ISC StormCast for Thursday, June 23rd, 2022
Malicious PowerShell Targeting Cryptocurrency Browser Extensions https://isc.sans.edu/forums/diary/Malicious+PowerShell+Targeting+Cryptocurrency+Browser+Extensions/28772/ Keeping PowerShell: Security
ISC StormCast for Wednesday, June 22nd, 2022
Experimental New Domain / Domain Age API https://isc.sans.edu/forums/diary/Experimental+New+Domain+Domain+Age+API/28770/ Forescout Vedere
ISC StormCast for Tuesday, June 21st, 2022
Odd TCP Fast Open Packets https://isc.sans.edu/forums/diary/Odd+TCP+Fast+Open+Packets+Anybody+understands+why/28766/ DFSCoerce NTLM Relay Attack
ISC StormCast for Monday, June 20th, 2022
Critical Vulnerability in Splunk Enterprise Deployment Server Functionality https://isc.sans.edu/forums/diary/Critical+vulnerability+in+Splunk+Enterprises+deployment+server+functionality/28760/ Malspam
ISC StormCast for Friday, June 17th, 2022
Houdini is Back Delivered Through a JavaScript Dropper https://isc.sans.edu/forums/diary/Houdini+is+Back+Delivered+Through+a+JavaScript+Dropper/28746/ Drifting
ISC StormCast for Thursday, June 16th, 2022
Terraforming Honeypots: Using IaaC & Cloud to Attract Attacks https://isc.sans.edu/forums/diary/Terraforming+Honeypots+Installing+DShield+Sensors+in+the+Cloud/28748/
ISC StormCast for Wednesday, June 15th, 2022
Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+June+2022+Patch+Tuesday/28742/ Adobe Patches https://helpx.adobe.com/security/security-bulletin.html SynLapse Vulnerability https://orca.security/resources/blog/synlapse-critical-azure-synapse-analytics-service-vulnerability/
ISC StormCast for Tuesday, June 14th, 2022
Translating Saitama's DNS Tunneling https://isc.sans.edu/forums/diary/Translating+Saitamas+DNS+tunneling+messages/28738/ Travis CI Logs Expose Users
ISC StormCast for Monday, June 13th, 2022
EPSScall: An Exploit Prediction Scoring System App https://isc.sans.edu/forums/diary/EPSScall+An+Exploit+Prediction+Scoring+System+App/28732/ PACMan Attack
ISC StormCast for Friday, June 10th, 2022
TA570 QBot attempts to exploit CVE-2022-30190 (Follina) https://isc.sans.edu/forums/diary/TA570+Qakbot+Qbot+tries+CVE202230190+Follina+exploit+msmsdt/28728/ Analysis of
ISC StormCast for Thursday, June 9th, 2022
SANS RSA Panel (sorry, video no longer available) Atlassian Confluence
ISC StormCast for Wednesday, June 8th, 2022
The Trouble With Microsoft's Troubleshooters https://irsl.medium.com/the-trouble-with-microsofts-troubleshooters-6e32fc80b8bd QBot Uses Follina https://twitter.com/threatinsight/status/1534227444915482625
ISC StormCast for Tuesday, June 7th, 2022
MS-MSDT RTF Maldocs Analysis oledump Plugins https://isc.sans.edu/forums/diary/msmsdt+RTF+Maldoc+Analysis+oledump+Plugins/28718/ Cybercriminals Exploit Reverse
ISC StormCast for Monday, June 6th, 2022
Sandbox Evasion... With Just a Filename! https://isc.sans.edu/forums/diary/Sandbox+Evasion+With+Just+a+Filename/28708/ Atlassian Exploit Released
ISC StormCast for Friday, June 3rd, 2022
Quick Answers in Incident Response RECmd.exe https://isc.sans.edu/forums/diary/Quick+Answers+in+Incident+Response+RECmdexe/28706/ Zero-Day Exploitation of
Multiple malicious packages in PyPI repository found stealing AWS secrets
Researchers discovered multiple malicious Python packages in the official PyPI repository stealing AWS credentials and other info.
Sonatype researchers discovered multiple Python packages in the official PyPI repository that have been developed to steal secrets (i.e. AWS credentials and environment...
The Post-Roe Privacy Nightmare Has Arrived
Plus: Microsoft details Russia’s Ukraine hacking campaign, Meta’s election integrity efforts dwindle, and more.
How to Move Your WhatsApp Chats Across Devices and Apps
It's never been easier to switch between iPhone and Android—and to get your messages out of the Meta ecosystem entirely.
We’re now truly in the era of ransomware as pure extortion without the encryption
Why screw around with cryptography and keys when just stealing the info is good enough Feature US and European cops, prosecutors, and NGOs recently convened a two-day workshop in the Hague to discuss how to respond to the growing...
Learn NIST Inside Out With 21 Hours of Training @ 86% OFF
In cybersecurity, many of the best jobs involve working on government projects. To get a security clearance, you need to prove that you meet NIST standards. Cybersecurity firms are particularly interested in people who understand the RMF, or Risk Management...
