Look for any podcast host, guest or anyone
Showing episodes and shows of

Johannes Ullrich

Shows

SANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Wednesday, October 9th, 2024Microsoft Patch Tuesday - October 2024https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20-%20October%202024/31336 Adobe Patcheshttps://helpx.adobe.com/security/security-bulletin.html The Disappearance of an Internet Domainhttps://every.to/p/the-disappearance-of-an-internet-domain2024-10-0906 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Tuesday, October 8th, 2024macOS Sequoia: System/Network Admins, Hold On!https://isc.sans.edu/diary/macOS%20Sequoia%3A%20System%20Network%20Admins%2C%20Hold%20On!/31330 Cisco Vulnerabilitieshttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv34x-privesc-rce-qE33TCms Apple iTunes PoChttps://github.com/mbog14/CVE-2024-44193 Attackers used ISP's Wiretap System to Spy on Usershttps://www.wsj.com/politics/national-security/china-cyberattack-internet-providers-260bd835https://www.bleepingcomputer.com/news/security/atandt-verizon-reportedly-hacked-to-target-us-govt-wiretapping-platform/2024-10-0805 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Monday, October 7th, 2024Survey of CUPS exploit URLshttps://isc.sans.edu/diary/Survey%20of%20CUPS%20exploit%20attempts/31326 Exposed LDAP Servershttps://www.usenix.org/conference/usenixsecurity24/presentation/kaspereit Exploiting Visual Studio via Dump Fileshttps://ynwarcs.github.io/exploiting-vs-dump-files Apple Security Updateshttps://support.apple.com/en-us/100100 Free API Security Workshophttps://www.sans.org/webcasts/aviata-solo-flight-challenge-cloud-security-workshop-chapter-7/2024-10-0705 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Friday, October 4th, 2024Kickstart Your DShield Honeypothttps://isc.sans.edu/diary/Kickstart%20Your%20DShield%20Honeypot%20%5BGuest%20Diary%5D/31320 CreanaKeeper Use of Cloud Serviceshttps://www.welivesecurity.com/en/eset-research/separating-bee-panda-ceranakeeper-making-beeline-thailand/ Pixel Addressing Vulnerabilities in Cellular Modemshttps://security.googleblog.com/2024/10/pixel-proactive-security-cellular-modems.html Optigo Spectra Vulnerabilitieshttps://claroty.com/team82/disclosure-dashboard/cve-2024-41925https://claroty.com/team82/disclosure-dashboard/cve-2024-453672024-10-0405 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Thursday, October 3rd, 2024Security Related Docker Containershttps://isc.sans.edu/diary/Security%20related%20Docker%20containers/31318 CUPS DDoS Attackhttps://www.akamai.com/blog/security-research/october-cups-ddos-threat Draytek Vulnerabilitieshttps://www.forescout.com/resources/draybreak-draytek-research/ SANS Munich (free Community Night Tuesday October 15th)https://www.sans.org/cyber-security-training-events/munich-october-2024/2024-10-0306 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Wednesday, October 2nd, 2024Hurricane Helene Aftermath - Cyber Security Awareness Monthhttps://isc.sans.edu/diary/Hurricane%20Helene%20Aftermath%20-%20Cyber%20Security%20Awareness%20Month/31314 Zimbra - Remote Command Execution (CVE-2024-45519)https://blog.projectdiscovery.io/zimbra-remote-code-execution/ Enhancing the security of Microsoft Edge extensions with the new Publish APIhttps://blogs.windows.com/msedgedev/2024/09/30/enhanced-security-for-extensions-with-new-publish-api/ CVE-2024-36435 Deep-Dive: The Year s Most Critical BMC Security Flawhttps://www.binarly.io/blog/cve-2024-36435-deep-dive-the-years-most-critical-bmc-security-flaw2024-10-0205 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Tuesday, October 1st, 2024Tool Update: mac-robber.py, le-hex-to-ip.pyhttps://isc.sans.edu/diary/Tool%20update%3A%20mac-robber.py%20and%20le-hex-to-ip.py/31310 Ransomware Attacks Expanding to Hybrid Cloud Environmentshttps://www.microsoft.com/en-us/security/blog/2024/09/26/storm-0501-ransomware-attacks-expanding-to-hybrid-cloud-environments/ Update on Recall Security and Privacy Architecturehttps://blogs.windows.com/windowsexperience/2024/09/27/update-on-recall-security-and-privacy-architecture/ Detecting Ransomware in Windows Event Logshttps://blogs.jpcert.or.jp/en/2024/09/windows.html Progress WhatsUp Gold Updatehttps://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-September-2024?popup=true&overview Singapore Classhttps://jbu.me/singapore2024-10-0106 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Monday, September 30th, 2024CUPS Vulnerabilityhttps://isc.sans.edu/diary/Patch%20for%20Critical%20CUPS%20vulnerability%3A%20Don%27t%20Panic/31302 PHP Updateshttps://www.php.net/ChangeLog-8.php#8.1.30 DNS And Big Chinese Firewallhttps://www.assetnote.io/resources/research/insecurity-through-censorship-vulnerabilities-caused-by-the-great-firewallhttps://isc.sans.edu/diary/Are+You+Piratebay+thepiratebayorg+Resolving+to+Various+Hosts/19175 HPE Aruba Networking Vulnerabilitieshttps://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04712en_us&docLocale=en_US2024-09-3007 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Friday, September 27th, 2024Patch for Critical CUPS vulnerability: Don't Panichttps://isc.sans.edu/diary/Patch%20for%20Critical%20CUPS%20vulnerability%3A%20Don%27t%20Panic/313022024-09-2706 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Friday, September 27th, 2024Patch for Critical CUPS vulnerability: Don't Panichttps://isc.sans.edu/diary/Patch%20for%20Critical%20CUPS%20vulnerability%3A%20Don%27t%20Panic/313022024-09-2706 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Thursday, September 26th, 2024DNS Reflection Update and Corrupted DNS Requestshttps://isc.sans.edu/diary/DNS%20Reflection%20Update%20and%20Odd%20Corrupted%20DNS%20Requests/31296 CVE-2024-28987 Solarwinds Web Help Desk Hardcoded Credentials Vulnerabilityhttps://www.horizon3.ai/attack-research/cve-2024-28987-solarwinds-web-help-desk-hardcoded-credential-vulnerability-deep-dive/ cve-2024-28987 Watchguard Unauthenticated and Unencrypted SSO Protocolhttps://www.redteam-pentesting.de/en/advisories/rt-sa-2024-006/https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00014 Infostealers Overcome Chrome's App Bound Encryptionhttps://securityonline.info/infostealers-overcome-chromes-app-bound-encryption-threatening-user-data-security/2024-09-2607 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Thursday, September 26th, 2024DNS Reflection Update and Corrupted DNS Requestshttps://isc.sans.edu/diary/DNS%20Reflection%20Update%20and%20Odd%20Corrupted%20DNS%20Requests/31296 CVE-2024-28987 Solarwinds Web Help Desk Hardcoded Credentials Vulnerabilityhttps://www.horizon3.ai/attack-research/cve-2024-28987-solarwinds-web-help-desk-hardcoded-credential-vulnerability-deep-dive/ cve-2024-28987 Watchguard Unauthenticated and Unencrypted SSO Protocolhttps://www.redteam-pentesting.de/en/advisories/rt-sa-2024-006/https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00014 Infostealers Overcome Chrome's App Bound Encryptionhttps://securityonline.info/infostealers-overcome-chromes-app-bound-encryption-threatening-user-data-security/2024-09-2607 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Wednesday, September 25th, 2024Exploitation of RAISECOM Gateway Devices CVE-2024-7120https://isc.sans.edu/diary/Exploitation%20of%20RAISECOM%20Gateway%20Devices%20Vulnerability%20CVE-2024-7120/31292 Cellopoint Vulnerability CVE-2024-9043https://www.twcert.org.tw/en/cp-139-8103-b0568-2.html Cisco Smart Licensing Vulnerability Detailshttps://starkeblog.com/cve-wednesday/cisco/2024/09/20/cve-wednesday-cve-2024-20439.html Ivanti Virtual Traffic Manager Exploitedhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog GNU Linux Systems Possible Critical Vulnerabilityhttps://securityonline.info/severe-unauthenticated-rce-flaw-cvss-9-9-in-gnu-linux-systems-awaiting-full-disclosure/2024-09-2505 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Wednesday, September 25th, 2024Exploitation of RAISECOM Gateway Devices CVE-2024-7120https://isc.sans.edu/diary/Exploitation%20of%20RAISECOM%20Gateway%20Devices%20Vulnerability%20CVE-2024-7120/31292 Cellopoint Vulnerability CVE-2024-9043https://www.twcert.org.tw/en/cp-139-8103-b0568-2.html Cisco Smart Licensing Vulnerability Detailshttps://starkeblog.com/cve-wednesday/cisco/2024/09/20/cve-wednesday-cve-2024-20439.html Ivanti Virtual Traffic Manager Exploitedhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog GNU Linux Systems Possible Critical Vulnerabilityhttps://securityonline.info/severe-unauthenticated-rce-flaw-cvss-9-9-in-gnu-linux-systems-awaiting-full-disclosure/2024-09-2505 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Tuesday, September 24th, 2024Phishing Links With @ Signhttps://isc.sans.edu/diary/Phishing%20links%20with%20%40%20sign%20and%20the%20need%20for%20effective%20security%20awareness%20building/31288 Kaspersky Deletes Itself Installs UltraAV Antivirus Without Warninghttps://www.bleepingcomputer.com/news/security/kaspersky-deletes-itself-installs-ultraav-antivirus-without-warning/ Microchip ASF tinydhcp Vulnerabilityhttps://kb.cert.org/vuls/id/1380432024-09-2405 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Tuesday, September 24th, 2024Phishing Links With @ Signhttps://isc.sans.edu/diary/Phishing%20links%20with%20%40%20sign%20and%20the%20need%20for%20effective%20security%20awareness%20building/31288 Kaspersky Deletes Itself Installs UltraAV Antivirus Without Warninghttps://www.bleepingcomputer.com/news/security/kaspersky-deletes-itself-installs-ultraav-antivirus-without-warning/ Microchip ASF tinydhcp Vulnerabilityhttps://kb.cert.org/vuls/id/1380432024-09-2405 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Monday, September 23rd, 2024Windows Server Update Services Deprecationhttps://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-server-update-services-wsus-deprecation/ba-p/4250436 Windows Server 2025 Hotpatcheshttps://techcommunity.microsoft.com/t5/windows-server-news-and-best/now-in-preview-hotpatch-for-windows-server-2025/ba-p/4248296 Google Suggests Not Using WHOIS for Certificate Validationhttps://lists.cabforum.org/pipermail/servercert-wg/2024-September/004821.html Versa Director Vulnerabilityhttps://security-portal.versa-networks.com/emailbulletins/66e4a8ebda545d61ec2b1ab9 Apache Hugegraph Vulnerability Exploitedhttps://nvd.nist.gov/vuln/detail/CVE-2024-273482024-09-2305 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Monday, September 23rd, 2024Windows Server Update Services Deprecationhttps://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-server-update-services-wsus-deprecation/ba-p/4250436 Windows Server 2025 Hotpatcheshttps://techcommunity.microsoft.com/t5/windows-server-news-and-best/now-in-preview-hotpatch-for-windows-server-2025/ba-p/4248296 Google Suggests Not Using WHOIS for Certificate Validationhttps://lists.cabforum.org/pipermail/servercert-wg/2024-September/004821.html Versa Director Vulnerabilityhttps://security-portal.versa-networks.com/emailbulletins/66e4a8ebda545d61ec2b1ab9 Apache Hugegraph Vulnerability Exploitedhttps://nvd.nist.gov/vuln/detail/CVE-2024-273482024-09-2305 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Friday, September 20th, 2024Fake GitHub Site Targeting Developershttps://isc.sans.edu/diary/Fake%20GitHub%20Site%20Targeting%20Developers/31282 Ivanti CSA 4.6 Advisoryhttps://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-4-6-Cloud-Services-Appliance-CVE-2024-8963?language=en_US German Police Deanonymizes Tor Userhttps://blog.torproject.org/tor-is-still-safe/ Ever wonder how crooks get the credentials to unlock stolen phones?https://arstechnica.com/security/2024/09/cops-bust-website-crooks-used-to-unlock-1-2-million-stolen-mobile-phones/2024-09-2007 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Friday, September 20th, 2024Fake GitHub Site Targeting Developershttps://isc.sans.edu/diary/Fake%20GitHub%20Site%20Targeting%20Developers/31282 Ivanti CSA 4.6 Advisoryhttps://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-4-6-Cloud-Services-Appliance-CVE-2024-8963?language=en_US German Police Deanonymizes Tor Userhttps://blog.torproject.org/tor-is-still-safe/ Ever wonder how crooks get the credentials to unlock stolen phones?https://arstechnica.com/security/2024/09/cops-bust-website-crooks-used-to-unlock-1-2-million-stolen-mobile-phones/2024-09-2007 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Thursday, September 19th, 2024Python Infostealer Patching Windows Exodus Apphttps://isc.sans.edu/diary/Python%20Infostealer%20Patching%20Windows%20Exodus%20App/31276 Service Now Knoledge Bases Data Exposureshttps://appomni.com/ao-labs/servicenow-knowledge-bases-data-exposures-uncovered/ Gitlab Patchhttps://about.gitlab.com/releases/2024/09/17/patch-release-gitlab-17-3-3-released/ Aruba Patchhttps://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04709en_us&docLocale=en_US2024-09-1904 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Thursday, September 19th, 2024Python Infostealer Patching Windows Exodus Apphttps://isc.sans.edu/diary/Python%20Infostealer%20Patching%20Windows%20Exodus%20App/31276 Service Now Knoledge Bases Data Exposureshttps://appomni.com/ao-labs/servicenow-knowledge-bases-data-exposures-uncovered/ Gitlab Patchhttps://about.gitlab.com/releases/2024/09/17/patch-release-gitlab-17-3-3-released/ Aruba Patchhttps://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04709en_us&docLocale=en_US2024-09-1904 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Wednesday, September 18th, 202423:59, Time to Exfiltrate!https://isc.sans.edu/diary/23%3A59%2C%20Time%20to%20Exfiltrate!/31272 Critical VMWare VCenter Vulnerabilityhttps://blogs.vmware.com/cloud-foundation/2024/09/17/vmsa-2024-0019-questions-answers/ Zero-Click Calendar invite - Critical zero-click vulnerability chain in macOShttps://mikko-kenttala.medium.com/zero-click-calendar-invite-critical-zero-click-vulnerability-chain-in-macos-a7a434fc887b Google Adds Latest Post Quantum Encryption Standard to Chromehttps://security.googleblog.com/2024/09/a-new-path-for-kyber-on-web.html2024-09-1805 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Wednesday, September 18th, 202423:59, Time to Exfiltrate!https://isc.sans.edu/diary/23%3A59%2C%20Time%20to%20Exfiltrate!/31272 Critical VMWare VCenter Vulnerabilityhttps://blogs.vmware.com/cloud-foundation/2024/09/17/vmsa-2024-0019-questions-answers/ Zero-Click Calendar invite - Critical zero-click vulnerability chain in macOShttps://mikko-kenttala.medium.com/zero-click-calendar-invite-critical-zero-click-vulnerability-chain-in-macos-a7a434fc887b Google Adds Latest Post Quantum Encryption Standard to Chromehttps://security.googleblog.com/2024/09/a-new-path-for-kyber-on-web.html2024-09-1805 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Tuesday, September 17th, 2024Managing PE Files with Overlayshttps://isc.sans.edu/forums/diary/Managing%20PE%20Files%20With%20Overlays/31268/ Apple Updateshttps://support.apple.com/en-us/100100 Ivanti EOL Cloud Service Applianceshttps://www.cisa.gov/news-events/alerts/2024/09/13/ivanti-releases-security-update-cloud-services-appliance Microsoft Revises September Updatehttps://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-43461 DLink Vulnerabilitieshttps://www.twcert.org.tw/en/cp-139-8081-3fb39-2.htmlhttps://www.twcert.org.tw/en/cp-139-8091-bcd52-2.htmlhttps://www.twcert.org.tw/en/cp-139-8089-32df6-2.html2024-09-1705 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Tuesday, September 17th, 2024Managing PE Files with Overlayshttps://isc.sans.edu/forums/diary/Managing%20PE%20Files%20With%20Overlays/31268/ Apple Updateshttps://support.apple.com/en-us/100100 Ivanti EOL Cloud Service Applianceshttps://www.cisa.gov/news-events/alerts/2024/09/13/ivanti-releases-security-update-cloud-services-appliance Microsoft Revises September Updatehttps://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-43461 DLink Vulnerabilitieshttps://www.twcert.org.tw/en/cp-139-8081-3fb39-2.htmlhttps://www.twcert.org.tw/en/cp-139-8091-bcd52-2.htmlhttps://www.twcert.org.tw/en/cp-139-8089-32df6-2.html2024-09-1705 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Monday, September 16th, 2024Finding Honeypot Clusters Using DBSCANhttps://isc.sans.edu/diary/Finding%20Honeypot%20Data%20Clusters%20Using%20DBSCAN%3A%20Part%202/31194 Auto IT Credential Flusherhttps://research.openanalysis.net/credflusher/kiosk/stealer/stealc/amadey/autoit/2024/09/11/cred-flusher.html Ivanti Patcheshttps://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Service-Appliance-CSA-CVE-2024-8190?language=en_UShttps://www.horizon3.ai/attack-research/attack-blogs/cve-2024-29847-deep-dive-ivanti-endpoint-manager-agentportal-deserialization-of-untrusted-data-remote-code-execution-vulnerability/ File Sender Vulnerabilityhttps://filesender.org/vulnerability-in-filesender-versions-below-2-49-and-3-x-beta/ Docker Patcheshttps://docs.docker.com/desktop/release-notes/#43422024-09-1606 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Monday, September 16th, 2024Finding Honeypot Clusters Using DBSCANhttps://isc.sans.edu/diary/Finding%20Honeypot%20Data%20Clusters%20Using%20DBSCAN%3A%20Part%202/31194 Auto IT Credential Flusherhttps://research.openanalysis.net/credflusher/kiosk/stealer/stealc/amadey/autoit/2024/09/11/cred-flusher.html Ivanti Patcheshttps://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Service-Appliance-CSA-CVE-2024-8190?language=en_UShttps://www.horizon3.ai/attack-research/attack-blogs/cve-2024-29847-deep-dive-ivanti-endpoint-manager-agentportal-deserialization-of-untrusted-data-remote-code-execution-vulnerability/ File Sender Vulnerabilityhttps://filesender.org/vulnerability-in-filesender-versions-below-2-49-and-3-x-beta/ Docker Patcheshttps://docs.docker.com/desktop/release-notes/#43422024-09-1606 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Friday, September 13th, 2024Compromise of old hostname .mobi whois serverhttps://labs.watchtowr.com/we-spent-20-to-achieve-rce-and-accidentally-became-the-admins-of-mobi/ Microsoft Reconsidering Security Tool APIhttps://blogs.windows.com/windowsexperience/2024/09/12/taking-steps-that-drive-resiliency-and-security-for-windows-customers/ Microsoft implents PQC in SymCrypthttps://techcommunity.microsoft.com/t5/security-compliance-and-identity/microsoft-s-quantum-resistant-cryptography-is-here/ba-p/4238780 GitLab Patchhttps://about.gitlab.com/releases/2024/09/11/patch-release-gitlab-17-3-2-released/#execute-environment-stop-actions-as-the-owner-of-the-stop-action-job2024-09-1305 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Friday, September 13th, 2024Compromise of old hostname .mobi whois serverhttps://labs.watchtowr.com/we-spent-20-to-achieve-rce-and-accidentally-became-the-admins-of-mobi/ Microsoft Reconsidering Security Tool APIhttps://blogs.windows.com/windowsexperience/2024/09/12/taking-steps-that-drive-resiliency-and-security-for-windows-customers/ Microsoft implents PQC in SymCrypthttps://techcommunity.microsoft.com/t5/security-compliance-and-identity/microsoft-s-quantum-resistant-cryptography-is-here/ba-p/4238780 GitLab Patchhttps://about.gitlab.com/releases/2024/09/11/patch-release-gitlab-17-3-2-released/#execute-environment-stop-actions-as-the-owner-of-the-stop-action-job2024-09-1305 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Wednesday, September 11th, 2024Microsoft Patcheshttps://isc.sans.edu/diary/Microsoft%20September%202024%20Patch%20Tuesday/31254 Adobe Patcheshttps://helpx.adobe.com/security/security-bulletin.html Ivanti Patcheshttps://forums.ivanti.com/s/article/Security-Advisory-EPM-September-2024-for-EPM-2024-and-EPM-2022?language=en_US2024-09-1106 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Wednesday, September 11th, 2024Microsoft Patcheshttps://isc.sans.edu/diary/Microsoft%20September%202024%20Patch%20Tuesday/31254 Adobe Patcheshttps://helpx.adobe.com/security/security-bulletin.html Ivanti Patcheshttps://forums.ivanti.com/s/article/Security-Advisory-EPM-September-2024-for-EPM-2024-and-EPM-2022?language=en_US2024-09-1106 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Tuesday, September 10th, 2024Critical Loadmaster Security Vulnerabilityhttps://support.kemptechnologies.com/hc/en-us/articles/29196371689613-LoadMaster-Security-Vulnerability-CVE-2024-7591 HA Proxy Patchhttps://www.mail-archive.com/haproxy%40formilux.org/msg45280.html Akira Ransomware Campaign Targeting Sonicwall SSLVPN Accountshttps://arcticwolf.com/resources/blog/arctic-wolf-observes-akira-ransomware-campaign-targeting-sonicwall-sslvpn-accounts/ Kibana Deserializatio Vulnerabilityhttps://discuss.elastic.co/t/kibana-8-15-1-security-update-esa-2024-27-esa-2024-28/366119 Stately Taurus Abuses VSCodehttps://unit42.paloaltonetworks.com/stately-taurus-abuses-vscode-southeast-asian-espionage/2024-09-1004 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Tuesday, September 10th, 2024Critical Loadmaster Security Vulnerabilityhttps://support.kemptechnologies.com/hc/en-us/articles/29196371689613-LoadMaster-Security-Vulnerability-CVE-2024-7591 HA Proxy Patchhttps://www.mail-archive.com/haproxy%40formilux.org/msg45280.html Akira Ransomware Campaign Targeting Sonicwall SSLVPN Accountshttps://arcticwolf.com/resources/blog/arctic-wolf-observes-akira-ransomware-campaign-targeting-sonicwall-sslvpn-accounts/ Kibana Deserializatio Vulnerabilityhttps://discuss.elastic.co/t/kibana-8-15-1-security-update-esa-2024-27-esa-2024-28/366119 Stately Taurus Abuses VSCodehttps://unit42.paloaltonetworks.com/stately-taurus-abuses-vscode-southeast-asian-espionage/2024-09-1004 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Monday, September 9th, 2024Password Cracking Energy: More Detailshttps://isc.sans.edu/diary/Password%20Cracking%20%26%20Energy%3A%20More%20Dedails/31242 Python Notpad ++https://isc.sans.edu/diary/Python%20%26%20Notepad%2B%2B/31240 Fake LinkedIn Job Adshttps://cloud.google.com/blog/topics/threat-intelligence/examining-web3-heists/ Android Crypto Passphrase Stealer with OCRhttps://www.mcafee.com/blogs/other-blogs/mcafee-labs/new-android-spyagent-campaign-steals-crypto-credentials-via-image-recognition/ Sextortion Scam Now use Your Chating Spouses Name as a Lurehttps://www.bleepingcomputer.com/news/security/sextortion-scam-now-use-your-cheating-spouses-name-as-a-lure/2024-09-0906 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Monday, September 9th, 2024Password Cracking Energy: More Detailshttps://isc.sans.edu/diary/Password%20Cracking%20%26%20Energy%3A%20More%20Dedails/31242 Python Notpad ++https://isc.sans.edu/diary/Python%20%26%20Notepad%2B%2B/31240 Fake LinkedIn Job Adshttps://cloud.google.com/blog/topics/threat-intelligence/examining-web3-heists/ Android Crypto Passphrase Stealer with OCRhttps://www.mcafee.com/blogs/other-blogs/mcafee-labs/new-android-spyagent-campaign-steals-crypto-credentials-via-image-recognition/ Sextortion Scam Now use Your Chating Spouses Name as a Lurehttps://www.bleepingcomputer.com/news/security/sextortion-scam-now-use-your-cheating-spouses-name-as-a-lure/2024-09-0906 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Friday, September 6th, 2024Enrichment Data: Keeping it Freshhttps://isc.sans.edu/diary/Enrichment%20Data%3A%20Keeping%20it%20Fresh/31236 Veeam Updatehttps://www.veeam.com/kb4649 New OFBiz Vulnerabilitieshttps://www.rapid7.com/blog/post/2024/09/05/cve-2024-45195-apache-ofbiz-unauthenticated-remote-code-execution-fixed/ Cisco Smart License Manager Patcheshttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw2024-09-0606 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Friday, September 6th, 2024Enrichment Data: Keeping it Freshhttps://isc.sans.edu/diary/Enrichment%20Data%3A%20Keeping%20it%20Fresh/31236 Veeam Updatehttps://www.veeam.com/kb4649 New OFBiz Vulnerabilitieshttps://www.rapid7.com/blog/post/2024/09/05/cve-2024-45195-apache-ofbiz-unauthenticated-remote-code-execution-fixed/ Cisco Smart License Manager Patcheshttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw2024-09-0606 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Thursday, September 5th, 2024Scans for Moodle Learning Platform Following Recent Updatehttps://isc.sans.edu/diary/Scans+for+Moodle+Learning+Platform+Following+Recent+Update/31230 PyPi Rivival HiJackhttps://jfrog.com/blog/revival-hijack-pypi-hijack-technique-exploited-22k-packages-at-risk/ Android Updateshttps://source.android.com/docs/security/bulletin/2024-09-01 Mediatec WAPPD PoC Exploithttps://blog.coffinsec.com/0day/2024/08/30/exploiting-CVE-2024-20017-four-different-ways.html#wrapping-up2024-09-0506 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Thursday, September 5th, 2024Scans for Moodle Learning Platform Following Recent Updatehttps://isc.sans.edu/diary/Scans+for+Moodle+Learning+Platform+Following+Recent+Update/31230 PyPi Rivival HiJackhttps://jfrog.com/blog/revival-hijack-pypi-hijack-technique-exploited-22k-packages-at-risk/ Android Updateshttps://source.android.com/docs/security/bulletin/2024-09-01 Mediatec WAPPD PoC Exploithttps://blog.coffinsec.com/0day/2024/08/30/exploiting-CVE-2024-20017-four-different-ways.html#wrapping-up2024-09-0506 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Wednesday, September 4th, 2024Protected OOXML Text Documentshttps://isc.sans.edu/diary/Protected%20OOXML%20Text%20Documents/31078 Sextortion E-Mails with Photoshttps://krebsonsecurity.com/2024/09/sextortion-scams-now-include-photos-of-your-home/ Zyxel OS Command Injection Vulnerabilityhttps://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-os-command-injection-vulnerability-in-aps-and-security-router-devices-09-03-2024 D-Link DIR-846W Unpatched RCE Vulnerabilities https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10411 VMWare Priviledge Escalation Vulnerability CVe-2024-38811https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24939 YubiKey Sidechannel Attackhttps://ninjalab.io/wp-content/uploads/2024/09/20240903_eucleak.pdfhttps://www.yubico.com/support/security-advisories/ysa-2024-03/2024-09-0406 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Wednesday, September 4th, 2024Protected OOXML Text Documentshttps://isc.sans.edu/diary/Protected%20OOXML%20Text%20Documents/31078 Sextortion E-Mails with Photoshttps://krebsonsecurity.com/2024/09/sextortion-scams-now-include-photos-of-your-home/ Zyxel OS Command Injection Vulnerabilityhttps://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-os-command-injection-vulnerability-in-aps-and-security-router-devices-09-03-2024 D-Link DIR-846W Unpatched RCE Vulnerabilities https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10411 VMWare Priviledge Escalation Vulnerability CVe-2024-38811https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24939 YubiKey Sidechannel Attackhttps://ninjalab.io/wp-content/uploads/2024/09/20240903_eucleak.pdfhttps://www.yubico.com/support/security-advisories/ysa-2024-03/2024-09-0406 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Tuesday, September 3rd, 2024Wireshark 4.4: Converting Display Filters to BPF Capture Filtershttps://isc.sans.edu/diary/Wireshark+44+Converting+Display+Filters+to+BPF+Capture+Filters/31224 GitHub Comments Used to Spread Malwarehttps://www.reddit.com/r/Malware/comments/1f2n1h4/comment/lkbi5gi/ Voldemort Malware Curses Orgs Using Global Tax Authoritieshttps://www.darkreading.com/threat-intelligence/voldemort-malware-curses-orgs-global-tax-authorities Analysis of CVE-2024-43044 From file read to RCE in Jenkins through agentshttps://blog.convisoappsec.com/en/analysis-of-cve-2024-43044/2024-09-0305 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Tuesday, September 3rd, 2024Wireshark 4.4: Converting Display Filters to BPF Capture Filtershttps://isc.sans.edu/diary/Wireshark+44+Converting+Display+Filters+to+BPF+Capture+Filters/31224 GitHub Comments Used to Spread Malwarehttps://www.reddit.com/r/Malware/comments/1f2n1h4/comment/lkbi5gi/ Voldemort Malware Curses Orgs Using Global Tax Authoritieshttps://www.darkreading.com/threat-intelligence/voldemort-malware-curses-orgs-global-tax-authorities Analysis of CVE-2024-43044 From file read to RCE in Jenkins through agentshttps://blog.convisoappsec.com/en/analysis-of-cve-2024-43044/2024-09-0305 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Friday, August 30th, 2024Live Patching DLLs with Pythonhttps://isc.sans.edu/diary/Live%20Patching%20DLLs%20with%20Python/31218 Global Protect Phishinghttps://www.trendmicro.com/en_us/research/24/h/threat-actors-target-middle-east-using-fake-tool.html BlackByte Ransomware Updatehttps://blog.talosintelligence.com/blackbyte-blends-tried-and-true-tradecraft-with-newly-disclosed-vulnerabilities-to-support-ongoing-attacks/ The Risks Lurking in Publicly Exposed GenAI Development Serviceshttps://www.legitsecurity.com/blog/the-risks-lurking-in-publicly-exposed-genai-development-services Finding Lateral Movement of Adversaries Through the Noise of Systems Administrationhttps://www.sans.edu/cyber-research/finding-lateral-movement-adversaries-through-noise-systems-administration/ YouTube Channel: https://www.youtube.com/c/CyberAttackDefense2024-08-3014 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Friday, August 30th, 2024Live Patching DLLs with Pythonhttps://isc.sans.edu/diary/Live%20Patching%20DLLs%20with%20Python/31218 Global Protect Phishinghttps://www.trendmicro.com/en_us/research/24/h/threat-actors-target-middle-east-using-fake-tool.html BlackByte Ransomware Updatehttps://blog.talosintelligence.com/blackbyte-blends-tried-and-true-tradecraft-with-newly-disclosed-vulnerabilities-to-support-ongoing-attacks/ The Risks Lurking in Publicly Exposed GenAI Development Serviceshttps://www.legitsecurity.com/blog/the-risks-lurking-in-publicly-exposed-genai-development-services Finding Lateral Movement of Adversaries Through the Noise of Systems Administrationhttps://www.sans.edu/cyber-research/finding-lateral-movement-adversaries-through-noise-systems-administration/ YouTube Channel: https://www.youtube.com/c/CyberAttackDefense2024-08-3014 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Thursday, August 29th, 2024Vega-Lite With Kibana To Parse and Display IP Activity Over Timehttps://isc.sans.edu/diary/Vega-Lite%20with%20Kibana%20to%20Parse%20and%20Display%20IP%20Activity%20over%20Time/31210 Attack tool update impairs Windows computershttps://news.sophos.com/en-us/2024/08/27/burnt-cigar-2/ Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizationshttps://www.cisa.gov/news-events/cybersecurity-advisories/aa24-241a Confluence Vulnerabilty Exploited for Crypto Minershttps://www.trendmicro.com/en_us/research/24/h/cve-2023-22527-cryptomining.html Fortra FileCatalyst Workflow Hard Coded HSQLDB Credentialshttps://www.fortra.com/security/advisories/product-security/fi-2024-0112024-08-2905 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Thursday, August 29th, 2024Vega-Lite With Kibana To Parse and Display IP Activity Over Timehttps://isc.sans.edu/diary/Vega-Lite%20with%20Kibana%20to%20Parse%20and%20Display%20IP%20Activity%20over%20Time/31210 Attack tool update impairs Windows computershttps://news.sophos.com/en-us/2024/08/27/burnt-cigar-2/ Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizationshttps://www.cisa.gov/news-events/cybersecurity-advisories/aa24-241a Confluence Vulnerabilty Exploited for Crypto Minershttps://www.trendmicro.com/en_us/research/24/h/cve-2023-22527-cryptomining.html Fortra FileCatalyst Workflow Hard Coded HSQLDB Credentialshttps://www.fortra.com/security/advisories/product-security/fi-2024-0112024-08-2905 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Wednesday, August 28th, 2024Why is Python so Popular to Infect Windows Hostshttps://isc.sans.edu/diary/Why%20Is%20Python%20so%20Popular%20to%20Infect%20Windows%20Hosts%3F/31208 OFBiz Vulnerability Updatehttps://www.cisa.gov/known-exploited-vulnerabilities-cataloghttps://nvd.nist.gov/vuln/detail/CVE-2024-38856 Versa Directory Vulnerability Exploitedhttps://versa-networks.com/blog/versa-security-bulletin-update-on-cve-2024-39717-versa-director-dangerous-file-type-upload-vulnerability/ Google Chrome Vulnerability Exploitedhttps://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html SGX Key Leakhttps://x.com/_markel___/status/18281124690105963472024-08-2806 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Wednesday, August 28th, 2024Why is Python so Popular to Infect Windows Hostshttps://isc.sans.edu/diary/Why%20Is%20Python%20so%20Popular%20to%20Infect%20Windows%20Hosts%3F/31208 OFBiz Vulnerability Updatehttps://www.cisa.gov/known-exploited-vulnerabilities-cataloghttps://nvd.nist.gov/vuln/detail/CVE-2024-38856 Versa Directory Vulnerability Exploitedhttps://versa-networks.com/blog/versa-security-bulletin-update-on-cve-2024-39717-versa-director-dangerous-file-type-upload-vulnerability/ Google Chrome Vulnerability Exploitedhttps://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html SGX Key Leakhttps://x.com/_markel___/status/18281124690105963472024-08-2806 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Tuesday, August 27th, 2024From Highly Obfuscated Batch File to XWorm and Redlinehttps://isc.sans.edu/diary/From%20Highly%20Obfuscated%20Batch%20File%20to%20XWorm%20and%20Redline/31204 CVE-2024-38063 Windows IPv6 Issue PoC Exploithttps://github.com/ynwarcs/CVE-2024-38063 Not a vulnerabilityhttps://github.com/juwenyi/CVE-2024-429922024-08-2705 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Tuesday, August 27th, 2024From Highly Obfuscated Batch File to XWorm and Redlinehttps://isc.sans.edu/diary/From%20Highly%20Obfuscated%20Batch%20File%20to%20XWorm%20and%20Redline/31204 CVE-2024-38063 Windows IPv6 Issue PoC Exploithttps://github.com/ynwarcs/CVE-2024-38063 Not a vulnerabilityhttps://github.com/juwenyi/CVE-2024-429922024-08-2705 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Monday, August 26th, 2024Pandas Erros: What encoding are my logs in?https://isc.sans.edu/diary/Pandas%20Errors%3A%20What%20encoding%20are%20my%20logs%20in%3F/31200 Crowdstrike Performance Issueshttps://www.reddit.com/r/sysadmin/comments/1eyfex6/at_least_its_not_on_a_friday/ CopyBara Malwarehttps://www.zscaler.com/blogs/security-research/technical-analysis-copybara#conclusion SonicWall Vulnerabilityhttps://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-00152024-08-2605 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Monday, August 26th, 2024Pandas Erros: What encoding are my logs in?https://isc.sans.edu/diary/Pandas%20Errors%3A%20What%20encoding%20are%20my%20logs%20in%3F/31200 Crowdstrike Performance Issueshttps://www.reddit.com/r/sysadmin/comments/1eyfex6/at_least_its_not_on_a_friday/ CopyBara Malwarehttps://www.zscaler.com/blogs/security-research/technical-analysis-copybara#conclusion SonicWall Vulnerabilityhttps://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-00152024-08-2605 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Friday, August 23rd, 2024OpenAI Scans Honeypotshttps://isc.sans.edu/diary/OpenAI%20Scans%20for%20Honeypots.%20Artificially%20Malicious%3F%20Action%20Abuse%3F/31196 Broken Linux Boot Partitions after August Microsoft Updatehttps://learn.microsoft.com/en-us/windows/release-health/status-windows-11-23H2#3377msgdesc Google Fixes Chrome 0-dayhttps://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html Cisco Zero Day Exploited (now Patched)https://www.sygnia.co/blog/china-threat-group-velvet-ant-cisco-zero-day/ Solar Winds Helpdesk Backdoorhttps://support.solarwinds.com/SuccessCenter/s/article/SolarWinds-Web-Help-Desk-12-8-3-Hotfix-2 Securing the Future: How Memory-Safe Programming Languages Impact Industry Safety (Christopher Ross)https://www.sans...2024-08-2315 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Friday, August 23rd, 2024OpenAI Scans Honeypotshttps://isc.sans.edu/diary/OpenAI%20Scans%20for%20Honeypots.%20Artificially%20Malicious%3F%20Action%20Abuse%3F/31196 Broken Linux Boot Partitions after August Microsoft Updatehttps://learn.microsoft.com/en-us/windows/release-health/status-windows-11-23H2#3377msgdesc Google Fixes Chrome 0-dayhttps://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html Cisco Zero Day Exploited (now Patched)https://www.sygnia.co/blog/china-threat-group-velvet-ant-cisco-zero-day/ Solar Winds Helpdesk Backdoorhttps://support.solarwinds.com/SuccessCenter/s/article/SolarWinds-Web-Help-Desk-12-8-3-Hotfix-2 Securing the Future: How Memory-Safe Programming Languages Impact Industry Safety (Christopher Ross)https://www.sans...2024-08-2315 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Thursday, August 22nd, 2024Mapping Threats wiht DNSTwist and the Internet Storm Center https://isc.sans.edu/diary/Mapping%20Threats%20with%20DNSTwist%20and%20the%20Internet%20Storm%20Center%20%5BGuest%20Diary%5D/31188 Slack AI Prompt Injectionhttps://promptarmor.substack.com/p/slack-ai-data-exfiltration-from-private Phishing in PWA Applicationshttps://www.welivesecurity.com/en/eset-research/be-careful-what-you-pwish-for-phishing-in-pwa-applications/ QNAP Ransomware Security Centerhttps://www.qnap.com/en/news/2024/qnap-officially-releases-qts-5-2-introducing-security-center-for-active-file-activity-monitoring-elevated-security-and-data-protection2024-08-2207 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Thursday, August 22nd, 2024Mapping Threats wiht DNSTwist and the Internet Storm Center https://isc.sans.edu/diary/Mapping%20Threats%20with%20DNSTwist%20and%20the%20Internet%20Storm%20Center%20%5BGuest%20Diary%5D/31188 Slack AI Prompt Injectionhttps://promptarmor.substack.com/p/slack-ai-data-exfiltration-from-private Phishing in PWA Applicationshttps://www.welivesecurity.com/en/eset-research/be-careful-what-you-pwish-for-phishing-in-pwa-applications/ QNAP Ransomware Security Centerhttps://www.qnap.com/en/news/2024/qnap-officially-releases-qts-5-2-introducing-security-center-for-active-file-activity-monitoring-elevated-security-and-data-protection2024-08-2207 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Wednesday, August 21st, 2024Where are we with CVE-2024-38063: Microsoft IPv6 Vulnerabilityhttps://isc.sans.edu/diary/Where+are+we+with+CVE202438063+Microsoft+IPv6+Vulnerability/31186 Microsoft August Update Prevents Linux from Bootinghttps://community.frame.work/t/sbat-verification-error-booting-linux-after-windows-update/56354 PHP CGI Vulnerability Exploited CVE-2024-4577https://symantec-enterprise-blogs.security.com/threat-intelligence/taiwan-malware-dns F5 Updateshttps://my.f5.com/manage/s/article/K000140111https://my.f5.com/manage/s/article/K0001401082024-08-2104 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Wednesday, August 21st, 2024Where are we with CVE-2024-38063: Microsoft IPv6 Vulnerabilityhttps://isc.sans.edu/diary/Where+are+we+with+CVE202438063+Microsoft+IPv6+Vulnerability/31186 Microsoft August Update Prevents Linux from Bootinghttps://community.frame.work/t/sbat-verification-error-booting-linux-after-windows-update/56354 PHP CGI Vulnerability Exploited CVE-2024-4577https://symantec-enterprise-blogs.security.com/threat-intelligence/taiwan-malware-dns F5 Updateshttps://my.f5.com/manage/s/article/K000140111https://my.f5.com/manage/s/article/K0001401082024-08-2104 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Tuesday, August 20th, 2024Do you like donuts? Here is a donut Shellcode Delivered Through PowerShell Pythonhttps://isc.sans.edu/diary/Do%20you%20Like%20Donuts%3F%20Here%20is%20a%20Donut%20Shellcode%20Delivered%20Through%20PowerShell%20Python/31182 How Vulnerabilities in Microsoft Apps for MacOS allow Stealing Permissionshttps://blog.talosintelligence.com/how-multiple-vulnerabilities-in-microsoft-apps-for-macos-pave-the-way-to-stealing-permissions/ Digital Wallet Security Loopholehttps://www.umass.edu/news/article/new-study-reveals-loophole-digital-wallet-security-even-if-rightful-cardholder-doesnt Microsoft IPv6 Vulnerability CVE-2024-38063https://x.com/f4rmpoet/status/1825472703223992323 YouTube Video (going live 10am ET) https://www.youtube.com/watch?v=miBb1llFOYQ2024-08-2007 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Tuesday, August 20th, 2024Do you like donuts? Here is a donut Shellcode Delivered Through PowerShell Pythonhttps://isc.sans.edu/diary/Do%20you%20Like%20Donuts%3F%20Here%20is%20a%20Donut%20Shellcode%20Delivered%20Through%20PowerShell%20Python/31182 How Vulnerabilities in Microsoft Apps for MacOS allow Stealing Permissionshttps://blog.talosintelligence.com/how-multiple-vulnerabilities-in-microsoft-apps-for-macos-pave-the-way-to-stealing-permissions/ Digital Wallet Security Loopholehttps://www.umass.edu/news/article/new-study-reveals-loophole-digital-wallet-security-even-if-rightful-cardholder-doesnt Microsoft IPv6 Vulnerability CVE-2024-38063https://x.com/f4rmpoet/status/1825472703223992323 YouTube Video (going live 10am ET) https://www.youtube.com/watch?v=miBb1llFOYQ2024-08-2007 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Monday, August 19th, 2024Summarizing Web Honeypot Logshttps://isc.sans.edu/diary/%5BGuest%20Diary%5D%207%20minutes%20and%204%20steps%20to%20a%20quick%20win%3A%20A%20write-up%20on%20custom%20tools/31170 Large Scale Cloud Extortion Operationhttps://unit42.paloaltonetworks.com/large-scale-cloud-extortion-operation/ Chrome Redacting Credit Cards and Passwords when you share Android Screenshttps://www.bleepingcomputer.com/news/google/chrome-will-redact-credit-cards-passwords-when-you-share-android-screen/ Google Products Targeted by Search Ad Scammershttps://www.malwarebytes.com/blog/scams/2024/08/dozens-of-google-products-targeted-by-scammers-via-malicious-search-ads MakeShift: Security Analysis of Shimano Di2 Wireless Gear Shifting in Bicyleshttps://www.usenix.org/system/files/woot24-motallebighomi.pdf2024-08-1906 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Monday, August 19th, 2024Summarizing Web Honeypot Logshttps://isc.sans.edu/diary/%5BGuest%20Diary%5D%207%20minutes%20and%204%20steps%20to%20a%20quick%20win%3A%20A%20write-up%20on%20custom%20tools/31170 Large Scale Cloud Extortion Operationhttps://unit42.paloaltonetworks.com/large-scale-cloud-extortion-operation/ Chrome Redacting Credit Cards and Passwords when you share Android Screenshttps://www.bleepingcomputer.com/news/google/chrome-will-redact-credit-cards-passwords-when-you-share-android-screen/ Google Products Targeted by Search Ad Scammershttps://www.malwarebytes.com/blog/scams/2024/08/dozens-of-google-products-targeted-by-scammers-via-malicious-search-ads MakeShift: Security Analysis of Shimano Di2 Wireless Gear Shifting in Bicyleshttps://www.usenix.org/system/files/woot24-motallebighomi.pdf2024-08-1906 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Friday, August 16th, 2024Wireshark 4.4.0 rc 1 Custom Columnshttps://isc.sans.edu/diary/Wireshark%204.4.0rc1%27s%20Custom%20Columns/31174 Github Repo Artifact Leak Tokenshttps://unit42.paloaltonetworks.com/github-repo-artifacts-leak-tokens/ BitLocker Security Feature Bypass Vulnerabilityhttps://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-38058 Solarwindws Hotfixhttps://support.solarwinds.com/SuccessCenter/s/article/WHD-12-8-3-Hotfix-1 Ed Skoudis, Paul Maurer: The Code of Honorhttps://cybercodeofhonor.com/2024-08-1617 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Friday, August 16th, 2024Wireshark 4.4.0 rc 1 Custom Columnshttps://isc.sans.edu/diary/Wireshark%204.4.0rc1%27s%20Custom%20Columns/31174 Github Repo Artifact Leak Tokenshttps://unit42.paloaltonetworks.com/github-repo-artifacts-leak-tokens/ BitLocker Security Feature Bypass Vulnerabilityhttps://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-38058 Solarwindws Hotfixhttps://support.solarwinds.com/SuccessCenter/s/article/WHD-12-8-3-Hotfix-1 Ed Skoudis, Paul Maurer: The Code of Honorhttps://cybercodeofhonor.com/2024-08-1617 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Thursday, August 15th, 2024MSI Malwarehttps://isc.sans.edu/diary/Multiple%20Malware%20Dropped%20Through%20MSI%20Package/31168 Microsoft IPv6 Vulnerablity CVE-2024-38063https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38063https://x.com/XiaoWei___/status/1823532146679799993/photo/1 Critical Ivanti Virtual Traffic Manager Patch CVE-2024-7593https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Virtual-Traffic-Manager-vTM-CVE-2024-7593?language=en_US Adobe Patcheshttps://helpx.adobe.com/security/security-bulletin.html2024-08-1506 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Thursday, August 15th, 2024MSI Malwarehttps://isc.sans.edu/diary/Multiple%20Malware%20Dropped%20Through%20MSI%20Package/31168 Microsoft IPv6 Vulnerablity CVE-2024-38063https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38063https://x.com/XiaoWei___/status/1823532146679799993/photo/1 Critical Ivanti Virtual Traffic Manager Patch CVE-2024-7593https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Virtual-Traffic-Manager-vTM-CVE-2024-7593?language=en_US Adobe Patcheshttps://helpx.adobe.com/security/security-bulletin.html2024-08-1506 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Wednesday, August 14th, 2024Microsoft August 2024 Patch Tuesdayhttps://isc.sans.edu/diary/Microsoft%20August%202024%20Patch%20Tuesday/31164 NIST Finalizes Post Quantum Encryption Standardshttps://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards Zabbix Network Monitoring Updateshttps://support.zabbix.com/browse/ZBX-25016https://support.zabbix.com/browse/ZBX-25013 (and others)2024-08-1406 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Wednesday, August 14th, 2024Microsoft August 2024 Patch Tuesdayhttps://isc.sans.edu/diary/Microsoft%20August%202024%20Patch%20Tuesday/31164 NIST Finalizes Post Quantum Encryption Standardshttps://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards Zabbix Network Monitoring Updateshttps://support.zabbix.com/browse/ZBX-25016https://support.zabbix.com/browse/ZBX-25013 (and others)2024-08-1406 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Tuesday, August 13th, 2024QuickShell: Sharing is Caring about an RCE Attack Chain on Quick Sharehttps://www.safebreach.com/blog/rce-attack-chain-on-quick-share Chrome, Edge users beset by malicious extensions that can t be easily removedhttps://www.helpnetsecurity.com/2024/08/12/chrome-edge-malicious-browser-extensions/ AMD Guest Memory Vulnerabilitieshttps://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html2024-08-1305 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Tuesday, August 13th, 2024QuickShell: Sharing is Caring about an RCE Attack Chain on Quick Sharehttps://www.safebreach.com/blog/rce-attack-chain-on-quick-share Chrome, Edge users beset by malicious extensions that can t be easily removedhttps://www.helpnetsecurity.com/2024/08/12/chrome-edge-malicious-browser-extensions/ AMD Guest Memory Vulnerabilitieshttps://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html2024-08-1305 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Monday, August 12th, 2024CORS/SameOrigin Videohttps://isc.sans.edu/forums/diary/Video%3A%20Same%20Origin%2C%20CORS%2C%20DNS%20Rebinding%20and%20Localhost/31158/ Splitting the email atom: exploiting parsers to bypass access controlshttps://portswigger.net/research/splitting-the-email-atom#parser-discrepancies Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!https://blog.orange.tw/2024/08/confusion-attacks-en.html GL-Inet Patcheshttps://www.gl-inet.com/security-updates/security-advisories-vulnerabilities-and-cves-aug-1-2024/ Microsoft Office Spoofing Vulnerabilityhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-382002024-08-1205 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Monday, August 12th, 2024CORS/SameOrigin Videohttps://isc.sans.edu/forums/diary/Video%3A%20Same%20Origin%2C%20CORS%2C%20DNS%20Rebinding%20and%20Localhost/31158/ Splitting the email atom: exploiting parsers to bypass access controlshttps://portswigger.net/research/splitting-the-email-atom#parser-discrepancies Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!https://blog.orange.tw/2024/08/confusion-attacks-en.html GL-Inet Patcheshttps://www.gl-inet.com/security-updates/security-advisories-vulnerabilities-and-cves-aug-1-2024/ Microsoft Office Spoofing Vulnerabilityhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-382002024-08-1205 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Friday, August 9th, 2024Exploring Anti-Phishing Measures in Microsoft 365https://certitude.consulting/blog/en/o365-anti-phishing-measures/ SSHamble Security Testing Toolhttps://www.runzero.com/blog/sshamble-unexpected-exposures-in-the-secure-shell/ macOS Sequoia Weekly Permission Promptshttps://9to5mac.com/2024/08/06/macos-sequoia-screen-recording-privacy-prompt/ .internal domainhttps://www.icann.org/en/public-comment/proceeding/proposed-top-level-domain-string-for-private-use-24-01-20242024-08-0906 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Friday, August 9th, 2024Exploring Anti-Phishing Measures in Microsoft 365https://certitude.consulting/blog/en/o365-anti-phishing-measures/ SSHamble Security Testing Toolhttps://www.runzero.com/blog/sshamble-unexpected-exposures-in-the-secure-shell/ macOS Sequoia Weekly Permission Promptshttps://9to5mac.com/2024/08/06/macos-sequoia-screen-recording-privacy-prompt/ .internal domainhttps://www.icann.org/en/public-comment/proceeding/proposed-top-level-domain-string-for-private-use-24-01-20242024-08-0906 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Thursday, August 8th, 20240.0.0.0 Day Exploiting Localhost APIs from the Browserhttps://www.oligo.security/blog/0-0-0-0-day-exploiting-localhost-apis-from-the-browser Apple Hardens Gatekeeperhttps://developer.apple.com/news/?id=saqachfa Downgrade Attacks Using Windows Updateshttps://www.safebreach.com/blog/downgrade-attacks-using-windows-updates/2024-08-0806 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Thursday, August 8th, 20240.0.0.0 Day Exploiting Localhost APIs from the Browserhttps://www.oligo.security/blog/0-0-0-0-day-exploiting-localhost-apis-from-the-browser Apple Hardens Gatekeeperhttps://developer.apple.com/news/?id=saqachfa Downgrade Attacks Using Windows Updateshttps://www.safebreach.com/blog/downgrade-attacks-using-windows-updates/2024-08-0806 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Wednesday, August 7th, 2024A Survey of Scans For GeoServer Vulnerabilitieshttps://isc.sans.edu/diary/A%20Survey%20of%20Scans%20for%20GeoServer%20Vulnerabilities/31148 Crowdstrike Root Cause Analysishttps://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/ Kibana Vulnerabilityhttps://discuss.elastic.co/t/kibana-8-14-2-7-17-23-security-update-esa-2024-22/364424 Android August 2024 Bulletinhttps://source.android.com/docs/security/bulletin/2024-08-01 Ubiquity Amplication Attack Vulnerability Updatehttps://blog.checkpoint.com/research/over-20000-ubiquiti-cameras-and-routers-are-vulnerable-to-amplification-attacks-and-privacy-risks/2024-08-0705 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Wednesday, August 7th, 2024A Survey of Scans For GeoServer Vulnerabilitieshttps://isc.sans.edu/diary/A%20Survey%20of%20Scans%20for%20GeoServer%20Vulnerabilities/31148 Crowdstrike Root Cause Analysishttps://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/ Kibana Vulnerabilityhttps://discuss.elastic.co/t/kibana-8-14-2-7-17-23-security-update-esa-2024-22/364424 Android August 2024 Bulletinhttps://source.android.com/docs/security/bulletin/2024-08-01 Ubiquity Amplication Attack Vulnerability Updatehttps://blog.checkpoint.com/research/over-20000-ubiquiti-cameras-and-routers-are-vulnerable-to-amplification-attacks-and-privacy-risks/2024-08-0705 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Tuesday, August 6th, 2024Script Obfuscation Using Multiple Instances of the Same Functionhttps://isc.sans.edu/diary/Script%20obfuscation%20using%20multiple%20instances%20of%20the%20same%20function/31144 Disclosure of key technical details of CrowdStrike's large-scale blue screenhttps://mp.weixin.qq.com/s/uD7mhzyRSX1dTW-TMg4UhQ New OFBiz Vulnerabilityhttps://issues.apache.org/jira/browse/OFBIZ-13128https://www.youtube.com/watch?v=J_IxCBjd4Pw Roundcube XSS Vulnerabilitieshttps://securityonline.info/roundcube-webmail-releases-security-updates-to-patch-multiple-vulnerabilities/2024-08-0606 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Tuesday, August 6th, 2024Script Obfuscation Using Multiple Instances of the Same Functionhttps://isc.sans.edu/diary/Script%20obfuscation%20using%20multiple%20instances%20of%20the%20same%20function/31144 Disclosure of key technical details of CrowdStrike's large-scale blue screenhttps://mp.weixin.qq.com/s/uD7mhzyRSX1dTW-TMg4UhQ New OFBiz Vulnerabilityhttps://issues.apache.org/jira/browse/OFBIZ-13128https://www.youtube.com/watch?v=J_IxCBjd4Pw Roundcube XSS Vulnerabilitieshttps://securityonline.info/roundcube-webmail-releases-security-updates-to-patch-multiple-vulnerabilities/2024-08-0606 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Monday, August 5th, 2024Current Secure Boot Certifiate Authority Expires in 2026https://isc.sans.edu/diary/Even+Linux+users+should+take+a+look+at+this+Microsoft+KB+article/31140 OOXML Spreadsheets Protected by Verifier Hasheshttps://isc.sans.edu/diary/OOXML%20Spreadsheets%20Protected%20By%20Verifier%20Hashes/31072 StormBamboo Compromises ISP to Abuse Insecure Software Update Mechanismshttps://www.volexity.com/blog/2024/08/02/stormbamboo-compromises-isp-to-abuse-insecure-software-update-mechanisms/ DARPA TRACTOR Program for Translating C to Rusthttps://www.darpa.mil/news-events/2024-07-31a2024-08-0506 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Monday, August 5th, 2024Current Secure Boot Certifiate Authority Expires in 2026https://isc.sans.edu/diary/Even+Linux+users+should+take+a+look+at+this+Microsoft+KB+article/31140 OOXML Spreadsheets Protected by Verifier Hasheshttps://isc.sans.edu/diary/OOXML%20Spreadsheets%20Protected%20By%20Verifier%20Hashes/31072 StormBamboo Compromises ISP to Abuse Insecure Software Update Mechanismshttps://www.volexity.com/blog/2024/08/02/stormbamboo-compromises-isp-to-abuse-insecure-software-update-mechanisms/ DARPA TRACTOR Program for Translating C to Rusthttps://www.darpa.mil/news-events/2024-07-31a2024-08-0506 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Friday, August 2nd, 2024Tracking Proxy Scans with IPv4.Gameshttps://isc.sans.edu/diary/Tracking%20Proxy%20Scans%20with%20IPv4.Games/31136 Threat Actor Impersonates Google via Fake Ad For Authenticatorhttps://www.malwarebytes.com/blog/news/2024/07/threat-actor-impersonates-google-via-fake-ad-for-authenticator Who Knew? Domain Hijacking is so easyhttps://blogs.infoblox.com/threat-intelligence/who-knew-domain-hijacking-is-so-easy/2024-08-0206 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Friday, August 2nd, 2024Tracking Proxy Scans with IPv4.Gameshttps://isc.sans.edu/diary/Tracking%20Proxy%20Scans%20with%20IPv4.Games/31136 Threat Actor Impersonates Google via Fake Ad For Authenticatorhttps://www.malwarebytes.com/blog/news/2024/07/threat-actor-impersonates-google-via-fake-ad-for-authenticator Who Knew? Domain Hijacking is so easyhttps://blogs.infoblox.com/threat-intelligence/who-knew-domain-hijacking-is-so-easy/2024-08-0206 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Thursday, August 1st, 2024Increased Activity Against Apache OFBiz CVS-2024-32113https://isc.sans.edu/diary/Increased%20Activity%20Against%20Apache%20OFBiz%20CVE-2024-32113/31132 Digicert Certificate Revocation Incidenthttps://www.digicert.com/support/certificate-revocation-incident Microsoft Azure Outagehttps://azure.status.microsoft/en-us/status/history/ Improving Security of Chrome Cookieshttps://security.googleblog.com/2024/07/improving-security-of-chrome-cookies-on.html2024-08-0106 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Thursday, August 1st, 2024Increased Activity Against Apache OFBiz CVS-2024-32113https://isc.sans.edu/diary/Increased%20Activity%20Against%20Apache%20OFBiz%20CVE-2024-32113/31132 Digicert Certificate Revocation Incidenthttps://www.digicert.com/support/certificate-revocation-incident Microsoft Azure Outagehttps://azure.status.microsoft/en-us/status/history/ Improving Security of Chrome Cookieshttps://security.googleblog.com/2024/07/improving-security-of-chrome-cookies-on.html2024-08-0106 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Wednesday, July 31st, 2024Apple Updates Everything: July 2024 Editionhttps://isc.sans.edu/diary/Apple%20Patches%20Everything.%20July%202024%20Edition/31128 VMWare ESXi Vulnerability Actively Exploited CVE-2024-37085https://www.microsoft.com/en-us/security/blog/2024/07/29/ransomware-operators-exploit-esxi-hypervisor-vulnerability-for-mass-encryption/ Weak VoWiFi Encryption CVE-2024-22064https://idw-online.de/en/news8376522024-07-3105 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Wednesday, July 31st, 2024Apple Updates Everything: July 2024 Editionhttps://isc.sans.edu/diary/Apple%20Patches%20Everything.%20July%202024%20Edition/31128 VMWare ESXi Vulnerability Actively Exploited CVE-2024-37085https://www.microsoft.com/en-us/security/blog/2024/07/29/ransomware-operators-exploit-esxi-hypervisor-vulnerability-for-mass-encryption/ Weak VoWiFi Encryption CVE-2024-22064https://idw-online.de/en/news8376522024-07-3105 minSANS Stormcast: Daily Cyber Security NewsSANS Stormcast: Daily Cyber Security NewsISC StormCast for Tuesday, July 30th, 2024CrowdStrike Outage Themed Maldochttps://isc.sans.edu/diary/CrowdStrike%20Outage%20Themed%20Maldoc/31116 HotJar XSS Puts OAuth at Riskhttps://salt.security/blog/over-1-million-websites-are-at-risk-of-sensitive-information-leakage---xss-is-dead-long-live-xss Proofpoint Echospoofinghttps://labs.guard.io/echospoofing-a-massive-phishing-campaign-exploiting-proofpoints-email-protection-to-dispatch-3dd6b5417db62024-07-3005 minOn Location With Sean Martin And Marco CiappelliOn Location With Sean Martin And Marco CiappelliThe Five Most Dangerous New Attack Techniques You Need to Know About | An RSA Conference 2024 Conversation With Ed Skoudis, Heather Mahalik Barnhart, and Johannes Ullrich | On Location Coverage with Sean Martin and Marco CiappelliGuests: Ed Skoudis, President at SANS Technology Institute [@SANS_EDU]On LinkedIn | https://www.linkedin.com/in/edskoudis/At RSAC | https://www.rsaconference.com/experts/ed-skoudisHeather Mahalik Barnhart, Faculty Fellow & DFIR Curriculum Lead at SANS, Sr Dir of Community Engagement at Cellebrite [@Cellebrite]On LinkedIn | https://www.linkedin.com/in/heather-mahalik-cellebrite/On Twitter | https://twitter.com/HeatherMahalikAt RSAC | https://www.rsaconference.com/experts/heather-mahalikJohannes Ullrich, Dean of Research at SANS Technology Institute [@sansforensics]On LinkedIn | https://www.linkedin.c...2024-05-0229 minRedefining CyberSecurityRedefining CyberSecurityThe Five Most Dangerous New Attack Techniques You Need to Know About | An RSA Conference 2024 Conversation With Ed Skoudis, Heather Mahalik Barnhart, and Johannes Ullrich | On Location Coverage with Sean Martin and Marco CiappelliGuests: Ed Skoudis, President at SANS Technology Institute [@SANS_EDU]On LinkedIn | https://www.linkedin.com/in/edskoudis/At RSAC | https://www.rsaconference.com/experts/ed-skoudisHeather Mahalik Barnhart, Faculty Fellow & DFIR Curriculum Lead at SANS, Sr Dir of Community Engagement at Cellebrite [@Cellebrite]On LinkedIn | https://www.linkedin.com/in/heather-mahalik-cellebrite/On Twitter | https://twitter.com/HeatherMahalikAt RSAC | https://www.rsaconference.com/experts/heather-mahalikJohannes Ullrich, Dean of Research at SANS Technology Institute [@sansforensics]On LinkedIn | https://www.linkedin.c...2024-05-0229 minITSPmagazine PodcastsITSPmagazine PodcastsThe Five Most Dangerous New Attack Techniques You Need to Know About | An RSA Conference 2024 Conversation With Ed Skoudis, Heather Mahalik Barnhart, and Johannes Ullrich | On Location Coverage with Sean Martin and Marco CiappelliGuests: Ed Skoudis, President at SANS Technology Institute [@SANS_EDU]On LinkedIn | https://www.linkedin.com/in/edskoudis/At RSAC | https://www.rsaconference.com/experts/ed-skoudisHeather Mahalik Barnhart, Faculty Fellow & DFIR Curriculum Lead at SANS, Sr Dir of Community Engagement at Cellebrite [@Cellebrite]On LinkedIn | https://www.linkedin.com/in/heather-mahalik-cellebrite/On Twitter | https://twitter.com/HeatherMahalikAt RSAC | https://www.rsaconference.com/experts/heather-mahalikJohannes Ullrich, Dean of Research at SANS Technology Institute [@sansforensics]On LinkedIn | https://www.linkedin.c...2024-05-0229 minMENOMIO - Der Podcast für glückliche WechseljahreMENOMIO - Der Podcast für glückliche Wechseljahre35_Verhütung in den Wechseljahren: Im Gespräch mit Johannes Ott In dieser Episode spricht Daniela mit Johannes Ott, Leiter der klinischen Abteilung für gynäkologische Endokrinologie am AKH Wien. Im Fokus steht die Verhütung in den Wechseljahren – ein Thema, das viele Frauen verunsichert. Johannes Ott erklärt, warum auch in der Perimenopause Verhütung notwendig sein kann, welche hormonellen und nicht-hormonellen Methoden es gibt und worauf man dabei achten sollte. Außerdem beleuchtet er die Auswirkungen hormoneller Verhütungsmethoden auf die Wechseljahre und wie individuelle Bedürfnisse berücksichtigt werden können. Themen der Folge: Verhütung in den Wechseljahren: Warum Verhütung in der Perimenopa...2024-04-2643 minCareer NotesCareer NotesEncore:Johannes Ullrich: Superhero origin stories and lessons that last. [Education]Dean of Research, Johannes Ullrich, relays his experiences from studying the hard sciences to his career shift to cybersecurity. Basic principles, superhero origin stories, physics labs and radiation all figure in. And there’s a lot in common with network security best practices. Have a listen to what Johannes has learned and what he hopes to impart on his students. Our thanks to Johannes for sharing his story with us.  Learn more about your ad choices. Visit megaphone.fm/adchoices2024-01-0707 minFootball Hautnah! - ELF, GFL & NFL aus Coach\'s-SichtFootball Hautnah! - ELF, GFL & NFL aus Coach's-SichtGespräche mit AFVD + ELF News & Jan Ullrich - Wie gefährlich ist Doping? (#95).00:00 Challenge bis Weihnachten – Was passt zu dir? 07:55 Jan Ullrich – Wie gefährlich ist Doping? 21:48 Johannes hatte seinen letzten Arbeitstag im Großkonzern 26:45 Power House Camp bei Martin im Fitnessstudio 34:22 Martin‘s Gespräch mit neuem AFVD Präsidium & GFL News 40:50 ELF News – Spielerwechsel & neue US-Coaches 50:00 49ers gegen Eagles – Martin’s Erkenntnisse aus der Coaches Cam ----------- Schicke uns gerne deine Fragen. Kontaktiere uns hier (auch via Sprachnachricht) & weitere Infos zu Martin und Johannes oder dem CTK Sportpark: https://linktr.e...2023-12-071h 03Redefining CyberSecurityRedefining CyberSecurityThe Five Most Dangerous New Attack Techniques | Demystifying The Top Emerging Cyber Threats | ITSPmagazine Event Coverage: RSAC 2023 San Francisco, USA | A Conversation with SANS Instructors Katie Nickels and Johannes UllrichGuests: Katie Nickels, Certified Instructor and Director of Intelligence Operations at SANS Institute [@sansforensics] and Red Canary [@redcanary]On LinkedIn | https://www.linkedin.com/in/katie-nickels/On Twitter | https://twitter.com/likethecoinsOn Mastodon | https://infosec.exchange/@likethecoinsJohannes Ullrich, Dean of Research at SANS Technology Institute [@sansforensics]On LinkedIn | https://www.linkedin.com/in/johannesullrich/On Twitter | https://twitter.com/sans_iscOn Mastodon | https://infosec.exchange/@jullrich____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Hos...2023-04-1425 minCareer NotesCareer NotesJohannes Ullrich: Superhero origin stories and lessons that last. [Education]Dean of Research, Johannes Ullrich, relays his experiences from studying the hard sciences to his career shift to cybersecurity. Basic principles, superhero origin stories, physics labs and radiation all figure in. And there’s a lot in common with network security best practices. Have a listen to what Johannes has learned and what he hopes to impart on his students. Our thanks to Johannes for sharing his story with us.  Learn more about your ad choices. Visit megaphone.fm/adchoices2020-06-2107 minCyber Security InterviewsCyber Security Interviews#037 – Johannes Ullrich: Solving That Puzzle In Your NetworkDr. Johannes Ullrich is currently responsible for the SANS Internet Storm Center (ISC) and the GIAC Gold program. In 2000, he founded DShield.org, which is now the data collection engine behind the ISC. His work with the ISC has been widely recognized, and in 2004, Network World named him one of the 50 most powerful people in the networking industry. Prior to working for SANS, Johannes worked as a lead support engineer for a web development company and as a research physicist.Johannes holds a PhD in physics from SUNY Albany and is based in Jacksonville, Florida. His daily po...2017-10-0340 min