Johannes B Ullrich public
[search 0]
More

Download the App!

show episodes
 
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minutes long summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Storm Center. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
 
Loading …
show series
 
Port Forwarding with Windows for the Win https://isc.sans.edu/forums/diary/PortForwarding+with+Windows+for+the+Win/27934/ Please Fix Your E-Mail Brute Forcing Tool https://isc.sans.edu/forums/diary/Please+fix+your+EMail+Brute+forcing+tool/27930/ Ad Blocker Injects Ads https://www.imperva.com/blog/the-ad-blocker-that-injects-ads/ Romance Scams Go Af…
 
Windows Port Forward; SMTP Brute Forcing; Fake Ad Blocker; Romance Crypto Coin Scam; Sysmon4Linux; VMWare/Foxit Updates Port Forwarding with Windows for the Win https://isc.sans.edu/forums/diary/PortForwarding+with+Windows+for+the+Win/27934/ Please Fix Your E-Mail Brute Forcing Tool https://isc.sans.edu/forums/diary/Please+fix+your+EMail+Brute+forc…
 
Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+October+2021+Patch+Tuesday/27928/ Adobe Patches https://helpx.adobe.com/security/security-bulletin.html PyPi Remove mitmproxy2 Module https://twitter.com/maximilianhils/status/1447525552370458625 https://web.archive.org/web/20211012105244/https://gist.github.com/mhils/7ff29d50b25a1…
 
Microsoft Patch Tuesday; Adobe Patches; PyPi Removes Malicious mitmproxy2 Module Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+October+2021+Patch+Tuesday/27928/ Adobe Patches https://helpx.adobe.com/security/security-bulletin.html PyPi Remove mitmproxy2 Module https://twitter.com/maximilianhils/status/1447525552370458625 https…
 
Non HTTP Requests Hitting Web Server https://isc.sans.edu/forums/diary/Things+that+go+Bump+in+the+Night+Non+HTTP+Requests+Hitting+Web+Servers/27924/ Apple Updates iOS/iPadOS to 15.0.2 https://saaramar.github.io/IOMFB_integer_overflow_poc/ https://support.apple.com/en-us/HT212846 Weak SSH Keys Used with GitKraken https://github.blog/2021-10-11-githu…
 
Odd Web Log Summary; iOS/iPadOS 15.0.2 (0-day); GitKraken weak keys; Lets Encrypt Outage Non HTTP Requests Hitting Web Server https://isc.sans.edu/forums/diary/Things+that+go+Bump+in+the+Night+Non+HTTP+Requests+Hitting+Web+Servers/27924/ Apple Updates iOS/iPadOS to 15.0.2 https://saaramar.github.io/IOMFB_integer_overflow_poc/ https://support.apple.…
 
Scanning for Previous Oracle WebLogic Vulnerabilities https://isc.sans.edu/forums/diary/Scanning+for+Previous+Oracle+WebLogic+Vulnerabilities/27918/ Sorting Things Out - Sorting Data by IP Address https://isc.sans.edu/forums/diary/Sorting+Things+Out+Sorting+Data+by+IP+Address/27916/ https://gitlab.com/slackermedia/bashcrawl Telegram Does Not Remove…
 
WebLogic Xploits; Sorting Things; Telegram Auto-Delete; MSFT Disabling Excel 4.0 Macros; Scanning for Previous Oracle WebLogic Vulnerabilities https://isc.sans.edu/forums/diary/Scanning+for+Previous+Oracle+WebLogic+Vulnerabilities/27918/ Sorting Things Out - Sorting Data by IP Address https://isc.sans.edu/forums/diary/Sorting+Things+Out+Sorting+Dat…
 
Who is Hunting For Your IPTV Set-Top Box? https://isc.sans.edu/forums/diary/Who+Is+Hunting+For+Your+IPTV+SetTop+Box/27912/ Another Update For Apache https://httpd.apache.org Font on Lake Rootkit https://www.welivesecurity.com/2021/10/07/fontonlake-previously-unknown-malware-family-targeting-linux/ osquery 5 with macOS Endpoint Security https://www.…
 
Hunting IPTV Boxes; Apache 2.4.51 Released; FontOnLake Rootkit; osquery 5; Who is Hunting For Your IPTV Set-Top Box? https://isc.sans.edu/forums/diary/Who+Is+Hunting+For+Your+IPTV+SetTop+Box/27912/ Another Update For Apache https://httpd.apache.org Font on Lake Rootkit https://www.welivesecurity.com/2021/10/07/fontonlake-previously-unknown-malware-…
 
Apache 2.4.49 Directory Traversal Vulnerability https://isc.sans.edu/forums/diary/Apache+2449+Directory+Traversal+Vulnerability+CVE202141773/27908/ Python Ransomware Targeting ESXi Server https://www.sophos.com/en-us/press-office/press-releases/2021/10/sophos-researchers-uncover-new-python-ransomware-targeting-an-esxi-server-and-virtual-machines.as…
 
Apache Flaw Details; VMWare ESXi Ransomware; AT&T SIM Forensics; Google Pushing 2SV Apache 2.4.49 Directory Traversal Vulnerability https://isc.sans.edu/forums/diary/Apache+2449+Directory+Traversal+Vulnerability+CVE202141773/27908/ Python Ransomware Targeting ESXi Server https://www.sophos.com/en-us/press-office/press-releases/2021/10/sophos-resear…
 
Looking Glass Sites https://isc.sans.edu/forums/diary/Looking+Glasses+Debugging+Network+Connectivity+Issues/27904/ Facebook Postmortem https://engineering.fb.com/2021/10/05/networking-traffic/outage-details/ Apache 2.4.49 Directory Traversal Vulnerability https://blog.sonatype.com/apache-servers-actively-exploited-in-wild-importance-of-prompt-patch…
 
Looking Glass; Facebook Postmortem; Apache 2.4.49 Vuln; Windows 11/2022 Released Looking Glass Sites https://isc.sans.edu/forums/diary/Looking+Glasses+Debugging+Network+Connectivity+Issues/27904/ Facebook Postmortem https://engineering.fb.com/2021/10/05/networking-traffic/outage-details/ Apache 2.4.49 Directory Traversal Vulnerability https://blog.…
 
Facebook Outage https://isc.sans.edu/forums/diary/Facebook+Outage+Yes+its+DNS+sort+of+A+super+quick+analysis+of+what+is+going+on/27900/ Boutique "Dark" Botnet Hunting for Crumbs https://isc.sans.edu/forums/diary/Boutique+Dark+Botnet+Hunting+for+Crumbs/27898/ Apache Airflow May Leak Credentials https://www.intezer.com/blog/cloud-security/misconfigur…
 
Facebook Outage; Dark Botnet Update; Apache Airflow Credential Leakage #facebookout #airflow #bgp Facebook Outage https://isc.sans.edu/forums/diary/Facebook+Outage+Yes+its+DNS+sort+of+A+super+quick+analysis+of+what+is+going+on/27900/ Boutique "Dark" Botnet Hunting for Crumbs https://isc.sans.edu/forums/diary/Boutique+Dark+Botnet+Hunting+for+Crumbs/…
 
A New Tool To Add to Your LOLBAS List: cvtres.exe https://isc.sans.edu/forums/diary/New+Tool+to+Add+to+Your+LOLBAS+List+cvtresexe/27892/ Google Chrome Continuing Updates https://support.google.com/chrome/answer/95414?hl=en&co=GENIE.Platform%3DDesktop Cyber Security Awareness Month https://www.sans.org/security-awareness-training/resources/ https://…
 
cvtres.exe Malicious Use; More Chrome Patches; Security Awareness Month; Gatekeeper Bypass; A New Tool To Add to Your LOLBAS List: cvtres.exe https://isc.sans.edu/forums/diary/New+Tool+to+Add+to+Your+LOLBAS+List+cvtresexe/27892/ Google Chrome Continuing Updates https://support.google.com/chrome/answer/95414?hl=en&co=GENIE.Platform%3DDesktop Cyber S…
 
Visa/Apple Express Transit Relay Attack https://www.bbc.com/news/technology-58719891 FluBot Offering Fake FlutBot Protection https://twitter.com/CERTNZ/status/1443701853665980440 Undetected Azure Active Directory Brute-Force Attacks https://www.secureworks.com/research/undetected-azure-active-directory-brute-force-attacks SANS.edu Student Christoph…
 
Visa/Apple Express Transit Relay; FluBot Fake Updates; Azure Brute-Forceing; Domain Dumpster Diving @sans_edu Visa/Apple Express Transit Relay Attack https://www.bbc.com/news/technology-58719891 FluBot Offering Fake FlutBot Protection https://twitter.com/CERTNZ/status/1443701853665980440 Undetected Azure Active Directory Brute-Force Attacks https:/…
 
Keeping Track of Time: Network Time Protocol and GPSD Bug https://isc.sans.edu/forums/diary/Keeping+Track+of+Time+Network+Time+Protocol+and+a+GPSD+Bug/27886/ Apple Airtags Stored XSS https://medium.com/@bobbyrsec/zero-day-hijacking-icloud-credentials-with-apple-airtags-stored-xss-6997da43a216 CISA/NSA Guidance To Configure VPNs https://media.defens…
 
gpsd Bug; Airtag XSS; CISA/NSA VPN Guidance; Facebook Opensourcing Mariana Trench Keeping Track of Time: Network Time Protocol and GPSD Bug https://isc.sans.edu/forums/diary/Keeping+Track+of+Time+Network+Time+Protocol+and+a+GPSD+Bug/27886/ Apple Airtags Stored XSS https://medium.com/@bobbyrsec/zero-day-hijacking-icloud-credentials-with-apple-airtag…
 
TLS 1.3 and SSL: The Current State of Affairs https://isc.sans.edu/forums/diary/TLS+13+and+SSL+the+current+state+of+affairs/27882/ EFF Discontinues HTTPS Everywhere Plugin https://www.eff.org/deeplinks/2021/09/https-actually-everywhere Malicious CryptoCoin Wallet https://discourse.mozilla.org/t/got-hacked-by-the-add-on-called-safepal-wallet/85797 M…
 
Current TLS/SSL Versions; Malicious Browser Crypto Wallets; Easier Exchange Emergency Mitigations TLS 1.3 and SSL: The Current State of Affairs https://isc.sans.edu/forums/diary/TLS+13+and+SSL+the+current+state+of+affairs/27882/ EFF Discontinues HTTPS Everywhere Plugin https://www.eff.org/deeplinks/2021/09/https-actually-everywhere Malicious Crypto…
 
Trend Micro ServerProtect Authentication Bypass Vulnerability https://www.zerodayinitiative.com/advisories/ZDI-21-1115/ Let's Encrypt Root CA Expiration https://community.letsencrypt.org/t/production-chain-changes/150739 ERMAC Android Malware https://www.threatfabric.com/blogs/ermac-another-cerberus-reborn.html QNAP Vulnerabilities https://www.qnap…
 
Trend Micro ServerProtct Auth Bypass; Let's Encrypt Root Expiration; ERMAC Android Malware; QNAP Vulns; Trend Micro ServerProtect Authentication Bypass Vulnerability https://www.zerodayinitiative.com/advisories/ZDI-21-1115/ Let's Encrypt Root CA Expiration https://community.letsencrypt.org/t/production-chain-changes/150739 ERMAC Android Malware htt…
 
Mobile Device Inventory via Active Sync https://isc.sans.edu/forums/diary/Keep+an+Eye+on+Your+Users+Mobile+Devices+Simple+Inventory/27868/ Autodiscover Attacks https://autodiscover-vulnerable-tlds.com https://wiki.mozilla.org/Public_Suffix_List https://www.guardicore.com/labs/autodiscovering-the-great-leak/ Three More 0-Day Vulnerabilities in iOS h…
 
Mobile Device Inventory; Autodiscover Attacks; iOS 3x0Day; Cisco CAPWAP Vuln; Sonicall SMA 100 Patch Mobile Device Inventory via Active Sync https://isc.sans.edu/forums/diary/Keep+an+Eye+on+Your+Users+Mobile+Devices+Simple+Inventory/27868/ Autodiscover Attacks https://autodiscover-vulnerable-tlds.com https://wiki.mozilla.org/Public_Suffix_List http…
 
Excel Recipe: Some VBA Code with a Touch of Excel4 Macro https://isc.sans.edu/forums/diary/Excel+Recipe+Some+VBA+Code+with+a+Touch+of+Excel4+Macro/27864/ Windows Platform Binary Table Weakness https://eclypsium.com/2021/09/20/everyone-gets-a-rootkit/ Apple Patches Older iOS/MacOS Versions https://support.apple.com/en-us/HT201222 Broken Digital Sign…
 
VBA Creates Excel4 Downloader; WPBT Unpatched Flaw; Patch for Older iOS/macOS; Broken Digital Signatures Excel Recipe: Some VBA Code with a Touch of Excel4 Macro https://isc.sans.edu/forums/diary/Excel+Recipe+Some+VBA+Code+with+a+Touch+of+Excel4+Macro/27864/ Windows Platform Binary Table Weakness https://eclypsium.com/2021/09/20/everyone-gets-a-roo…
 
An XML-Obfustcated Office Document (CVE-2021-40444) https://isc.sans.edu/forums/diary/An+XMLObfuscated+Office+Document+CVE202140444/27860/ Exchange Autodiscovering Leaks Credentials https://www.guardicore.com/labs/autodiscovering-the-great-leak/ Nagios Vulnerabilities https://claroty.com/2021/09/21/blog-research-securing-network-management-systems-…
 
Obfuscated MSHTML Exploits; Exchange Autodiscovery Leak; Nagios Vuln; Apple SDK Removes TLS1.0/1.1 An XML-Obfustcated Office Document (CVE-2021-40444) https://isc.sans.edu/forums/diary/An+XMLObfuscated+Office+Document+CVE202140444/27860/ Exchange Autodiscovering Leaks Credentials https://www.guardicore.com/labs/autodiscovering-the-great-leak/ Nagio…
 
A First Look at Apple's iOS 15 "Private Relay" feature https://isc.sans.edu/forums/diary/A+First+Look+at+Apples+iOS+15+Private+Relay+feature/27858/ macOS Finder Security Feature Bypass Leads to Possible RCE https://ssd-disclosure.com/ssd-advisory-macos-finder-rce/ VMWare vCenter Advisory https://blogs.vmware.com/vsphere/2021/09/vmsa-2021-0020-what-…
 
iOS 15 Private Relay; macOS Finder Vuln; vCenter Advisory; NetGear Circle Parental Control Vuln; A First Look at Apple's iOS 15 "Private Relay" feature https://isc.sans.edu/forums/diary/A+First+Look+at+Apples+iOS+15+Private+Relay+feature/27858/ macOS Finder Security Feature Bypass Leads to Possible RCE https://ssd-disclosure.com/ssd-advisory-macos-…
 
Loading …

Quick Reference Guide

Copyright 2021 | Sitemap | Privacy Policy | Terms of Service
Google login Twitter login Classic login