Saturday, July 20, 2019
SANS ISC

ISC StormCast for Friday, July 19th 2019

802.1x Tips https://isc.sans.edu/forums/diary/The+Other+Side+of+Critical+Control+1+8021x+Wired+Network+Access+Controls/25146/Kazachstan TLS Interception https://groups.google.com/forum/#!msg/mozilla.dev.security.policy/wnuKAhACo3E/cpsvHgcuDwAJBEC Trends https://www.fincen.gov/sites/default/files/shared/FinCEN_Financial_Trend_Analysis_FINAL_508.pdfCyclance Weakness https://skylightcyber.com/2019/07/18/cylance-i-kill-you/
SANS ISC

ISC StormCast for Thursday, July 18th 2019

Analysis of DNS TXT Records https://isc.sans.edu/forums/diary/Analyzis+of+DNS+TXT+Records/25142/Evil Gnome Linux Malware https://www.intezer.com/blog-evilgnome-rare-malware-spying-on-linux-desktop-users/New
SANS ISC

ISC StormCast for Wednesday, July 17th 2019

Zoom/Apple Patches Additional Software https://www.theverge.com/2019/7/16/20696529/apple-mac-silent-update-zoom-ringcentral-zhumu-vulnerabilty-patchedLenovo/IOMega NAS API Vulnerability https://www.theregister.co.uk/2019/07/16/iomega_nas_boxes/Amadeus Vulnerability
SANS ISC

ISC StormCast for Tuesday, July 16th 2019

isodump.py and malicious ISO files https://isc.sans.edu/forums/diary/isodumppy+and+Malicious+ISO+Files/25134/Atlassian Crowd Vulnerability Details https://www.corben.io/atlassian-crowd-rce/Scrapy
SANS ISC

ISC StormCast for Monday, July 15th 2019

Magecart Targets S3 Buckets https://www.riskiq.com/blog/labs/magecart-amazon-s3-buckets/Atlassian Jira Vulnerability https://confluence.atlassian.com/jira/jira-security-advisory-2019-07-10-973486595.htmlMicrosoft to Detect
SANS ISC

ISC StormCast for Friday, July 12th 2019

Analysis of a Recent AZORult Sample https://isc.sans.edu/forums/diary/Recent+AZORult+activity/25120/Apple Delete Zoom Web
SANS ISC

ISC StormCast for Thursday, July 11th 2019

Samba Project Disabling SMBv1 By Default https://isc.sans.edu/forums/diary/Samba+Project+tells+us+Whats+New+SMBv1+Disabled+by+Default+finally/25116/GnuPG Will No Longer
SANS ISC

ISC StormCast for Wednesday, July 10th 2019

MSFT Patch Tuesday https://isc.sans.edu/forums/diary/MSFT+July+2019+Patch+Tuesday/25110/Adobe Updates https://helpx.adobe.com/security.htmlZoom Vulnerability https://medium.com/bugbountywriteup/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5
SANS ISC

ISC StormCast for Tuesday, July 9th 2019

Canonical Github Hack https://news.ycombinator.com/item?id=20373009New Wave of Magecart Attacks https://gist.github.com/gwillem/5d936f5a84837d5c1dcb488ce256294aFacebook's Libra
SANS ISC

ISC StormCast for Monday, July 8th 2019

Does "Godlua" Use DNS over HTTPS or Not? https://www.golem.de/news/verschluesseltes-dns-falschmeldung-in-propagandaschlacht-um-dns-ueber-https-1907-142358.html https://blog.netlab.360.com/an-analysis-of-godlua-backdoor-en/Exploit
SANS ISC

ISC StormCast for Wednesday, July 3rd 2019

Zipato SmartHub Vulnerabilities https://blackmarble.sh/zipato-smart-hub/Blocking DNS over HTTPS https://github.com/bambenek/block-dohCloudflare Outage https://www.cloudflarestatus.com/incidents/tx4pgxs6zxdrAndroid
SANS ISC

ISC StormCast for Tuesday, July 2nd 2019

Maldoc Payloads in User Forms https://isc.sans.edu/forums/diary/Maldoc+Payloads+in+User+Forms/25084/Zyxel Vulnerabilities https://www.zyxel.com/support/vulnerabilities-related-to-the-Free-Time-feature.shtmlAMD SEV DH
SANS ISC

ISC StormCast for Sunday, June 30th 2019

Collecting Hashes of Running Processes and verifying them with Virustotal
SANS ISC

ISC StormCast for Friday, June 28th 2019

New Brickerbot (Silex) Sightings https://twitter.com/_larry0/status/1143532888538984448Supply Chain Attacks Against Telco Providers
SANS ISC

ISC StormCast for Wednesday, June 26th 2019

Rig Exploit Kit Installs Pitou.B. Trojan https://isc.sans.edu/forums/diary/Rig+Exploit+Kit+sends+PitouB+Trojan/25068/AWS VPC Traffic Mirroring

Cisco Patches Critical Flaw in Vision Dynamic Signage Director

Cisco this week released a security patch for the Vision Dynamic Signage Director, to address a Critical vulnerability that could allow attackers to execute arbitrary actions on the local system.  Tracked as CVE-2019-1917, the vulnerability was found in the REST...

The Great Hack: the film that goes behind the scenes of the Facebook data scandal

This week, a Netflix documentary on Cambridge Analytica sheds light on one of the most complex scandals of our time. Carole Cadwalladr, who broke the story and appears in the film, looks at the fallout – and finds ‘surveillance...
SecurityWeek

Scotland Yard Twitter and Emails Hacked

London's Metropolitan Police apologised Saturday after its Twitter, emails and news pages were targeted by hackers and began pumping out a series of bizarre messages. read more

Browser Extensions Scraped Data From Millions of People

Slack passwords, NSO spyware, and more of the week's top security news.
ZDNet

Hackers breach FSB contractor, expose Tor deanonymization project and more

SyTech, the hacked company, was working on research projects for the FSB, Russia's intelligence service.