Thursday, May 19, 2022
SANS ISC

ISC StormCast for Thursday, May 19th, 2022

VMWare Flaws https://core.vmware.com/vmsa-2022-0014-questions-answers-faq https://blog.barracuda.com/2022/05/17/threat-spotlight-attempts-to-exploit-new-vmware-vulnerabilities/ Tesla BLE Proximity Authentication Vulnerable to
The CyberWire Podcast

CISA Alert AA22-138A – Threat Actors Exploiting F5 BIG-IP CVE-2022-1388.

CISA and the Multi-State Information Sharing & Analysis Center (MS-ISAC), are releasing this joint Cybersecurity Advisory in response to active exploitation of CVE-2022-1388. This vulnerability is a critical iControl REST authentication...

S3 Ep83: Cracking passwords, patching Firefox, and Apple vulns

What does the word "non-commensurate" mean? When is cracking passwords legal? Why did Firefox get patched? Which computer needed dropping onto the desk? Why wasn't this 0-day listed in every Apple update? Did Duck get spammed, or was it...
Smashing Security

275: Jail for Bing, and mental health apps may not be good for you

A man hacks his employer to prove its security sucks, Telegram provides a helping hand to the Eternity Project malware, and what the heck do mental health apps think they're up...
The CyberWire Podcast

Privateering goes fully political. Compromised robots? Conti’s campaign against Costa Rica. Cyberconflict along the Nile. A reset in the cyber insurance market.

Chaos ransomware group declares for Russia. Hacktivists claim to have compromised Russian-manufactured ground surveillance robots. Conti's ongoing campaign against Costa Rica. The claimed "international" cyberattack against Nile dam was stopped. Rick...
SANS ISC

ISC StormCast for Wednesday, May 18th, 2022

Use Your Browser Internal Password Vault... or Not? https://isc.sans.edu/forums/diary/Use+Your+Browser+Internal+Password+Vault+or+Not/28658/ SQL
Security Weekly

SWN #213 – "Brushing", CISA, Nebuchadnezzar, Lianjia, iPhone, Leaky Sites, & Elon Balks

Dr. Doug talks: Elon balking, CISA, Nebuchadnezzar, Lianjia, iPhone hacks leaky sites, the EU, and Chinese fraud reports, along with Jason Wood on this episode of the Security Weekly News! Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us...
risky.biz

Risky Biz Soap Box: While you're watching a quiet one a noisy one will kill you

In this Soap Box edition of the show Proofpoint’s EVP of...
Security Now

SN 871: The New EU Surveillance State – Eventful Patch Tuesday, Open Source Maintenance Crew, BIG-IP Boxes

Picture of the Week. An "eventful" Patch Tuesday. Patch Tuesday. Apple patched a 0-day. Google's "Open Source Maintenance Crew". Conti suggests overthrowing the new Costa Rican government. Policing the Google Play Store. The situation has grown more dire...
The CyberWire Podcast

CISA Alert AA22-137A – Weak security controls and practices routinely exploited for initial access. [CISA Alerts]

This joint cybersecurity advisory was coauthored by the cybersecurity authorities of the US, Canada, New Zealand, the Netherlands, and the UK. Cyber actors routinely exploit poor security configurations, weak controls, and...
The CyberWire Podcast

Russian cyber threats and NATO’s Article 5. Conti says it’s going to bring Cost Rica to its knees. BLE proof-of-concept hack. CISA warns of initial access methods. Thanos proprietor indicted.

An assessment of the Russian cyber threat. NATO's Article 5 in cyberspace. Conti's ransomware attack against Costa Rica spreads, in scope and effect. Bluetooth vulnerabilities demonstrated in proof-of-concept. CISA and its...
DtSR Podcast

DtSR Episode 501 – Netskope's Bad SaaS Report

Prologue This week, on the first post-500 episode, we welcome Netskope's Ray Canzanese to talk about the Cloud & Threat Report they just published ( https://www.netskope.com/netskope-threat-labs/cloud-threat-report ) which has some interesting bits in it. Ray discusses the details...

Shred with George Gerchow

For those unfamiliar with the snowboarding slang term Shred, it means “to ride with exceptional speed, ability, or enthusiasm, especially in difficult terrain and conditions”.Sumo Logic’s CSO, George Gerchow, applies this methodology whether it’s by way of Board, or...
Darknet Diaries

117: Daniel the Paladin

Daniel Kelly (https://twitter.com/danielmakelley) was equal parts mischievousness and clever when it came to computers. Until the day his mischief overtook his cleverness.SponsorsSupport for this show comes from Keeper Security. Keeper Security’s...
SANS ISC

ISC StormCast for Tuesday, May 17th, 2022

Apple Patches Everything https://isc.sans.edu/forums/diary/Apple+Patches+Everything/28654/ Evil Never Sleeps: When Wireless Malware
Unsuperivsed Learning Podcast

News & Analysis | NO. 331

Support the show: https://danielmiessler.com/support/See omnystudio.com/listener for privacy information.
The CyberWire Podcast

Users advised to patch actively exploited Zyxel vulnerability. Hacktivism and influence ops in Russia’s hybrid war. Ransomware notes. Indiscriminate hacktivism? Alt-coin sanctions case will proceed.

Users are advised to patch Zyxel firewalls. Battlefield failure and popular morale in Russia’s hybrid war. Nuisance-level hacktivism in the hybrid war. Sweden and Finland move closer to NATO membership; concern...
The Shared Security Podcast

FBI Warrantless Searches, Passwordless Sign-Ins, Keylogging Web Forms

The FBI searched emails, texts and other electronic communications of 3.4 million U.S. residents without a warrant, Apple, Google, and Microsoft have announced they will support a new passwordless sign-in standard created by the FIDO Alliance and the World...
SANS ISC

ISC StormCast for Monday, May 16th, 2022

From 0-Day to Mirai: 7 days of BIG-IP Exploits https://isc.sans.edu/forums/diary/From+0Day+to+Mirai+7+days+of+BIGIP+Exploits/28644/
Open Source Security Podcast

Episode 323 – The fake 7-Zip vulnerability and SBOM

Josh and Kurt talk about a fake 7-Zip security report. It's pretty clear that everyone is running open source all the time. We end on some thoughts around what SBOM is good for, and who should be responsible for...
The Hacker News

New Bluetooth Hack Could Let Attackers Remotely Unlock Smart Locks and Cars

A novel Bluetooth relay attack can let cybercriminals more easily than ever remotely unlock and operate cars, break open residential smart locks, and breach secure areas. The vulnerability has to do with weaknesses in the current implementation of Bluetooth Low Energy (BLE),...
SecurityWeek

Phishers Add Chatbot to the Phishing Lure

Researchers have discovered a new approach being taken by phishers to increase victim engagement and confidence: the addition of an interactive chatbot. We have all become accustomed to the chatbots used by many of the largest service providers –...
SecurityWeek

QuSecure Lauches Quantum-Resilient Encryption Platform

New firm launches to provide the Easy Button for implementing quantum secure encryption The pressure to implement quantum secure encryption is increasing. This isn’t because functioning quantum computers able to crack asymmetric encryption are expected tomorrow, but because of the...
The Register

Iran, China-linked gangs join Putin’s disinformation war online

They're using the invasion 'to take aim at the usual adversaries,' Mandiant told The Reg Pro-Beijing and Iran miscreants are using the war in Ukraine to spread disinformation that supports these countries' political interests — namely, advancing anti-Western narratives...
ZDNet

Cyberattacks and misinformation activity against Ukraine continues say security researchers

Malware and fake news continues, says Mandiant.