ISC StormCast for Monday, September 24th 2018
Odd DNS Requests from Firewalls https://isc.sans.edu/forums/diary/Suspicious+DNS+Requests+Issued+by+a+Firewall/24128/Securing API Connections https://isc.sans.edu/forums/diary/The+danger+of+sending+information+for+API+consumption+without+adequate+security+measures/24130/Microsoft JET
ISC StormCast for Friday, September 21st 2018
Hunting for Suspicious Processes with OSSEC https://isc.sans.edu/forums/diary/Hunting+for+Suspicious+Processes+with+OSSEC/24122/NSSLabs Sues Crowdstrike, Symantec,
ISC StormCast for Thursday, September 20th 2018
Adobe Releases Special Patch for Acrobat and Reader https://helpx.adobe.com/security/products/acrobat/apsb18-34.htmlAkamai State
ISC StormCast for Wednesday, September 19th 2018
Certificate Transparency Tools https://isc.sans.edu/forums/diary/Using+Certificate+Transparency+as+an+Attack+Defense+Tool/24114/Kodi Malicious Add-Ons https://www.welivesecurity.com/2018/09/13/kodi-add-ons-launch-cryptomining-campaign/Cloudflare Making DNSSEC Adoption
ISC StormCast for Tuesday, September 18th 2018
Analyzing Office Docs https://isc.sans.edu/forums/diary/Dissecting+Malicious+MS+Office+Docs/24108/Apple Updates Everything but macOS https://support.apple.com/en-us/HT201220FBot Botnet
ISC StormCast for Monday, September 17th 2018
Reversing Visual Basic Shortcuts https://isc.sans.edu/forums/diary/2020+malware+vision/24104/Not So Random User Agent https://isc.sans.edu/forums/diary/User+Agent+String+uatoolsrandom/24102/Safari
ISC StormCast for Friday, September 14th 2018
Malicious MHT Files https://isc.sans.edu/forums/diary/Malware+Delivered+Through+MHT+Files/24096/Improved Coldboot Attack https://blog.f-secure.com/cold-boot-attacks/SAP Patches https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993
ISC StormCast for Thursday, September 13th 2018
So What is Going on With IPv4 Fragments these Days?
ISC StormCast for Wednesday, September 12th 2018
Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+September+Patch+Tuesday+Summary/24088/Adobe Patches https://helpx.adobe.com/security.htmlSafari/Edge URL Bar Spoofing https://www.rafaybaloch.com/2018/09/apple-safari-microsoft-edge-browser.htmlExploit
ISC StormCast for Tuesday, September 11th 2018
"findstr" used to extract malware from LNK files https://isc.sans.edu/forums/diary/What+is+dikona+or+glirote3/24084/Tor Browser
ISC StormCast for Sunday, September 9th 2018
Crypto Mining in a Windows Headless Browser https://isc.sans.edu/forums/diary/Crypto+Mining+in+a+Windows+Headless+Browser/24078/MacOS Adware Doctor
ISC StormCast for Friday, September 7th 2018
Malware Uses Powershell to Comple C# Code on the Fly
ISC StormCast for Thursday, September 6th 2018
MEGA Chrome Extension Replaced with Password Stealer https://serhack.me/articles/mega-chrome-extension-hackedPython Package Installer
ISC StormCast for Wednesday, September 5th 2018
Some More Interesting MicroTik Router Exploits https://blog.netlab.360.com/7500-mikrotik-routers-are-forwarding-owners-traffic-to-the-attackers-how-is-yours-en/Exposed .git Directories https://lynt.cz/blog/global-scan-exposed-gitSSL
ISC StormCast for Tuesday, September 4th 2018
Reversing and Modifying the Medium Mobile App https://hackernoon.com/dont-publish-yet-reverse-engineering-the-medium-app-and-making-all-stories-in-it-free-48c8f2695687Active Directory Leaks
Breach at US Retailer SHEIN Hits Over Six Million Users
Breach at US Retailer SHEIN Hits Over Six Million UsersUS fashion retailer SHEIN has admitted suffering a major breach affecting the personal information of over six million customers.
The women’s clothing company revealed at the end of last week that...
Bug? Feature? Power users baffled as BitLocker update switch-off continues
Microsoft claims issue confined to older kit Three months on, users continue to report that Microsoft's BitLocker disk encryption technology turns itself off during security updates.…
UK issues first-ever GDPR notice in connection to Facebook data scandal
Canadian firm AggregateIQ, linked to the Facebook & Cambridge Analytica data scandal, is the first to be put on notice.
Symantec Completes Internal Accounting Investigation
Symantec announced on Monday that it has completed its internal accounting audit, and while some issues have been uncovered, only one customer transaction has an impact on financial statements.
read more
Are Colleges Teaching Real-World Cyber Security Skills?
The cybersecurity skill shortage is a well-recognized industry challenge, but the problem isn’t that there are too few people rather that many of them lack suitable skills and experience. Cybersecurity is a fast-growing profession, and talented graduates are in...
