Thursday, October 1, 2020
SANS ISC

ISC StormCast for Thursday, October 1st 2020

Scans for FPURL.xml: Reconnaissance or Not?https://isc.sans.edu/forums/diary/Scans+for+FPURLxml+Reconnaissance+or+Not/26622/ HP Device Manager Backdoorhttps://support.hp.com/us-en/document/c06921908https://www.theregister.com/2020/09/30/hp_device_manager_backdoor_database_account/
SANS ISC

ISC StormCast for Wednesday, September 30th 2020

Managing Remote Access for Contractors and Partnershttps://isc.sans.edu/forums/diary/Managing+Remote+Access+for+Partners+Contractors/26614/#comments Updated Windows ZeroLogon
SANS ISC

ISC StormCast for Tuesday, September 29th 2020

Some Tyler Technologies Customers Targeted after Breachhttps://isc.sans.edu/forums/diary/Some+Tyler+Technologies+Customers+Targeted+with+The+Installation+of+a+Bomgar+Client/26610/ Obfuscated PowerShell Backdoorhttps://isc.sans.edu/forums/diary/PowerShell+Backdoor+Launched+from+a+ShellCode/26602/
SANS ISC

ISC StormCast for Monday, September 28th 2020

Securing Exchange Onlinehttps://isc.sans.edu/forums/diary/Securing+Exchange+Online+Guest+Diary/26600/ Decoding Corrupt BASE64https://isc.sans.edu/forums/diary/Decoding+Corrupt+BASE64+Strings/26606/ Fortinet VPN Default Setting
SANS ISC

ISC StormCast for Friday, September 25th 2020

Party in Ibiza with PowerShellhttps://isc.sans.edu/forums/diary/Party+in+Ibiza+with+PowerShell/26594/ Microsoft Tracking Zerologon Exploitshttps://twitter.com/MsftSecIntel/status/1308941504707063808 Apple
SANS ISC

ISC StormCast for Thursday, September 24th 2020

Dynamic Malicious Word Documenthttps://isc.sans.edu/forums/diary/Malicious+Word+Document+with+Dynamic+Content/26590/ Old Versions of SAMBA Affected by
SANS ISC

ISC StormCast for Wednesday, September 23rd 2020

Citrix ADC Udpateshttps://support.citrix.com/article/CTX281474 Firefox Version 81 Releasedhttps://www.mozilla.org/en-US/firefox/81.0/releasenotes/ Simple Scan Drops
SANS ISC

ISC StormCast for Tuesday, September 22nd 2020

Slightly Broken Overlay Phishinghttps://isc.sans.edu/forums/diary/Slightly+broken+overlay+phishing/26586/ MacOS Code Injection via Third Party
SANS ISC

ISC StormCast for Monday, September 21st 2020

A Mix of Python and VBA in a Malicious Word
SANS ISC

ISC StormCast for Friday, September 18th 2020

OSSEC Active Responsehttps://isc.sans.edu/forums/diary/Suspicious+Endpoint+Containment+with+OSSEC/26576/ Microsoft Patch for Office for Machttps://docs.microsoft.com/en-us/officeupdates/release-notes-office-for-mac VMWare
SANS ISC

ISC StormCast for Thursday, September 17th 2020

Most Recent "Mirai" Bot Includes Code to Target Backupshttps://isc.sans.edu/forums/diary/Do+Vulnerabilities+Ever+Get+Old+Recent+Mirai+Variant+Scanning+for+20+Year+Old+Amanda+Version/26572/ Apple
SANS ISC

ISC StormCast for Wednesday, September 16th 2020

Traffic Analysis Quiz: Oh No... Another Infectionhttps://isc.sans.edu/forums/diary/Traffic+Analysis+Quiz+Oh+No+Another+Infection/26566/ Magento 1 Stores
SANS ISC

ISC StormCast for Tuesday, September 15th 2020

Not Everything About ".well-known" is Well Knownhttps://isc.sans.edu/forums/diary/Not+Everything+About+wellknown+is+Well+Known/26564/ BLE Lock Vulnerable
SANS ISC

ISC StormCast for Monday, September 14th 2020

Pillaging and Protecting the Clipboardhttps://isc.sans.edu/forums/diary/Whats+in+Your+Clipboard+Pillaging+and+Protecting+the+Clipboard/26556/ Critical Vulnerability in PANOShttps://security.paloaltonetworks.com/CVE-2020-2040 Linux
SANS ISC

ISC StormCast for Friday, September 11th 2020

Recent Dridex Activityhttps://isc.sans.edu/forums/diary/Recent+Dridex+activity/26550/ Zoom Bombings and Zoom 2FAhttps://arxiv.org/abs/2009.03822https://blog.zoom.us/secure-your-zoom-account-with-two-factor-authentication/ AMD Server
Tripwire

Russian Gets 7 Years in Prison for Linkedin, Dropbox & Formspring Hacks

A Russian man received a seven-year prison sentence for having hacked into computers belonging to LinkedIn, Dropbox and Formspring. On September 30, Honorable William H. Alsup, U.S. District Judge for the Northern District of California, sentenced Yevgeniy Alexandrovich Nikulin,...
Bruce Schneier

Detecting Deep Fakes with a Heartbeat

Researchers can detect deep fakes because they don’t convincingly mimic human blood circulation in the face: In particular, video of a person’s face contains subtle shifts in color that result from pulses in blood circulation. You might imagine that these...
SecurityWeek

Anthem to Pay Nearly $40M Settlement Over 2015 Cyberattack

Health insurer Anthem has agreed to another multimillion-dollar settlement over a cyberattack on its technology that exposed the personal information of nearly 79 million people. read more

#BeCyberSmart – why friends don’t let friends get scammed

Friends don't let friends get scammed. Because cybercrime hurts us all.

Russia’s Fancy Bear Hackers Likely Penetrated a US Federal Agency

New clues indicate that APT28 may be behind a mysterious intrusion that US officials disclosed last week.