SANS

802.1x Tips https://isc.sans.edu/forums/diary/The+Other+Side+of+Critical+Control+1+8021x+Wired+Network+Access+Controls/25146/Kazachstan TLS Interception https://groups.google.com/forum/#!msg/mozilla.dev.security.policy/wnuKAhACo3E/cpsvHgcuDwAJBEC Trends https://www.fincen.gov/sites/default/files/shared/FinCEN_Financial_Trend_Analysis_FINAL_508.pdfCyclance Weakness https://skylightcyber.com/2019/07/18/cylance-i-kill-you/

Analysis of DNS TXT Records https://isc.sans.edu/forums/diary/Analyzis+of+DNS+TXT+Records/25142/Evil Gnome Linux Malware https://www.intezer.com/blog-evilgnome-rare-malware-spying-on-linux-desktop-users/New

Zoom/Apple Patches Additional Software https://www.theverge.com/2019/7/16/20696529/apple-mac-silent-update-zoom-ringcentral-zhumu-vulnerabilty-patchedLenovo/IOMega NAS API Vulnerability https://www.theregister.co.uk/2019/07/16/iomega_nas_boxes/Amadeus Vulnerability

isodump.py and malicious ISO files https://isc.sans.edu/forums/diary/isodumppy+and+Malicious+ISO+Files/25134/Atlassian Crowd Vulnerability Details https://www.corben.io/atlassian-crowd-rce/Scrapy

Magecart Targets S3 Buckets https://www.riskiq.com/blog/labs/magecart-amazon-s3-buckets/Atlassian Jira Vulnerability https://confluence.atlassian.com/jira/jira-security-advisory-2019-07-10-973486595.htmlMicrosoft to Detect

Analysis of a Recent AZORult Sample https://isc.sans.edu/forums/diary/Recent+AZORult+activity/25120/Apple Delete Zoom Web

Samba Project Disabling SMBv1 By Default https://isc.sans.edu/forums/diary/Samba+Project+tells+us+Whats+New+SMBv1+Disabled+by+Default+finally/25116/GnuPG Will No Longer

MSFT Patch Tuesday https://isc.sans.edu/forums/diary/MSFT+July+2019+Patch+Tuesday/25110/Adobe Updates https://helpx.adobe.com/security.htmlZoom Vulnerability https://medium.com/bugbountywriteup/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5

Canonical Github Hack https://news.ycombinator.com/item?id=20373009New Wave of Magecart Attacks https://gist.github.com/gwillem/5d936f5a84837d5c1dcb488ce256294aFacebook's Libra

Does "Godlua" Use DNS over HTTPS or Not? https://www.golem.de/news/verschluesseltes-dns-falschmeldung-in-propagandaschlacht-um-dns-ueber-https-1907-142358.html https://blog.netlab.360.com/an-analysis-of-godlua-backdoor-en/Exploit

Zipato SmartHub Vulnerabilities https://blackmarble.sh/zipato-smart-hub/Blocking DNS over HTTPS https://github.com/bambenek/block-dohCloudflare Outage https://www.cloudflarestatus.com/incidents/tx4pgxs6zxdrAndroid

Maldoc Payloads in User Forms https://isc.sans.edu/forums/diary/Maldoc+Payloads+in+User+Forms/25084/Zyxel Vulnerabilities https://www.zyxel.com/support/vulnerabilities-related-to-the-Free-Time-feature.shtmlAMD SEV DH

Collecting Hashes of Running Processes and verifying them with Virustotal

New Brickerbot (Silex) Sightings https://twitter.com/_larry0/status/1143532888538984448Supply Chain Attacks Against Telco Providers

Rig Exploit Kit Installs Pitou.B. Trojan https://isc.sans.edu/forums/diary/Rig+Exploit+Kit+sends+PitouB+Trojan/25068/AWS VPC Traffic Mirroring