ISC StormCast for Thursday, May 19th, 2022
VMWare Flaws https://core.vmware.com/vmsa-2022-0014-questions-answers-faq https://blog.barracuda.com/2022/05/17/threat-spotlight-attempts-to-exploit-new-vmware-vulnerabilities/ Tesla BLE Proximity Authentication Vulnerable to
CISA Alert AA22-138A – Threat Actors Exploiting F5 BIG-IP CVE-2022-1388.
CISA and the Multi-State Information Sharing & Analysis Center (MS-ISAC), are releasing this joint Cybersecurity Advisory in response to active exploitation of CVE-2022-1388. This vulnerability is a critical iControl REST authentication...
S3 Ep83: Cracking passwords, patching Firefox, and Apple vulns
What does the word "non-commensurate" mean? When is cracking passwords legal? Why did Firefox get patched? Which computer needed dropping onto the desk? Why wasn't this 0-day listed in every Apple update? Did Duck get spammed, or was it...
275: Jail for Bing, and mental health apps may not be good for you
A man hacks his employer to prove its security sucks, Telegram provides a helping hand to the Eternity Project malware, and what the heck do mental health apps think they're up...
Privateering goes fully political. Compromised robots? Conti’s campaign against Costa Rica. Cyberconflict along the Nile. A reset in the cyber insurance market.
Chaos ransomware group declares for Russia. Hacktivists claim to have compromised Russian-manufactured ground surveillance robots. Conti's ongoing campaign against Costa Rica. The claimed "international" cyberattack against Nile dam was stopped. Rick...
ISC StormCast for Wednesday, May 18th, 2022
Use Your Browser Internal Password Vault... or Not? https://isc.sans.edu/forums/diary/Use+Your+Browser+Internal+Password+Vault+or+Not/28658/ SQL
SWN #213 – "Brushing", CISA, Nebuchadnezzar, Lianjia, iPhone, Leaky Sites, & Elon Balks
Dr. Doug talks: Elon balking, CISA, Nebuchadnezzar, Lianjia, iPhone hacks leaky sites, the EU, and Chinese fraud reports, along with Jason Wood on this episode of the Security Weekly News! Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us...
Risky Biz Soap Box: While you're watching a quiet one a noisy one will kill you
In this Soap Box edition of the show Proofpoint’s EVP of...
SN 871: The New EU Surveillance State – Eventful Patch Tuesday, Open Source Maintenance Crew, BIG-IP Boxes
Picture of the Week.
An "eventful" Patch Tuesday.
Patch Tuesday.
Apple patched a 0-day.
Google's "Open Source Maintenance Crew".
Conti suggests overthrowing the new Costa Rican government.
Policing the Google Play Store.
The situation has grown more dire...
CISA Alert AA22-137A – Weak security controls and practices routinely exploited for initial access. [CISA Alerts]
This joint cybersecurity advisory was coauthored by the cybersecurity authorities of the US, Canada, New Zealand, the Netherlands, and the UK. Cyber actors routinely exploit poor security configurations, weak controls, and...
Russian cyber threats and NATO’s Article 5. Conti says it’s going to bring Cost Rica to its knees. BLE proof-of-concept hack. CISA warns of initial access methods. Thanos proprietor indicted.
An assessment of the Russian cyber threat. NATO's Article 5 in cyberspace. Conti's ransomware attack against Costa Rica spreads, in scope and effect. Bluetooth vulnerabilities demonstrated in proof-of-concept. CISA and its...
DtSR Episode 501 – Netskope's Bad SaaS Report
Prologue This week, on the first post-500 episode, we welcome Netskope's Ray Canzanese to talk about the Cloud & Threat Report they just published ( https://www.netskope.com/netskope-threat-labs/cloud-threat-report ) which has some interesting bits in it. Ray discusses the details...
Shred with George Gerchow
For those unfamiliar with the snowboarding slang term Shred, it means “to ride with exceptional speed, ability, or enthusiasm, especially in difficult terrain and conditions”.Sumo Logic’s CSO, George Gerchow, applies this methodology whether it’s by way of Board, or...
117: Daniel the Paladin
Daniel Kelly (https://twitter.com/danielmakelley) was equal parts mischievousness and clever when it came to computers. Until the day his mischief overtook his cleverness.SponsorsSupport for this show comes from Keeper Security. Keeper Security’s...
ISC StormCast for Tuesday, May 17th, 2022
Apple Patches Everything https://isc.sans.edu/forums/diary/Apple+Patches+Everything/28654/ Evil Never Sleeps: When Wireless Malware
News & Analysis | NO. 331
Support the show: https://danielmiessler.com/support/See omnystudio.com/listener for privacy information.
Users advised to patch actively exploited Zyxel vulnerability. Hacktivism and influence ops in Russia’s hybrid war. Ransomware notes. Indiscriminate hacktivism? Alt-coin sanctions case will proceed.
Users are advised to patch Zyxel firewalls. Battlefield failure and popular morale in Russia’s hybrid war. Nuisance-level hacktivism in the hybrid war. Sweden and Finland move closer to NATO membership; concern...
FBI Warrantless Searches, Passwordless Sign-Ins, Keylogging Web Forms
The FBI searched emails, texts and other electronic communications of 3.4 million U.S. residents without a warrant, Apple, Google, and Microsoft have announced they will support a new passwordless sign-in standard created by the FIDO Alliance and the World...
ISC StormCast for Monday, May 16th, 2022
From 0-Day to Mirai: 7 days of BIG-IP Exploits https://isc.sans.edu/forums/diary/From+0Day+to+Mirai+7+days+of+BIGIP+Exploits/28644/
Episode 323 – The fake 7-Zip vulnerability and SBOM
Josh and Kurt talk about a fake 7-Zip security report. It's pretty clear that everyone is running open source all the time. We end on some thoughts around what SBOM is good for, and who should be responsible for...
New Bluetooth Hack Could Let Attackers Remotely Unlock Smart Locks and Cars
A novel Bluetooth relay attack can let cybercriminals more easily than ever remotely unlock and operate cars, break open residential smart locks, and breach secure areas.
The vulnerability has to do with weaknesses in the current implementation of Bluetooth Low Energy (BLE),...
Phishers Add Chatbot to the Phishing Lure
Researchers have discovered a new approach being taken by phishers to increase victim engagement and confidence: the addition of an interactive chatbot. We have all become accustomed to the chatbots used by many of the largest service providers –...
QuSecure Lauches Quantum-Resilient Encryption Platform
New firm launches to provide the Easy Button for implementing quantum secure encryption
The pressure to implement quantum secure encryption is increasing. This isn’t because functioning quantum computers able to crack asymmetric encryption are expected tomorrow, but because of the...
Iran, China-linked gangs join Putin’s disinformation war online
They're using the invasion 'to take aim at the usual adversaries,' Mandiant told The Reg Pro-Beijing and Iran miscreants are using the war in Ukraine to spread disinformation that supports these countries' political interests — namely, advancing anti-Western narratives...
Cyberattacks and misinformation activity against Ukraine continues say security researchers
Malware and fake news continues, says Mandiant.
