Sans Internet Storm Center Daily Network/cyber Security And Information Security Podcast

Sans Internet Storm Center Daily Network/cyber Security And Information Security Podcast

Informações:

Seguir
Ouvir
Escolher este livro
Ouvir Grátis

Sinopse

Daily update on current cyber security threats

Mostrar mais

Episódios

  • ISC StormCast for Friday, March 29th, 2024

    ISC StormCast for Friday, March 29th, 2024
    29/03/2024 Duração: 05min

    From JavaScript to AsyncRAT https://isc.sans.edu/diary/From%20JavaScript%20to%20AsyncRAT/30788 TeamCity Patches https://www.jetbrains.com/privacy-security/issues-fixed/?product=TeamCity&version=2024.03 Okta Verify for Windows Auto-update Arbitrary Code Execution CVE-2024-0980 https://trust.okta.com/security-advisories/okta-verify-windows-auto-update-arbitrary-code-execution-cve-2024-0980/ Google Zero Day Report https://storage.googleapis.com/gweb-uniblog-publish-prod/documents/Year_in_Review_of_ZeroDays.pdf

    Ouvir
  • ISC StormCast for Thursday, March 28th, 2024

    ISC StormCast for Thursday, March 28th, 2024
    28/03/2024 Duração: 05min

    Scans for Apache OfBiz https://isc.sans.edu/diary/Scans%20for%20Apache%20OfBiz/30784 Wall-Escape (CVE-2024-28085) https://people.rit.edu/sjf5462/6831711781/wall_2_27_2024.txt Recent "MFA Bombing" Attacks Targeting Apple Users https://krebsonsecurity.com/2024/03/recent-mfa-bombing-attacks-targeting-apple-users/

    Ouvir
  • ISC StormCast for Wednesday, March 27th, 2024

    ISC StormCast for Wednesday, March 27th, 2024
    27/03/2024 Duração: 05min

    New tool: linux-pkgs.sh https://isc.sans.edu/forums/diary/New%20tool%3A%20linux-pkgs.sh/30774/ Suspicious NuGet package grabs data from industrial systems https://www.reversinglabs.com/blog/suspicious-nuget-package-grabs-data-from-industrial-systems Preventing Cross Service UDP Loops in QUIC https://bughunters.google.com/blog/5960150648750080/preventing-cross-service-udp-loops-in-quic ShadowRay Attacks AI Workloads Actively Exploited in the Wild https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild TheMoon Malware Infects 6,000 ASUS Routers in 72 Hours for Proxy Service https://www.bleepingcomputer.com/news/security/themoon-malware-infects-6-000-asus-routers-in-72-hours-for-proxy-service/

    Ouvir
  • ISC StormCast for Tuesday, March 26th, 2024

    ISC StormCast for Tuesday, March 26th, 2024
    26/03/2024 Duração: 06min

    Tool updates: le-hex-to-ip.py and sigs.py https://isc.sans.edu/diary/Tool%20updates%3A%20le-hex-to-ip.py%20and%20sigs.py/30772 Apple Updates for MacOS, iOS/iPadOS, visionOS; https://isc.sans.edu/diary/Apple%20Updates%20for%20MacOS%2C%20iOS%20iPadOS%20and%20visionOS/30778 Fake Python Infrastructure https://checkmarx.com/blog/over-170k-users-affected-by-attack-using-fake-python-infrastructure/ OpenVPN Update https://openvpn.net/community-downloads/

    Ouvir
  • ISC StormCast for Monday, March 25th, 2024

    ISC StormCast for Monday, March 25th, 2024
    25/03/2024 Duração: 05min

    1768.py's Experimental Mode https://isc.sans.edu/diary/1768.py%27s%20Experimental%20Mode/30770 CISCP Advisory on Application-Layer Loop DoS https://docs.google.com/document/d/1KByZzrdwQhrXGPPCf9tUzERZyRzg0xOpGbWoDURZxTI/edit Fixes for Windows Server LSASS Memory Leak https://www.catalog.update.microsoft.com/Search.aspx?q=2024-03%20Cumulative%20Update

    Ouvir
  • ISC StormCast for Friday, March 22nd, 2024

    ISC StormCast for Friday, March 22nd, 2024
    22/03/2024 Duração: 06min

    Geofeed https://isc.sans.edu/forums/diary/Whois%20%22geofeed%22%20Data/30766/ Apple Updates https://support.apple.com/en-us/HT201222 Apple Bug https://gofetch.fail/ GitHub Copilot AutoFix https://github.blog/2024-03-20-found-means-fixed-introducing-code-scanning-autofix-powered-by-github-copilot-and-codeql/ Fortinet PoC https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/ Ivanti Standalone Sentry https://forums.ivanti.com/s/article/KB-CVE-2023-41724-Remote-Code-Execution-for-Ivanti-Standalone-Sentry?language=en_US

    Ouvir
  • ISC StormCast for Thursday, March 21st, 2024

    ISC StormCast for Thursday, March 21st, 2024
    21/03/2024 Duração: 05min

    Scans for the Fortinet FortiOS CVE-2024-21762 Vulnerability https://isc.sans.edu/diary/Scans%20for%20Fortinet%20FortiOS%20and%20the%20CVE-2024-21762%20vulnerability/30762 Microsoft Reminder: It is Tax Season (at least in the US) https://www.theregister.com/2024/03/20/its_tax_season_and_scammers/ Abusing DHCP Administrators Group for Privilege Escalation in Windows Domains; https://www.akamai.com/blog/security-research/abusing-dhcp-administrators-group-for-privilege-escalation-in-windows-domains

    Ouvir
  • ISC StormCast for Wednesday, March 20th, 2024

    ISC StormCast for Wednesday, March 20th, 2024
    20/03/2024 Duração: 05min

    Attacker Hunting Firewalls https://isc.sans.edu/diary/Attacker%20Hunting%20Firewalls/30758 Fortigate Vulnerability Exploit Available https://github.com/h4x0r-dz/CVE-2024-21762 IC3 Annual Report 2023 https://www.ic3.gov/Media/PDF/AnnualReport/2023_IC3Report.pdf Issues with macOS 14.4 Update https://www.macrumors.com/2024/03/18/do-not-update-macos-sonoma-14-4/

    Ouvir
  • ISC StormCast for Tuesday, March 19th, 2024

    ISC StormCast for Tuesday, March 19th, 2024
    19/03/2024 Duração: 05min

    Microsoft announced deprecation of 1024 bit RSA Keys https://learn.microsoft.com/en-us/windows/whats-new/deprecated-features#deprecated-features Chrome Real-Time Safe Browsing Protection https://blog.google/products/chrome/google-chrome-safe-browsing-real-time/ Fortra FileCatalyst Vulnerability CVE-2024-25153 https://www.fortra.com/security/advisory/fi-2024-002 Spring Security CVE-2024-22257 https://spring.io/security/cve-2024-22257/ TrendNet TWEW-827DRU Router Vulnerability CVE-2024-28353 CVE-2024-28354 https://warp-desk-89d.notion.site/TEW-827DRU-5c40fb20572148f0b00f329d69273791

    Ouvir
  • ISC StormCast for Monday, March 18th, 2024

    ISC StormCast for Monday, March 18th, 2024
    18/03/2024 Duração: 06min

    5GHoul Revisted: Thress Months Later https://isc.sans.edu/diary/5Ghoul%20Revisited%3A%20Three%20Months%20Later/30746 Obfuscated Hexadecimal Payload https://isc.sans.edu/diary/Obfuscated%20Hexadecimal%20Payload/30750 ChatGPT Related OAUTH Issues https://salt.security/blog/security-flaws-within-chatgpt-extensions-allowed-access-to-accounts-on-third-party-websites-and-sensitive-data?utm_source=social&utm_medium=reddit RedCanary Threat Detection Report https://redcanary.com/threat-detection-report/ CRL/OCSP Changes https://github.com/cabforum/servercert/blob/main/docs/BR.md

    Ouvir
  • ISC StormCast for Friday, March 15th, 2024

    ISC StormCast for Friday, March 15th, 2024
    15/03/2024 Duração: 20min

    Increase in the number of phishing messages pointing to IPFS and to R2 buckets https://isc.sans.edu/diary/Increase%20in%20the%20number%20of%20phishing%20messages%20pointing%20to%20IPFS%20and%20to%20R2%20buckets/30744 Fortinet New Vulnerabilities https://www.horizon3.ai/attack-research/attack-blogs/fortiwlm-the-almost-story-for-the-forti-forty/ Fortinet Updates https://www.helpnetsecurity.com/2024/03/14/cve-2023-48788-poc/ Arcserve UDP Vulnerability and PoC https://www.tenable.com/security/research/tra-2024-07 Michael Holcomb: Mode Matters: Monitoring PLCs for Detecting Potential ICS/OT Incidents https://www.sans.edu/cyber-research/mode-matters-monitoring-plcs-for-detecting-potential-ics-ot-incidents/

    Ouvir
  • ISC StormCast for Thursday, March 14th, 2024

    ISC StormCast for Thursday, March 14th, 2024
    14/03/2024 Duração: 05min

    Using ChatGPT to Deofuscate Malicious Scripts https://isc.sans.edu/diary/Using%20ChatGPT%20to%20Deobfuscate%20Malicious%20Scripts/30740 Critical Fortinet Vulnerabilities https://fortiguard.fortinet.com/psirt Adobe Security Bulletins https://helpx.adobe.com/security/security-bulletin.html Kubernetes Local Volumes Command Injection Vulnerability https://www.akamai.com/blog/security-research/kubernetes-local-volumes-command-injection-vulnerability-rce-system-privileges

    Ouvir
  • ISC StormCast for Wednesday, March 13th, 2024

    ISC StormCast for Wednesday, March 13th, 2024
    13/03/2024 Duração: 05min

    Microsoft Patch Tuesday March 2024 https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20-%20March%202024/30736 Death Knell of NVD https://resilientcyber.substack.com/p/death-knell-of-the-nvd Unrestricted file upload vulnerability in ManageEngine Desktop Central https://www.incibe.es/en/incibe-cert/notices/aviso/unrestricted-file-upload-vulnerability-manageengine-desktop-central Siemens Fire Protection System Updates https://cert-portal.siemens.com/productcert/html/ssa-225840.html

    Ouvir
  • ISC StormCast for Tuesday, March 12th, 2024

    ISC StormCast for Tuesday, March 12th, 2024
    12/03/2024 Duração: 06min

    What happens when you accidentially leak your AWS API Keys https://isc.sans.edu/diary/What%20happens%20when%20you%20accidentally%20leak%20your%20AWS%20API%20keys%3F%20%5BGuest%20Diary%5D/30730 How Crypto Imposters are using Calendly to infect Macs with Malware https://cyberguy.com/news/how-crypto-imposters-are-using-calendly-to-infect-macs-with-malware/ https://krebsonsecurity.com/2024/02/calendar-meeting-links-used-to-spread-mac-malware/ Misconfiguration Manager: Overlooked and Overprivileged https://posts.specterops.io/misconfiguration-manager-overlooked-and-overprivileged-70983b8f350d

    Ouvir
  • ISC StormCast for Monday, March 11th, 2024

    ISC StormCast for Monday, March 11th, 2024
    11/03/2024 Duração: 07min

    Attack Wrangles Thousands of Web Users into a Password Cracking Botnet https://arstechnica.com/security/2024/03/attack-wrangles-thousands-of-web-users-into-a-password-cracking-botnet Cisco VPN Client Vuln https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secure-client-crlf-W43V4G7 Fortinet Vulnerability Exploited https://bishopfox.com/blog/cve-2024-21762-vulnerability-scanner-for-fortigate-firewalls pgAdmin Path Traversal https://www.shielder.com/advisories/pgadmin-path-traversal_leads_to_unsafe_deserialization_and_rce/ Font Vulnerabilities https://www.canva.dev/blog/engineering/fonts-are-still-a-helvetica-of-a-problem/ QNAP Flaws https://securityonline.info/cve-2024-21899-cvss-9-8-critical-qnap-flaw-opens-door-to-hackers/

    Ouvir
  • ISC StormCast for Friday, March 8th, 2024

    ISC StormCast for Friday, March 8th, 2024
    08/03/2024 Duração: 05min

    AWS Deploymnet Risks - Configuration and Credential File Targeting https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20AWS%20Deployment%20Risks%20-%20Configuration%20and%20Credential%20File%20Targeting/30722 Apple Updates https://isc.sans.edu/diary/MacOS%20Patches%20%28and%20Safari%2C%20TVOS%2C%20VisionOS%2C%20WatchOS%29/30726 NSA/CISA Secure Cloud Guides https://media.defense.gov/2024/Mar/07/2003407866/-1/-1/0/CSI-CloudTop10-Identity-Access-Management.PDF https://media.defense.gov/2024/Mar/07/2003407858/-1/-1/0/CSI-CloudTop10-Key-Management.PDF https://media.defense.gov/2024/Mar/07/2003407859/-1/-1/0/CSI-CloudTop10-Managed-Service-Providers.PDF https://media.defense.gov/2024/Mar/07/2003407862/-1/-1/0/CSI-CloudTop10-Secure-Data.PDF https://media.defense.gov/2024/Mar/07/2003407861/-1/-1/0/CSI-CloudTop10-Network-Segmentation.PDF

    Ouvir
  • ISC StormCast for Thursday, March 7th, 2024

    ISC StormCast for Thursday, March 7th, 2024
    07/03/2024 Duração: 06min

    Scanning and Abusing the QUIC Protocol https://isc.sans.edu/diary/Scanning%20and%20abusing%20the%20QUIC%20protocol/30720 Google Chrome Update https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html Spinning YARN https://www.cadosecurity.com/spinning-yarn-a-new-linux-malware-campaign-targets-docker-apache-hadoop-redis-and-confluence/ Teamcity Exploited https://twitter.com/leak_ix/status/1765460190621581347

    Ouvir
  • ISC StormCast for Wednesday, March 6th, 2024

    ISC StormCast for Wednesday, March 6th, 2024
    06/03/2024 Duração: 06min

    iOS/iPadOS Updates with Zero Day Fixes https://isc.sans.edu/diary/Apple%20Releases%20iOS%20iPadOS%20Updates%20with%20Zero%20Day%20Fixes./30716 Why Your Firewall Will Kill You https://isc.sans.edu/diary/Why+Your+Firewall+Will+Kill+You/30714/ QEMU Tunnel https://securelist.com/network-tunneling-with-qemu/111803/ VMware Vulnerabilities Patched https://www.vmware.com/security/advisories/VMSA-2024-0006.html

    Ouvir
  • ISC StormCast for Tuesday, March 5th, 2024

    ISC StormCast for Tuesday, March 5th, 2024
    05/03/2024 Duração: 05min

    Capturing DShield Packets with a LAN Tap https://isc.sans.edu/diary/Capturing%20DShield%20Packets%20with%20a%20LAN%20Tap%20%5BGuest%20Diary%5D/30708 Additional Critical Security Issues Affecting Teamcity https://blog.jetbrains.com/teamcity/2024/03/additional-critical-security-issues-affecting-teamcity-on-premises-cve-2024-27198-and-cve-2024-27199-update-to-2023-11-4-now/ GitHub Push Protection Now On By Default https://github.blog/2024-02-29-keeping-secrets-out-of-public-repositories/ Android Updates https://source.android.com/docs/security/bulletin/2024-03-01 Linksys E-2000 Vulnerablity https://warp-desk-89d.notion.site/Linksys-E-2000-efcd532d8dcf4710a4af13fca131a5b8

    Ouvir
  • ISC StormCast for Monday, March 4th, 2024

    ISC StormCast for Monday, March 4th, 2024
    04/03/2024 Duração: 05min

    Scanning for Confluence CVE-2022-26134 https://isc.sans.edu/diary/Scanning%20for%20Confluence%20CVE-2022-26134/30704 Exploiting CSP Wildcards for Google Domains https://attackshipsonfi.re/p/exploiting-csp-wildcards-for-google Silver SAML: Golden SAML in the Cloud https://www.semperis.com/blog/meet-silver-saml/

    Ouvir
página 2 de 98

Títulos relacionados