SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Attacks Against NVMS-9000 DVR Web Vulnerability https://isc.sans.edu/forums/diary/Scanning+Activity+for+NVMS9000+Digital+Video+Recorder/25434/ Pixel 4 Face Unlock Works with Eyes Shut https://www.bbc.com/news/technology-50085630 Samsung Galaxy S10 Fingerprint Unlock Bug https://www.bbc.com/news/technology-50080586 Alexa/Google Home Phishing https://srlabs.de/bites/smart-spies/

Phishing E-Mail Spoofing SPF Protected Domain https://isc.sans.edu/forums/diary/Phishing+email+spoofing+SPFenabled+domain/25426/ Purchased Domain Arrives with Paypal Accounts Linked to it https://www.theregister.co.uk/2019/10/17/paypal_account_domain/ Typosquatting Attacks Affect 2020 Presidential Election https://www.digitalshadows.com/blog-and-research/typosquatting-and-the-2020-u-s-presidential-election/ STI Student: Christopher Hurless Exploring Osquery, Fleet, and Elastic Stack as an Open-source solution to Endpoint Detection and Response https://www.sans.org/reading-room/whitepapers/detection/paper/39165

Oracle CPU https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html Jackson-Databind Vulnerablity https://github.com/FasterXML/jackson-databind/issues/2387 VMWare Cloud Foundation and VMware Harbor Container Registry Patch https://www.vmware.com/security/advisories/VMSA-2019-0016.html Wordpress Update https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/ Cryptominers Hiding in WAV Files https://threatvector.cylance.com/en_us/home/malicious-payloads-hiding-beneath-the-wav.html

Adobe Updates https://helpx.adobe.com/security.html Symantec BSOD https://support.symantec.com/us/en/article.TECH256643.html OSX/Shlayer Bypasses Gatekeeper/XProtect https://blog.confiant.com/osx-shlayer-new-shurprise-unveiling-osx-tarmac-f965a32de887 Fake iOS Jailbreak Leads to Clickfraud https://blog.talosintelligence.com/2019/10/checkrain-click-fraud.html

sudo vulnerability https://www.sudo.ws/alerts/minus_1_uid.html Apple Safebrowsing Controversy https://blog.cryptographyengineering.com/2019/10/13/dear-apple-safe-browsing-might-not-be-that-safe/ Streaming Service Tracking Behaviour https://www.princeton.edu/~pmittal/publications/tv-tracking-ccs19.pdf

YARA Update https://isc.sans.edu/forums/diary/YARA+v3110+released/25408/ Hacking Back Against Ransomware https://www.zdnet.com/article/white-hat-hacks-muhstik-ransomware-gang-and-releases-decryption-keys/ Fake Crypto Trading Software https://www.bleepingcomputer.com/news/security/attackers-create-elaborate-crypto-trading-scheme-to-install-malware/

Mining Live Networks for OUI Data Oddness https://isc.sans.edu/forums/diary/Mining+Live+Networks+for+OUI+Data+Oddness/25404/ iTerm2 Vulnerability https://groups.google.com/forum/#!topic/iterm2-discuss/57k_AuLdQa4 Apple Updater Exploited in Bitpaymer Campaign https://blog.morphisec.com/apple-zero-day-exploited-in-bitpaymer-campaign

What Data Does Vidar Malware Steal https://isc.sans.edu/forums/diary/What+data+does+Vidar+malware+steal+from+an+infected+host/25398/ NTLM MIC Bypass https://www.preempt.com/blog/drop-the-mic-2-active-directory-open-to-more-ntlm-attacks/ Threats on Google Play https://news.drweb.com/show/review/?i=13446#google

Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+October+2019+Patch+Tuesday/25396/ Android Update https://source.android.com/security/bulletin/2019-10-01 vBulletin Update https://forum.vbulletin.com/forum/vbulletin-announcements/vbulletin-announcements_aa/4423646-vbulletin-5-5-x-5-5-2-5-5-3-and-5-5-4-security-patch-level-2

Cloudflare Warp + NordVPN on iOS Leads to Traffic in the Clear https://awakened1712.github.io/hacking/hacking-whatsapp-gif-rce/ WhatsApp Bug https://awakened1712.github.io/hacking/hacking-whatsapp-gif-rce/ MacOS Catalina and Safari Update Released https://www.macrumors.com/2019/10/07/apple-releases-macos-catalina/ https://support.apple.com/en-us/HT201222 (nothing new yet) Magecart Still Going Strong https://www.theregister.co.uk/2019/10/04/magecart/ (original RiskIQ report requires Registration)