ISC StormCast for Tuesday, March 31st 2020
Crashing Windows Explorer Without a Clickhttps://isc.sans.edu/forums/diary/Crashing+explorerexe+without+a+click/25966/ Zoom Privacy Policyhttps://blogs.harvard.edu/doc/2020/03/27/zoom/ Zoom
ISC StormCast for Monday, March 30th 2020
Covid19 Domain Classifierhttps://isc.sans.edu/covidclassifier.htmlhttps://www.youtube.com/watch?v=yNIlyJ3gI-4 Attackers Mail Malicious USB Drives and Teddy
ISC StormCast for Friday, March 27th 2020
Very Large Sample as an Obfuscation Techniquehttps://isc.sans.edu/forums/diary/Very+Large+Sample+as+Evasion+Technique/25948/ iOS VPN Bypasshttps://protonvpn.com/blog/apple-ios-vulnerability-disclosure/
ISC StormCast for Thursday, March 26th 2020
Dridex Updatehttps://isc.sans.edu/forums/diary/Recent+Dridex+activity/25944/ Covid-19 Ransomhttps://twitter.com/johullrich/status/1242983197555789824 HP Enterprise SSD Firmware Bughttps://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00097382en_us Fake
ISC StormCast for Wednesday, March 25th 2020
Updated Microsoft Advisory 200006 https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/adv200006 Memcached Denial of Service Vulnerabilityhttps://github.com/memcached/memcached/issues/629
ISC StormCast for Tuesday, March 24th 2020
Windows Font Parsing 0-Dayhttps://isc.sans.edu/forums/diary/Windows+Zeroday+Actively+Exploited+Type+1+Font+Parsing+Remote+Code+Execution+Vulnerability/25936/ Covid-19 Malware Summaryhttps://github.com/parthdmaniar/coronavirus-covid-19-SARS-CoV-2-IoCs Firefox Turns TLS
ISC StormCast for Monday, March 23rd 2020
More Covid19 Malwarehttps://isc.sans.edu/forums/diary/More+COVID19+Themed+Malware/25930/ Working Exploit for the Kr00k Wifi Exploithttps://hexway.io/research/r00kie-kr00kie/
ISC StormCast for Friday, March 20th 2020
COVID-19 Themed Multistage Malwarehttps://isc.sans.edu/forums/diary/COVID19+Themed+Multistage+Malware/25922/ Cisco SD-WAN Patcheshttps://tools.cisco.com/security/center/publicationListing.x oPatch Selling Patches
ISC StormCast for Thursday, March 19th 2020
TrendMicro Updatehttps://success.trendmicro.com/solution/000245571 More VMWare Updateshttps://www.vmware.com/security/advisories/VMSA-2020-0005.html EnigmaSpark Malwarehttps://securityintelligence.com/posts/EnigmaSpark-Politically-Themed-Cyber-Activity-Highlights-Regional-Opposition-to-Middle-East-Peace-Plan/ Recent Ransomware Trendshttps://www.fireeye.com/blog/threat-research/2020/03/they-come-in-the-night-ransomware-deployment-trends.html
ISC StormCast for Wednesday, March 18th 2020
A Quick Summary of Current Reflective DNS DDoS Attackshttps://isc.sans.edu/forums/diary/A+Quick+Summary+of+Current+Reflective+DNS+DDoS+Attacks/25916/ Trickbot
ISC StormCast for Tuesday, March 17th 2020
Desktop.ini as a post-exploitation toolhttps://isc.sans.edu/forums/diary/Desktopini+as+a+postexploitation+tool/25912/ VMWAre Workstatation/Fusion Updatehttps://www.vmware.com/security/advisories/VMSA-2020-0004.html Blackwater Malware
ISC StormCast for Monday, March 16th 2020
Phishing PDFs With Incremental Updateshttps://isc.sans.edu/forums/diary/Phishing+PDF+With+Incremental+Updates/25904/ VPN Access and Active Monitoringhttps://isc.sans.edu/forums/diary/VPN+Access+and+Activity+Monitoring/25906/
ISC StormCast for Friday, March 13th 2020
Microsoft Releases Patch for Windows SMBv3 Compression Vulnerability CVE-2020-0796https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796 Hancitor
ISC StormCast for Thursday, March 12th 2020
Mystery SMB3 Flaw Updatehttps://isc.sans.edu/forums/diary/Critical+SMBv3+Vulnerability+Remote+Code+Execution/25890/ COVID19 Malwarehttps://blog.reasonsecurity.com/2020/03/09/covid-19-info-stealer-the-map-of-threats-threat-analysis-report/ Agent Tesla Spread by
ISC StormCast for Wednesday, March 11th 2020
Microsoft Patch Tuesdayhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200005https://isc.sans.edu/diary.html?storyid=25886
Palantir, The $20 Billion, Peter Thiel-Backed Big Data Giant, Is Providing A Coronavirus Monitoring Tool To The CDC
Palantir will help the Centers for Disease Control keep on top of ventilator and mask needs to treat coronavirus victims, sources say.
Watering-Holes Target Asian Ethnic Victims with Flash Update Decoy
About 10 compromised websites employ a multi-stage, targeted effort to fingerprint and compromise victims.
OpenWRT is vulnerable to attacks that execute malicious code
Enlarge (credit: OpenWRT)
For almost three years, OpenWRT—the open source operating system that powers home routers and other types of embedded systems—has been vulnerable to remote code-execution attacks because updates were delivered over an unencrypted channel and digital...
Privacy in critical care after telehealth demands jump
As coughs and body aches drive anxious Americans to telemed services in record numbers, relieving the burden on medical facilities stressed to breaking with COVID-19 cases, the subsequent relaxation of privacy requirements puts them at risk of PHI compromises,...
Zoom’s privacy problems are growing as platform explodes in popularity
Enlarge / Zoom's San Jose, Calif., headquarters looks like a lovely place to be socially distanced from. (credit: Smith Collection | Gado | Getty Images)
We have several more weeks, if not several more months, to go in...
