat.com/security/cve/cve-2024-38821
https://spring.io/security/cve-2024-38821
Inbound SMTP DANE with DNSSEC for Exchange Online
https://techcommunity.microsoft.com/t5/exchange-team-blog/announcing-general-availability-of-inbound-smtp-dane-with-dnssec/ba-p/4281292
HeptaX: Unauthorized RDP Connections for Cyberespionage Operations
https://cyble.com/blog/heptax-unauthorized-rdp-connections-for-cyberespionage-operations/
- Luisteren Nogmaals beluisteren Doorgaan Wordt afgespeeld...
- Later beluisteren Later beluisteren
ISC StormCast for Tuesday, October 29th, 2024
29 okt· SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Apple Update Everything
https://isc.sans.edu/diary/Apple%20Updates%20Everything/31390
Selfcontained HTML Phishing Attachment Using Telegram to Exfiltrate Credentials
https://isc.sans.edu/diary/Selfcontained+HTML+phishing+attachment+using+Telegram+to+exfiltrate+stolen+credentials/31388/
ChatGPT-4o Guardrail Jailbreak: Hex Encoding for Writing CVE Exploits
https://0din.ai/blog/chatgpt-4o-guardrail-jailbreak-hex-encoding-for-writing-cve-exploits
- Luisteren Nogmaals beluisteren Doorgaan Wordt afgespeeld...
- Later beluisteren Later beluisteren
ISC StormCast for Monday, October 28th, 2024
28 okt· SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Two currently (old) exploited Ivanti vulnerabilities
https://isc.sans.edu/diary/Two%20currently%20%28old%29%20exploited%20Ivanti%20vulnerabilities/31384
Arcadyan FMIMG51AX000J (WiFi Alliance) RCE CVE-2024-41992
https://ssd-disclosure.com/ssd-advisory-arcadyan-fmimg51ax000j-wifi-alliance-rce/
Okta iOS App Vulnerability CVE-2024-10327
https://trust.okta.com/security-advisories/okta-verify-for-ios-cve-2024-10327/
Threat Alert TeamTNT's docker gatling gun campaign
https://www.aquasec.com/blog/threat-alert-teamtnts-docker-gatling-gun-campaign/
- Luisteren Nogmaals beluisteren Doorgaan Wordt afgespeeld...
- Later beluisteren Later beluisteren
ISC StormCast for Friday, October 25th, 2024
25 okt· SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Development Features Enabled in Production
https://isc.sans.edu/diary/Development%20Features%20Enabled%20in%20Prodcution/31380
Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials
https://blog.talosintelligence.com/large-scale-brute-force-activity-targeting-vpns-ssh-services-with-commonly-used-login-credentials/
Cisco Secure Firewall Management Center Software Command Injection Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-v3AWDqN7
Exposing the Danger Within: Hardcoded Cloud Credentials in Popular Mobile Apps
https://www.security.com/threat-intelligence/exposing-danger-within-hardcoded-cloud-credentials-popular-mobile-apps
- Luisteren Nogmaals beluisteren Doorgaan Wordt afgespeeld...
- Later beluisteren Later beluisteren
ISC StormCast for Thursday, October 24th, 2024
24 okt· SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Everybody Loves Bash Scripts Including Attackers
https://isc.sans.edu/diary/Everybody%20Loves%20Bash%20Scripts.%20Including%20Attackers./31376
Fortimanager Exploited Vulnerability
https://www.fortiguard.com/psirt/FG-IR-24-423
Sharepoint Exploit
https://www.cisa.gov/news-events/alerts/2024/10/22/cisa-adds-one-known-exploited-vulnerability-catalog
https://github.com/testanull/MS-SharePoint-July-Patch-RCE-PoC
OpenSSL Vulnerability
https://openssl-library.org/news/secadv/20241016.txt
Reduced Certificate Lifetime
https://github.com/cabforum/servercert/pull/553
- Luisteren Nogmaals beluisteren Doorgaan Wordt afgespeeld...
- Later beluisteren Later beluisteren
ISC StormCast for Wednesday, October 23rd, 2024
23 okt· SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
How much HTTP (not HTTPS) Traffic is Traversing Your Perimeter?
https://isc.sans.edu/diary/How%20much%20HTTP%20%28not%20HTTPS%29%20Traffic%20is%20Traversing%20Your%20Perimeter%3F/31372
VMSA-2024-0019:VMware vCenter Server updates address heap-overflow and privilege escalation vulnerabilities (CVE-2024-38812, CVE-2024-38813)
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968
Unifi Security Advisory Bulletin 043
https://community.ui.com/releases/Security-Advisory-Bulletin-043-043/28e45c75-314e-4f07-a4f3-d17f67bd53f7
Fake attachment. Roundcube mail server attacks exploit CVE-2024-37383 vulnerability.
https://global.ptsecurity.com/analytics/pt-esc-threat-intelligence/fake-attachment-roundcube-mail-server-attacks-exploit-cve-2024-37383-vulnerability
Atlassian Security Bulletin - October 15 2024
https://confluence.atlassian.com/security/security-bulletin-october-15-2024-1442910972.html
OneDev Arbitrary file reading for unauthenticated user
https://github.com/theonedev/onedev/security/advisories/GHSA-7wg5-6864-v489
- Luisteren Nogmaals beluisteren Doorgaan Wordt afgespeeld...
- Later beluisteren Later beluisteren
ISC StormCast for Tuesday, October 22nd, 2024
22 okt· SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
A Network Nerd's Take on Emergency Preparedness
https://isc.sans.edu/diary/A%20Network%20Nerd%27s%20Take%20on%20Emergency%20Preparedness/31356
HM Surf Vulnerability Access to Camera Exploited CVE-2024-44133
https://www.microsoft.com/en-us/security/blog/2024/10/17/new-macos-vulnerability-hm-surf-could-lead-to-unauthorized-data-access/
Fortinet releases patches for undisclosed critical FortiManager vulnerability
https://www.helpnetsecurity.com/2024/10/21/fortimanager-critical-vulnerability/
ScienceLogic Vulnerability
https://rackspace.service-now.com/system_status?id=detailed_status&service=4dafca5a87f41610568b206f8bbb35a6
https://docs.sciencelogic.com/latest/Content/Web_Admin_and_Accounts/System_Administration/sys_admin_system_upgrade.htm
- Luisteren Nogmaals beluisteren Doorgaan Wordt afgespeeld...
- Later beluisteren Later beluisteren
ISC StormCast for Monday, October 21st, 2024
21 okt· SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Microsoft 365: Partially incomplete log data due to monitoring agent issue
https://m365admin.handsontek.net/multiple-services-partially-incomplete-log-data-due-to-monitoring-agent-issue/
End-to-End Encrytped Cloud Storage in the Wild: A Broken Ecosystem
https://brokencloudstorage.info/paper.pdf
ESET Branded Malware
https://x.com/ESETresearch/status/1847192384448172387
Synology Update
https://www.synology.com/en-us/security/advisory/Synology_SA_24_17
Spring Framework Update CVe-2024-38819 CVE-2024-38820
https://spring.io/blog/2024/10/17/spring-framework-cve-2024-38819-and-cve-2024-38820-published
Grafana Security Release CVE-2024-9264
https://grafana.com/blog/2024/10/17/grafana-security-release-critical-severity-fix-for-cve-2024-9264/
- Luisteren Nogmaals beluisteren Doorgaan Wordt afgespeeld...
- Later beluisteren Later beluisteren
ISC StormCast for Friday, October 18th, 2024
18 okt· SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Scanning Activity from Subnet 15.184.0.0/16.
https://isc.sans.edu/diary/Scanning%20Activity%20from%20Subnet%2015.184.0.0%2016/31362
Gatekeeper Bypass
/unit42.paloaltonetworks.com/gatekeeper-bypass-macos/
Oracle Critical Patch Update
https://www.oracle.com/security-alerts/cpuoct2024.html
Cisco ATA 190 Series Analog Telephone Adapter Firmware Vulnerabilities
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ata19x-multi-RDTEqRsy
SAP Vulnerability
https://redrays.io/blog/poc-sap-note-3433192-code-injection-vulnerability-in-sap-netweaver-as-java/
Dept. of Commerce Sites Advertising Medication
https://x.com/tliston/status/1833542884047654984
- Luisteren Nogmaals beluisteren Doorgaan Wordt afgespeeld...
- Later beluisteren Later beluisteren
ISC StormCast for Thursday, October 17th, 2024
17 okt· SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
The Top 10 Not So Common SSH Usernames and Passwords
https://isc.sans.edu/diary/The%20Top%2010%20Not%20So%20Common%20SSH%20Usernames%20and%20Passwords/31360
CISA Product Security Bad Practices
https://www.cisa.gov/resources-tools/resources/product-security-bad-practices
Kubernetes Image Builder Vulnerability CVE-2024-9486 CVE-2024-9594
https://discuss.kubernetes.io/t/security-advisory-cve-2024-9486-and-cve-2024-9594-vm-images-built-with-kubernetes-image-builder-use-default-credentials/30119
Solarwinds Hardcoded Password Exploited CVE-2024-28987
https://www.bleepingcomputer.com/news/security/solarwinds-web-help-desk-flaw-is-now-exploited-in-attacks/
Bypassing noexec and executing arbitrary binaries
https://iq.thc.org/bypassing-noexec-and-executing-arbitrary-binaries
Workshop Website:
https://www.sansapi.com/
https://www.sansapi.com/docs
- Luisteren Nogmaals beluisteren Doorgaan Wordt afgespeeld...
- Later beluisteren Later beluisteren
ISC StormCast for Wednesday, October 16th, 2024
16 okt· SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Angular-base64-upload Demo Script Exploited
https://isc.sans.edu/diary/Angular-base64-upload%20Demo%20Script%20Exploited%20%28CVE-2024-42640%29/31354
Quantum Annealing Public Key Cryptographic Attack Algorithm Based on D-Wave Advantage
http://cjc.ict.ac.cn/online/onlinepaper/wc-202458160402.pdf
EDRSilencer
https://github.com/netero1010/EDRSilencer
Synchronizing Passkeys
https://fidoalliance.org/specifications-credential-exchange-specifications/
- Luisteren Nogmaals beluisteren Doorgaan Wordt afgespeeld...
- Later beluisteren Later beluisteren
ISC StormCast for Tuesday, October 15th, 2024
15 okt· SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Phishing Page Delivered Through a Blob URL
https://isc.sans.edu/diary/Phishing%20Page%20Delivered%20Through%20a%20%20Blob%20URL/31350
Fortinet Fortigate CVE 2024-23113 deep dive
https://labs.watchtowr.com/fortinet-fortigate-cve-2024-23113-a-super-complex-vulnerability-in-a-super-secure-appliance-in-2024/
This New Supply Chain Attack Technique Can Trojanize All Your CLI Commands
https://checkmarx.com/blog/this-new-supply-chain-attack-technique-can-trojanize-all-your-cli-commands/
- Luisteren Nogmaals beluisteren Doorgaan Wordt afgespeeld...
- Later beluisteren Later beluisteren
ISC StormCast for Monday, October 14th, 2024
14 okt· SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Windows PPTP and L2TP Deprecation
https://techcommunity.microsoft.com/t5/windows-server-news-and-best/pptp-and-l2tp-deprecation-a-new-era-of-secure-connectivity/ba-p/4263956
BIG-IP LTM Systems Unencrypted Cookie Exploitation
https://www.cisa.gov/news-events/alerts/2024/10/10/best-practices-configure-big-ip-ltm-systems-encrypt-http-persistence-cookies
https://www.welivesecurity.com/en/eset-research/telekopye-hits-new-hunting-ground-hotel-booking-scams/
https://www.welivesecurity.com/en/eset-research/telekopye-hits-new-hunting-ground-hotel-booking-scams/
- Luisteren Nogmaals beluisteren Doorgaan Wordt afgespeeld...
- Later beluisteren Later beluisteren
ISC StormCast for Friday, October 11th, 2024
11 okt· SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Palo Alto Expedition: From N-Day to Full Compromise
https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/
Firefox 0-Day
https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/
GitLab Vulnerabilities Patched
https://securityonline.info/cve-2024-9164-cvss-9-6-gitlab-users-urged-to-update-now/
- Luisteren Nogmaals beluisteren Doorgaan Wordt afgespeeld...
- Later beluisteren Later beluisteren
ISC StormCast for Thursday, October 10th, 2024
10 okt· SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
From Perfctl to InfoStealer
https://isc.sans.edu/diary/From%20Perfctl%20to%20InfoStealer/31334
Wazuh Abused by Miner Campaign
https://securelist.com/miner-campaign-misuses-open-source-siem-agent/114022/
USB Sticks Still Bridge Airgaps
https://www.welivesecurity.com/en/eset-research/mind-air-gap-goldenjackal-gooses-government-guardrails/
Fortigate Vulnerability now being exploited
https://nvd.nist.gov/vuln/detail/CVE-2024-23113
- Luisteren Nogmaals beluisteren Doorgaan Wordt afgespeeld...
- Later beluisteren Later beluisteren
ISC StormCast for Wednesday, October 9th, 2024
9 okt· SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Microsoft Patch Tuesday - October 2024
https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20-%20October%202024/31336
Adobe Patches
https://helpx.adobe.com/security/security-bulletin.html
The Disappearance of an Internet Domain
https://every.to/p/the-disappearance-of-an-internet-domain
- Luisteren Nogmaals beluisteren Doorgaan Wordt afgespeeld...
- Later beluisteren Later beluisteren
Laat meer zien

Afleveringen

ISC StormCast for Wednesday, November 6th, 2024

ISC StormCast for Tuesday, November 5th, 2024

ISC StormCast for Monday, November 4th, 2024

ISC StormCast for Thursday, October 31st, 2024

ISC StormCast for Wednesday, October 30th, 2024

ISC StormCast for Tuesday, October 29th, 2024

ISC StormCast for Monday, October 28th, 2024

ISC StormCast for Friday, October 25th, 2024

ISC StormCast for Thursday, October 24th, 2024

ISC StormCast for Tuesday, October 22nd, 2024

ISC StormCast for Monday, October 21st, 2024

ISC StormCast for Friday, October 18th, 2024

ISC StormCast for Thursday, October 17th, 2024

ISC StormCast for Wednesday, October 16th, 2024

ISC StormCast for Tuesday, October 15th, 2024

ISC StormCast for Monday, October 14th, 2024

ISC StormCast for Friday, October 11th, 2024

ISC StormCast for Thursday, October 10th, 2024

ISC StormCast for Wednesday, October 9th, 2024