Monday, January 30, 2023
SANS ISC

ISC StormCast for Monday, January 30th, 2023

Microsoft Tips to Patch Your Exchange Servers https://techcommunity.microsoft.com/t5/exchange-team-blog/protect-your-exchange-servers/ba-p/3726001 FCC Treatens
SANS ISC

ISC StormCast for Friday, January 27th, 2023

Live Linux IR with UAC https://isc.sans.edu/diary/Live%20Linux%20IR%20with%20UAC/29480 Bitwarden Phishing https://community.bitwarden.com/t/phishing-website-bitwardenlogin-com/49704 https://www.reddit.com/r/Bitwarden/comments/10k2aj5/google_search_ads_showing_fake_bitwarden_web/
SANS ISC

ISC StormCast for Thursday, January 26th, 2023

First Malicious OneNote Document https://isc.sans.edu/diary/A%20First%20Malicious%20OneNote%20Document/29470 Guidance for Securing Remote Monitoring
SANS ISC

ISC StormCast for Wednesday, January 25th, 2023

Apple Patch Summary https://isc.sans.edu/forums/diary/Apple%20Updates%20%28almost%29%20Everything%3A%20Patch%20Overview/29472/ ManageEngine News; https://github.com/vonahisec/CVE-2022-47966-Scan KSMBD Vulnerability https://sysdig.com/blog/cve-2023-0210-linux-kernel-unauthenticated-remote-heap-overflow/
SANS ISC

ISC StormCast for Tuesday, January 24th, 2023

Who's Resolving This Domain https://isc.sans.edu/forums/diary/Who's%20Resolving%20This%20Domain%3F/29462/ Apple Updates Everything https://support.apple.com/en-us/HT201222 NSA
SANS ISC

ISC StormCast for Monday, January 23rd, 2023

Imortance of Signing in Windows Environments https://isc.sans.edu/diary/Importance%20of%20signing%20in%20Windows%20environments/29456 FanDuel Discloses Data
SANS ISC

ISC StormCast for Friday, January 20th, 2023

SPF and DMARC use on 100k most popular domains https://isc.sans.edu/diary/SPF%20and%20DMARC%20use%20on%20100k%20most%20popular%20domains/29452
SANS ISC

ISC StormCast for Thursday, January 19th, 2023

Malicious Google Ads for Fake Notepad++ Lead to Aurora Stealer
SANS ISC

ISC StormCast for Wednesday, January 18th, 2023

Finding that one GPO setting in a pool of hundreds
SANS ISC

ISC StormCast for Tuesday, January 17th, 2023

PSA: Why you must run an ad blocker when using
SANS ISC

ISC StormCast for Monday, January 16th, 2023

Elon Musk Themed Crypto Scams Flooding YouTube Today https://isc.sans.edu/diary/Elon%20Musk%20Themed%20Crypto%20Scams%20Flooding%20YouTube%20Today/29434 Microsoft
SANS ISC

ISC StormCast for Friday, January 13th, 2023

Prowler v3: AWS & Azure security assessments https://isc.sans.edu/diary/Prowler%20v3%3A%20AWS%20%26%20Azure%20security%20assessments/29430 Certified Pre-Pw0ned
SANS ISC

ISC StormCast for Thursday, January 12th, 2023

Passive Detection of Internet-Connected Systems Affected by Exploited Vulnerabilities https://isc.sans.edu/diary/Passive%20detection%20of%20internet-connected%20systems%20affected%20by%20vulnerabilities%20from%20the%20CISA%20KEV%20catalog/29426
SANS ISC

ISC StormCast for Wednesday, January 11th, 2023

Microsoft January 2023 Patch Tuesday https://isc.sans.edu/diary/Microsoft%20January%202023%20Patch%20Tuesday/29420 Cacti Unauthenticated Remote Code
SANS ISC

ISC StormCast for Tuesday, January 10th, 2023

New Year Old Tricks: Hunting for CircleCI Configuration Files https://isc.sans.edu/diary/New%20year%2C%20old%20tricks%3A%20Hunting%20for%20CircleCI%20configuration%20files/29416

GitHub says hackers cloned code-signing certificates in breached repository

Enlarge GitHub said unknown intruders gained unauthorized access to some of its code repositories and stole code-signing certificates for two of its desktop applications: Desktop and Atom. Code-signing certificates place...
Security Affairs

QNAP addresses a critical flaw impacting its NAS devices

Taiwanese vendor QNAP is warning customers to install QTS and QuTS firmware updates to address a critical flaw impacting its NAS devices. QNAP released QTS and QuTS firmware updates to address a critical vulnerability, tracked as CVE-2022-27596 (CVSS v3 score: 9.8), that...
The Register

Chromebook SH1MMER exploit promises admin jailbreak

Schools' laptops are out if this one gets around, but beware bricking Users of enterprise-managed Chromebooks now, for better or worse, have a way to break the shackles of administrative control through an exploit called SHI1MMER.…

MusicLM: Google AI generates music in various genres at 24 kHz

Enlarge / An AI-generated image of an exploding ball of music. (credit: Ars Technica) On Thursday, researchers from Google announced a new generative AI model called MusicLM that can create...

Russia's Sandworm APT Launches Swarm of Wiper Attacks in Ukraine

The incidents are the latest indication of the growing popularity of dangerous disk wipers, created to disrupt and degrade critical infrastructure and other organizations.