Thursday, June 1, 2023
SANS ISC

ISC StormCast for Thursday, June 1st, 2023

Apache NiFi Attacks https://isc.sans.edu/diary/Your%20Business%20Data%20and%20Machine%20Learning%20at%20Risk%3A%20Attacks%20Against%20Apache%20NiFi/29900 Gigabyte App Center Backdoor; https://eclypsium.com/blog/supply-chain-risk-from-gigabyte-app-center-backdoor/ Salesforce
Smashing Security

.ZIP domains, AI lies, and did social media inflame a riot?

ChatGPT hallucinations cause turbulence in court, a riot in Wales may have been ignited on social media, and do you think .MOV is a good top-level domain for "a website that moves you"?All this and much much more is...
The CyberWire Podcast

Two RAT infestations. Ghosts of sites past. Trends in identity security. Detecting deepfakes may prove more difficult than you think.

SeroXen is a new elusive evolution of the Quasar RAT that seems to live up to its hype, and DogeRAT is a cheap Trojan targeting Indian Android users. Salesforce ghost sites...
Security Weekly

Career Ladders In Information Security – Marc French – BSW Vault

Check out this interview from the BSW VAULT, hand picked by main host Matt Alderman! This segment was originally published on June 8, 2020.  Marc French has more than 25 years of technology experience in engineering, operations, product management,...
Security Weekly

Career Ladders In Information Security – Marc French – BSW Vault

Check out this interview from the BSW VAULT, hand picked by main host Matt Alderman! This segment was originally published on June 8, 2020. Marc French has more than 25 years of technology experience in engineering, operations, product management,...
SANS ISC

ISC StormCast for Wednesday, May 31st, 2023

Malspam Pushes ModiLoader Infection for Remocs Rat https://isc.sans.edu/diary/Malspam%20pushes%20ModiLoader%20%28DBatLoader%29%20infection%20for%20Remcos%20RAT/29896 MacOS SIP
Security Now

SN 925: Brave's Brilliant Off the Record Request – .ZIP TLD, Bitwarden Passkey support, PyPi

Picture of the Week. HP = "Huge Pile" The ".ZIP" TLD — What could possibly go wrong? PyPI gets more serious about security AND privacy. "No logs saved anywhere"??? Twitter in the EU? Bitwarden's support for Passkeys. A...
risky.biz

Risky Business #708 – China's lolbin-powered adventures in US critical infrastructure

On this week’s show Patrick Gray and Adam Boileau discuss the...
The CyberWire Podcast

Mirai’s new variant targets IoT devices. Volt Typhoon investigation continues. Hacktivism in Senegal. Lessons learned from Ukraine.

New Mirai malware uses low-complexity exploits to expand its botnet in IoT devices. The latest on Volt Typhoon. DDoS hits government sites in Senegal. The Pentagon's cyber strategy incorporates lessons from...
SANS ISC

ISC StormCast for Tuesday, May 30th, 2023

Analyzing Office Documents Embedded Inside PowerPoint Files https://isc.sans.edu/diary/Analyzing%20Office%20Documents%20Embedded%20Inside%20PPT%20%28PowerPoint%29%20Files/29894 DocuSign Themed
The Shared Security Podcast

Meta’s $1.3 Billion Fine, AI Hoax Hysteria, Montana’s TikTok Ban

In this episode, we discuss Meta’s record-breaking $1.3 billion fine by the EU for unlawfully transferring user data, shedding light on the increasing risks faced by tech companies in violating privacy rules. Highly realistic images of a Pentagon explosion went...
Open Source Security Podcast

Episode 377 – The world is changing too fast for humans to understand

Josh and Kurt talk about PyPI suspending new accounts and packages for a day, and a 60 minutes story about deepfakes. The problems are mostly the same, but for very different reasons. The world is changing faster than we...

Weekly Update 349

Presently sponsored by: Kolide can get your cross-platform fleet to 100% compliance. It's Zero Trust for Okta. Want to see for yourself? Book a demo.This week's update is dominated by my experience with "Lena", the scammer from Gumtree who...

Bsides Seattle and Austin, SecureBoot patch, and more

BrakeSec Show Outline – No Guest   Show Topic Summary (less than 300 words) Bsides Seattle and Bsides Austin ...
The CyberWire Podcast

CosmicEnergy: OT and ICS malware from Russia, maybe for red teaming. Updates on Volt Typhoon. Legion malware upgraded for the cloud. Natural-disaster-themed online fraud.

CosmicEnergy is OT and ICS malware from Russia, maybe for red teaming, maybe for attack. Updates on Volt Typhoon, China’s battlespace preparation in Guam and elsewhere. In the criminal underworld, Legion...
Security Weekly

SWN #301 – Brain Implants, Volt Typhoon, CosmicEnergy, OAuth, ILoveYou , Aaran Leyland, and More

Ferret Legging, Elon's Brain Implants, Volt Typhoon, CosmicEnergy, OAuth, ILoveYou (and that's not just the Molly talking), Aaran Leyland, and More on this episode of the Security Weekly News.   Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on...
7 minute security

7MS #573: Securing Your Mental Health – Part 4

Today we're talking about reducing anxiety by hacking your mental health with these tips: Using personal automation to text people important reminders Using Remind to create a personal communication "class" with your family members Using Smartsheet (not a sponsor) to create daily...

Shadow Warrior with Ric Prado

In the covert world of intelligence and espionage, where shadows merge with reality, there exists a select group of individuals who operate on the razor's edge between life and death. Among them is a man named Ric Prado, AKA...
SANS ISC

ISC StormCast for Friday, May 26th, 2023

IR Case/Alert Management https://isc.sans.edu/diary/IR%20Case%20Alert%20Management/29880 Exploit for CVE-2023-2825 GitLab Vulnerability https://github.com/Occamsec/CVE-2023-2825
Security Weekly

ESW #319 – Amitai Ratzon, Steve Ragan, Deepika Chauhan, Thomas Kinsella, Jon Check

On this edition of the ESW news, we're all over the place! Funding and acquisitions are a little sad right now, but AI and TikTok bans raise our spirits. The hosts are split on feelings about the new .zip...
The Register

Ukraine war blurs lines between cyber-crims and state-sponsored attackers

This RomCom is no laughing matter A change in the deployment of the RomCom malware strain has illustrated the blurring distinction between cyberattacks motivated by money and those fueled by geopolitics, in this case Russia's illegal invasion of Ukraine,...
SC Magazine

We need to refine and secure AI, not turn our backs on the technology 

While the potential poisoning of ChatGPT raises some concerns, we need to take this threat as an opportunity to better refine and secure emerging AI models.
The Hacker News

Active Mirai Botnet Variant Exploiting Zyxel Devices for DDoS Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw in Zyxel gear to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-28771 (CVSS score: 9.8), the issue relates to a command injection flaw impacting...
The Hacker News

Urgent WordPress Update Fixes Critical Flaw in Jetpack Plugin on Million of Sites

WordPress has issued an automatic update to address a critical flaw in the Jetpack plugin that’s installed on over five million sites. The vulnerability, which was unearthed during an internal security audit, resides in an API present in the plugin since version 2.0,...
The Register

Dark Pink cyber-spies add info stealers to their arsenal, notch up more victims

Not to be confused with K-Pop sensation BLACKPINK, gang pops military, govt and education orgs Dark Pink, a suspected nation-state-sponsored cyber-espionage group, has expanded its list of targeted organizations, both geographically and by sector, and has carried out at...