Tuesday, March 31, 2020
SANS ISC

ISC StormCast for Tuesday, March 31st 2020

Crashing Windows Explorer Without a Clickhttps://isc.sans.edu/forums/diary/Crashing+explorerexe+without+a+click/25966/ Zoom Privacy Policyhttps://blogs.harvard.edu/doc/2020/03/27/zoom/ Zoom
SANS ISC

ISC StormCast for Monday, March 30th 2020

Covid19 Domain Classifierhttps://isc.sans.edu/covidclassifier.htmlhttps://www.youtube.com/watch?v=yNIlyJ3gI-4 Attackers Mail Malicious USB Drives and Teddy
SANS ISC

ISC StormCast for Friday, March 27th 2020

Very Large Sample as an Obfuscation Techniquehttps://isc.sans.edu/forums/diary/Very+Large+Sample+as+Evasion+Technique/25948/ iOS VPN Bypasshttps://protonvpn.com/blog/apple-ios-vulnerability-disclosure/
SANS ISC

ISC StormCast for Thursday, March 26th 2020

Dridex Updatehttps://isc.sans.edu/forums/diary/Recent+Dridex+activity/25944/ Covid-19 Ransomhttps://twitter.com/johullrich/status/1242983197555789824 HP Enterprise SSD Firmware Bughttps://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00097382en_us Fake
SANS ISC

ISC StormCast for Wednesday, March 25th 2020

Updated Microsoft Advisory 200006 https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/adv200006 Memcached Denial of Service Vulnerabilityhttps://github.com/memcached/memcached/issues/629
SANS ISC

ISC StormCast for Tuesday, March 24th 2020

Windows Font Parsing 0-Dayhttps://isc.sans.edu/forums/diary/Windows+Zeroday+Actively+Exploited+Type+1+Font+Parsing+Remote+Code+Execution+Vulnerability/25936/ Covid-19 Malware Summaryhttps://github.com/parthdmaniar/coronavirus-covid-19-SARS-CoV-2-IoCs Firefox Turns TLS
SANS ISC

ISC StormCast for Monday, March 23rd 2020

More Covid19 Malwarehttps://isc.sans.edu/forums/diary/More+COVID19+Themed+Malware/25930/ Working Exploit for the Kr00k Wifi Exploithttps://hexway.io/research/r00kie-kr00kie/
SANS ISC

ISC StormCast for Friday, March 20th 2020

COVID-19 Themed Multistage Malwarehttps://isc.sans.edu/forums/diary/COVID19+Themed+Multistage+Malware/25922/ Cisco SD-WAN Patcheshttps://tools.cisco.com/security/center/publicationListing.x oPatch Selling Patches
SANS ISC

ISC StormCast for Thursday, March 19th 2020

TrendMicro Updatehttps://success.trendmicro.com/solution/000245571 More VMWare Updateshttps://www.vmware.com/security/advisories/VMSA-2020-0005.html EnigmaSpark Malwarehttps://securityintelligence.com/posts/EnigmaSpark-Politically-Themed-Cyber-Activity-Highlights-Regional-Opposition-to-Middle-East-Peace-Plan/ Recent Ransomware Trendshttps://www.fireeye.com/blog/threat-research/2020/03/they-come-in-the-night-ransomware-deployment-trends.html
SANS ISC

ISC StormCast for Wednesday, March 18th 2020

A Quick Summary of Current Reflective DNS DDoS Attackshttps://isc.sans.edu/forums/diary/A+Quick+Summary+of+Current+Reflective+DNS+DDoS+Attacks/25916/ Trickbot
SANS ISC

ISC StormCast for Tuesday, March 17th 2020

Desktop.ini as a post-exploitation toolhttps://isc.sans.edu/forums/diary/Desktopini+as+a+postexploitation+tool/25912/ VMWAre Workstatation/Fusion Updatehttps://www.vmware.com/security/advisories/VMSA-2020-0004.html Blackwater Malware
SANS ISC

ISC StormCast for Monday, March 16th 2020

Phishing PDFs With Incremental Updateshttps://isc.sans.edu/forums/diary/Phishing+PDF+With+Incremental+Updates/25904/ VPN Access and Active Monitoringhttps://isc.sans.edu/forums/diary/VPN+Access+and+Activity+Monitoring/25906/
SANS ISC

ISC StormCast for Friday, March 13th 2020

Microsoft Releases Patch for Windows SMBv3 Compression Vulnerability CVE-2020-0796https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796 Hancitor
SANS ISC

ISC StormCast for Thursday, March 12th 2020

Mystery SMB3 Flaw Updatehttps://isc.sans.edu/forums/diary/Critical+SMBv3+Vulnerability+Remote+Code+Execution/25890/ COVID19 Malwarehttps://blog.reasonsecurity.com/2020/03/09/covid-19-info-stealer-the-map-of-threats-threat-analysis-report/ Agent Tesla Spread by
SANS ISC

ISC StormCast for Wednesday, March 11th 2020

Microsoft Patch Tuesdayhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200005https://isc.sans.edu/diary.html?storyid=25886

Palantir, The $20 Billion, Peter Thiel-Backed Big Data Giant, Is Providing A Coronavirus Monitoring Tool To The CDC

Palantir will help the Centers for Disease Control keep on top of ventilator and mask needs to treat coronavirus victims, sources say.

Watering-Holes Target Asian Ethnic Victims with Flash Update Decoy

About 10 compromised websites employ a multi-stage, targeted effort to fingerprint and compromise victims.

OpenWRT is vulnerable to attacks that execute malicious code

Enlarge (credit: OpenWRT) For almost three years, OpenWRT—the open source operating system that powers home routers and other types of embedded systems—has been vulnerable to remote code-execution attacks because updates were delivered over an unencrypted channel and digital...
SC Magazine

Privacy in critical care after telehealth demands jump

As coughs and body aches drive anxious Americans to telemed services in record numbers, relieving the burden on medical facilities stressed to breaking with COVID-19 cases, the subsequent relaxation of privacy requirements puts them at risk of PHI compromises,...

Zoom’s privacy problems are growing as platform explodes in popularity

Enlarge / Zoom's San Jose, Calif., headquarters looks like a lovely place to be socially distanced from. (credit: Smith Collection | Gado | Getty Images) We have several more weeks, if not several more months, to go in...