Tuesday, March 19, 2019
SANS ISC

ISC StormCast for Wednesday, March 20th 2019

Cloudflare Releases Proxy Detection Tools https://blog.cloudflare.com/monsters-in-the-middleboxes/Business Email Compromise Moving to
SANS ISC

ISC StormCast for Monday, March 18th 2019

Putty Updates https://www.chiark.greenend.org.uk/~sgtatham/putty/Fujitsu Wireless Keyboard Vulnerabilities https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-033.txtSigned Malware Goes Undetected
SANS ISC

ISC StormCast for Sunday, March 17th 2019

Binary Analysis With Jupyter and Radare2 https://isc.sans.edu/forums/diary/Binary+Analysis+with+Jupyter+and+Radare2/24748/IMAP Brute Forcing against
SANS ISC

ISC StormCast for Friday, March 15th 2019

Analyzing ZIP Files in Ghydra https://isc.sans.edu/forums/diary/Tip+Ghidra+ZIP+Files/24732/64 Bit Certificate Serial Number
SANS ISC

ISC StormCast for Wednesday, March 13th 2019

Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+March+2019+Patch+Tuesday/24742/Adobe Updates https://helpx.adobe.com/security.htmlPSMiner https://blog.360totalsecurity.com/en/new-mining-worm-psminer-uses-multiple-high-risk-vulnerabilities-to-spread/Automatic Certificate Managment Environment
SANS ISC

ISC StormCast for Tuesday, March 12th 2019

DevOps Tool StackStorm Vulnerability https://quitten.github.io/StackStorm/Developers Will Not Code Secure By
SANS ISC

ISC StormCast for Monday, March 11th 2019

Reversing HTA Files https://isc.sans.edu/forums/diary/Quick+and+Dirty+Malicious+HTA+Analysis/24728/Apache SOLR Patch https://issues.apache.org/jira/browse/SOLR-13301Windows 7 + Google
SANS ISC

ISC StormCast for Friday, March 8th 2019

RSA Panel Video https://www.rsaconference.com/videos/the-five-most-dangerous-new-attack-techniques-and-how-to-counter-themDisposable E-Mail Addresses https://isc.sans.edu/forums/diary/Keep+an+Eye+on+Disposable+Email+Addresses/24716/NetApp Default Account Vulnerability
SANS ISC

ISC StormCast for Thursday, March 7th 2019

More Resume Malspam. Now With Trickbot and EternalBlue https://isc.sans.edu/forums/diary/Malspam+with+passwordprotected+word+docs+still+pushing+IcedID+Bokbot+with+Trickbot/24708/Cloudflare Deploys
SANS ISC

ISC StormCast for Wednesday, March 6th 2019

Comcast Uses same "0000" PIN For All Number Porting Requests
SANS ISC

ISC StormCast for Tuesday, March 5th 2019

MacOS Unpatched Privilge Escalation Vulnerability made Public https://bugs.chromium.org/p/project-zero/issues/detail?id=1726Windows Exploit Suggester
SANS ISC

ISC StormCast for Monday, March 4th 2019

Cisco Router Patch https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-exColdfusion Patch and Exploit https://www.carehart.org/blog/client/index.cfm/2019/3/1/urgent_CF_security_update_Part_1Ransomware Impersonates Protonmail
SANS ISC

ISC StormCast for Friday, March 1st 2019

Emotet Backend Analysis https://maxkersten.nl/binary-analysis-course/malware-analysis/emotet-droppers/Kaspersky Vs. Chromecast https://www.bleepingcomputer.com/news/security/kaspersky-av-having-certificate-conflicts-with-google-chromecast/MageCart Updates https://www.riskiq.com/research/inside-magecart/
SANS ISC

ISC StormCast for Thursday, February 28th 2019

Coinhive Shutting Down https://coinhive.com/blog/en/discontinuation-of-coinhiveAzure Blob Storage Phishing https://www.edgewave.com/phishing/feeling-blue-about-phishing/Old 2014 Elastic
SANS ISC

ISC StormCast for Wednesday, February 27th 2019

Thunderbolt "Thunderclap" Vulnerabilities https://thunderclap.io/thunderclap-paper-ndss2019.pdfAltering Signed PDF Documents https://www.pdf-insecurity.org/NVidia Patches https://nvidia.custhelp.com/app/answers/detail/a_id/4772
SC Magazine

Norwegian aluminum producer Norsk Hydro hit by an unspecified cyberattack

Norwegian aluminum producer Norsk Hydro was hit by a cyber attack which began Monday evening and escalated into the night. The Norwegian National Security Authority (NSM) declined to comment on what type of attack it was but said the extent...
SC Magazine

Glitch exposes Sprint customer data to other users

A bug has allowed some Sprint customers to see the personal data of other customers from their online accounts. The information visible includes names, cell phone numbers as well as calls made by other users and, and a Tech Crunch report cited...

6 Ways Mature DevOps Teams Are Killing It in Security

New survey shows where "elite" DevOps organizations are better able to incorporate security into application security.
The Register

Ransomware drops the Lillehammer on Norsk Hydro: Aluminium giant forced into manual mode after systems scrambled

Norway the power and metals wrangler could have seen this one coming Norwegian power and metals giant Norsk Hydro is battling an extensive ransomware infection on its computers.…

Old Tech Spills Digital Dirt on Past Owners

Researcher buys old computers, flash drives, phones and hard drives and finds only two properly wiped devices out of 85 examined.