ISC StormCast for Thursday, October 1st 2020
Scans for FPURL.xml: Reconnaissance or Not?https://isc.sans.edu/forums/diary/Scans+for+FPURLxml+Reconnaissance+or+Not/26622/ HP Device Manager Backdoorhttps://support.hp.com/us-en/document/c06921908https://www.theregister.com/2020/09/30/hp_device_manager_backdoor_database_account/
198: Chucky the coffee maker
Coffee machines catching ransomware, Blacklight shines a torch on website tracking, and a woman is freaked out that a complete stranger can turn off her home's security system.
All this and much much more is discussed in the latest edition...
That’s Where the Lemons Go – SCW #45
This week, we welcome Liam Downward, CEO at CYRISMA, to talk about Data Centric Security! In our second segment, Jeff, Josh, Scott, John, and Liam discuss Vulnerability Management & the Art of Prioritization of Risk! Show Notes: https://wiki.securityweekly.com/scw45...
Opportunistic paydays and soft targets. Crooks use captchas and padlocks, too. Protecting against Zerologon. A microelectronics strategy.
Ransomware gangs continue to look for an opportunistic payday. Another exposed database is found, and secured. Captchas and padlock icons have their place, but they’re not a guarantee of security. Microsoft explains how to reduce exposure to Zerologon. The...
ISC StormCast for Wednesday, September 30th 2020
Managing Remote Access for Contractors and Partnershttps://isc.sans.edu/forums/diary/Managing+Remote+Access+for+Partners+Contractors/26614/#comments Updated Windows ZeroLogon
SN 786: ZeroLogon++ – Amazon Flying Security Cam, ZeroLogon on GitHub, Ransomware Roundup
Amazon flying security cam, ZeroLogon on GitHub, ransomware roundup.
What could possibly go wrong: Amazon/Ring's autonomous flying home security webcam
Evil ransomware gang deposited $1 million of bitcoin in a hacker recruitment drive
Over this past weekend, Universal Health Services was hit...
Risky Biz special guest: Former Australian Prime Minister Malcolm Turnbull
This edition of the show is brought to you with the assistance the Hewlett Foundation, which awarded us a grant so we could do these policy-focussed podcasts.
Malcolm Bligh Turnbull served as a member of Parliament from 2004 until 2018,...
Joker Trojan, Microsoft Outage, & Alien Android Trojan – SWN #69
This week, Dr. Doug discusses the Microsoft outage, Jokers wild, Alien Forking at Android, Ryuk, United Health, possessed coffee makers, and Jason Wood joins us for Expert Commentary to talk about REvil Ransomware! Show Notes: https://wiki.securityweekly.com/swn69 Visit https://www.securityweekly.com/swn...
Ransomware versus shipping, hospitals, and schools. Cyberattacks’ growing sophistication. An interim rule enables implementation of the US Defense Department’s CMMC program.
Three (count ‘em) three big ransomware attacks are in progress. One of them has moved into its doxing phase. Microsoft resolves authentication problems that briefly disrupted services yesterday. Tracking trends in cyberattacks--the sophistication seems to lie in the execution....
Necessary Evil – BSW #189
This week, we welcome Ryan Benson, Director of Service Offerings at deepwatch, to discuss the State of the Managed Detection & Response Market! In the Leadership and Communications section, 6 types of CISO and the companies they thrive in,...
75: Compromised Comms
From 2009 to 2013 the communication channels the CIA uses to contact assets in foreign countries was compromised. This had terrifying consequences.
Guests this episodes are Jenna McLaughlin and Zach Dorfman.
Sponsors
This episode was sponsored by IT Pro TV. Get 65 hours of free...
Targeted Attacks Part 2 – Pretexting and Attack Development
In our September monthly episode we continue our three part series on targeted attack. In this episode we discuss the pretext and how attackers develop and launch their attacks with special guests Nathan Sweaney, Senior Security Consultant at Secure...
DtSR Episode 414 – TPA Rick Howard’s Almost Retirement
Prologue: This week on episode 414 of the podcast, I'm joined by Rick Howard who just retired ... no, wait ... scratch that, almost retired from Palo Alto Networks after a fantastic run. Rick tells the story of how...
ISC StormCast for Tuesday, September 29th 2020
Some Tyler Technologies Customers Targeted after Breachhttps://isc.sans.edu/forums/diary/Some+Tyler+Technologies+Customers+Targeted+with+The+Installation+of+a+Bomgar+Client/26610/ Obfuscated PowerShell Backdoorhttps://isc.sans.edu/forums/diary/PowerShell+Backdoor+Launched+from+a+ShellCode/26602/
2020-035-ransomware death in Germany, Zerologon woes, drovorub, and corp data on personal devices
FIND US NOW ON AMAZON MUSIC! https://music.amazon.com/podcasts/51b7da82-c223-4de4-8fc1-d1c3dd61984a/Brakeing-Down-Security-Podcast Shout to the organizers of Bsides Edmonton, Alberta, Canada for a great conference! Amanda’s social media take over this week Bryan's plumbing story (A tale of 3 toilets) https://www.infosecurity-magazine.com/news/corporate-data-on-personal-devices/ ...
Hot Off the Press – ASW #123
This week, Mike, Matt, and John talk about The Difference Between Finding Vulns & Securing Apps! In the Application Security News, 6 Things to Know About the Microsoft 'Zerologon' Flaw, You can bypass TikTok's MFA by logging in via...
Will no one rid me of this turbulent newsletter? US court delays TikTok ban. Microsoft takes down cyberespionage operation. Huawei’s CFO gets another day in court. REvil recruits.
The TikTok ban has been delayed; the November goal for the company’s change in ownership still stands, at least for now. Microsoft takes down infrastructure used by a Chinese cyberespionage group. Huawei’s CFO returns to court in Vancouver. The...
News & Analysis | No. 248
Everyday Threat Modeling, Why I Like TikTok So Much, Windows XP Leak, SSH 8.4, Renée DiResta's Latest, Student Visas Changes, Cisco IOS Vulns, QAonon Gamification, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…
Support...
Death by Ransomware, Strava Flyby, iOS 14 Privacy Improvements
In episode 140 for September 28th 2020: Details on the first human death related to a ransomware attack, popular fitness app Strava is caught giving away your location data to strangers, and the top privacy improvements in Apple iOS...
ISC StormCast for Monday, September 28th 2020
Securing Exchange Onlinehttps://isc.sans.edu/forums/diary/Securing+Exchange+Online+Guest+Diary/26600/ Decoding Corrupt BASE64https://isc.sans.edu/forums/diary/Decoding+Corrupt+BASE64+Strings/26606/ Fortinet VPN Default Setting
#DTXNOW: Time to Remove Security from IT
#DTXNOW: Time to Remove Security from IT
Speaking on a session titled “Is top level security possible on a shoestring budget?” as part of Digital Transformation Expo, security specialists were asked by moderator Jeremy White what their top tips were...
HP Offering Big Rewards for Cartridge Vulnerabilities
HP announced on Thursday that it has expanded its bug bounty program, inviting several white hat hackers to find vulnerabilities in its office-class ink and toner cartridges.
read more
Phishing pages leverage CAPTCHAs to fool users, evade detection
Cyberattackers targeting the hospitality industry were recently observed using a phishing page that featured CAPTCHA technology as a way to elude detection, as well as to give potential victims a false sense of security that the malicious site was...
#DTXNOW: Managing Uncertainty to Build Lasting Resilience in Security Teams
#DTXNOW: Managing Uncertainty to Build Lasting Resilience in Security Teams
IT and security teams must learn how to navigate to uncertain environments in order to build lasting resilience, according to Jordan Schroeder, deputy MD & managing CISO at Hefestis, speaking...
InterPlanetary Storm: Cross-platform P2P botnet infects computers and IoT devices
IoT botnets have come a long way since Mirai showed its devastating potential in 2016 with distributed denial-of-server attacks that exceeded in strength anything seen before then. Myriad malware programs now infect poorly secured or vulnerable routers, IP cameras,...
