ISC StormCast for Thursday, October 1st 2020
Scans for FPURL.xml: Reconnaissance or Not?https://isc.sans.edu/forums/diary/Scans+for+FPURLxml+Reconnaissance+or+Not/26622/ HP Device Manager Backdoorhttps://support.hp.com/us-en/document/c06921908https://www.theregister.com/2020/09/30/hp_device_manager_backdoor_database_account/
ISC StormCast for Wednesday, September 30th 2020
Managing Remote Access for Contractors and Partnershttps://isc.sans.edu/forums/diary/Managing+Remote+Access+for+Partners+Contractors/26614/#comments Updated Windows ZeroLogon
ISC StormCast for Tuesday, September 29th 2020
Some Tyler Technologies Customers Targeted after Breachhttps://isc.sans.edu/forums/diary/Some+Tyler+Technologies+Customers+Targeted+with+The+Installation+of+a+Bomgar+Client/26610/ Obfuscated PowerShell Backdoorhttps://isc.sans.edu/forums/diary/PowerShell+Backdoor+Launched+from+a+ShellCode/26602/
ISC StormCast for Monday, September 28th 2020
Securing Exchange Onlinehttps://isc.sans.edu/forums/diary/Securing+Exchange+Online+Guest+Diary/26600/ Decoding Corrupt BASE64https://isc.sans.edu/forums/diary/Decoding+Corrupt+BASE64+Strings/26606/ Fortinet VPN Default Setting
ISC StormCast for Friday, September 25th 2020
Party in Ibiza with PowerShellhttps://isc.sans.edu/forums/diary/Party+in+Ibiza+with+PowerShell/26594/ Microsoft Tracking Zerologon Exploitshttps://twitter.com/MsftSecIntel/status/1308941504707063808 Apple
ISC StormCast for Thursday, September 24th 2020
Dynamic Malicious Word Documenthttps://isc.sans.edu/forums/diary/Malicious+Word+Document+with+Dynamic+Content/26590/ Old Versions of SAMBA Affected by
ISC StormCast for Wednesday, September 23rd 2020
Citrix ADC Udpateshttps://support.citrix.com/article/CTX281474 Firefox Version 81 Releasedhttps://www.mozilla.org/en-US/firefox/81.0/releasenotes/ Simple Scan Drops
ISC StormCast for Tuesday, September 22nd 2020
Slightly Broken Overlay Phishinghttps://isc.sans.edu/forums/diary/Slightly+broken+overlay+phishing/26586/ MacOS Code Injection via Third Party
ISC StormCast for Monday, September 21st 2020
A Mix of Python and VBA in a Malicious Word
ISC StormCast for Friday, September 18th 2020
OSSEC Active Responsehttps://isc.sans.edu/forums/diary/Suspicious+Endpoint+Containment+with+OSSEC/26576/ Microsoft Patch for Office for Machttps://docs.microsoft.com/en-us/officeupdates/release-notes-office-for-mac VMWare
ISC StormCast for Thursday, September 17th 2020
Most Recent "Mirai" Bot Includes Code to Target Backupshttps://isc.sans.edu/forums/diary/Do+Vulnerabilities+Ever+Get+Old+Recent+Mirai+Variant+Scanning+for+20+Year+Old+Amanda+Version/26572/ Apple
ISC StormCast for Wednesday, September 16th 2020
Traffic Analysis Quiz: Oh No... Another Infectionhttps://isc.sans.edu/forums/diary/Traffic+Analysis+Quiz+Oh+No+Another+Infection/26566/ Magento 1 Stores
ISC StormCast for Tuesday, September 15th 2020
Not Everything About ".well-known" is Well Knownhttps://isc.sans.edu/forums/diary/Not+Everything+About+wellknown+is+Well+Known/26564/ BLE Lock Vulnerable
ISC StormCast for Monday, September 14th 2020
Pillaging and Protecting the Clipboardhttps://isc.sans.edu/forums/diary/Whats+in+Your+Clipboard+Pillaging+and+Protecting+the+Clipboard/26556/ Critical Vulnerability in PANOShttps://security.paloaltonetworks.com/CVE-2020-2040 Linux
ISC StormCast for Friday, September 11th 2020
Recent Dridex Activityhttps://isc.sans.edu/forums/diary/Recent+Dridex+activity/26550/ Zoom Bombings and Zoom 2FAhttps://arxiv.org/abs/2009.03822https://blog.zoom.us/secure-your-zoom-account-with-two-factor-authentication/ AMD Server
Russian Gets 7 Years in Prison for Linkedin, Dropbox & Formspring Hacks
A Russian man received a seven-year prison sentence for having hacked into computers belonging to LinkedIn, Dropbox and Formspring. On September 30, Honorable William H. Alsup, U.S. District Judge for the Northern District of California, sentenced Yevgeniy Alexandrovich Nikulin,...
Detecting Deep Fakes with a Heartbeat
Researchers can detect deep fakes because they don’t convincingly mimic human blood circulation in the face:
In particular, video of a person’s face contains subtle shifts in color that result from pulses in blood circulation. You might imagine that these...
Anthem to Pay Nearly $40M Settlement Over 2015 Cyberattack
Health insurer Anthem has agreed to another multimillion-dollar settlement over a cyberattack on its technology that exposed the personal information of nearly 79 million people.
read more
#BeCyberSmart – why friends don’t let friends get scammed
Friends don't let friends get scammed. Because cybercrime hurts us all.
Russia’s Fancy Bear Hackers Likely Penetrated a US Federal Agency
New clues indicate that APT28 may be behind a mysterious intrusion that US officials disclosed last week.
