SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Apple Updates https://support.apple.com/en-us/HT201222 ASUS Response to Kaspersky Report https://www.asus.com/News/hqfgVUyZ6uyAyJe1 Firefox Importing Windows Root Certificates https://bugzilla.mozilla.org/show_bug.cgi?id=1533397 UC Webbrowser MITM Vulnerability https://www.bleepingcomputer.com/news/security/uc-browser-for-android-desktop-exposes-500-million-users-to-mitm-attacks/

ASUS Live Update "ShadowHammer" Backdoor https://www.kaspersky.com/blog/shadow-hammer-teaser https://shadowhammer.kaspersky.com/ Telegram Unsent Feature https://techcrunch.com/2019/03/25/going-going-gone/ F5 Big IP Updates https://support.f5.com/csp/article/K14812883

Reversing Malware Written In Golang https://isc.sans.edu/forums/diary/Introduction+to+analysing+Go+binaries/24770/ More "VelvetSweatshop" Maldocs https://isc.sans.edu/forums/diary/VelvetSweatshop+Maldocs/24772/ Reading QR Codes in Python https://isc.sans.edu/forums/diary/Decoding+QR+Codes+with+Python/24774/ Pwn2Own Contest: Firefox, Safari, Edge and others fall https://www.zdnet.com/article/tesla-car-hacked-at-pwn2own-contest/ Norwegian Nokia Phones Sent Data to China (Article in Norwegian) https://nrkbeta.no/2019/03/21/norske-telefoner-sendte-personopplysninger-til-kina/ Java Card Vulnerabilities https://seclists.org/fulldisclosure/2019/Mar/35

Google Photo Cross-Site-Leak Exposes Picture Meta Data https://www.imperva.com/blog/now-patched-google-photos-vulnerability-let-hackers-track-your-friends-and-location-history/ Fake CDC EMails Spread GandCrab Ransomware https://myonlinesecurity.co.uk/fake-cdc-flu-pandemic-warning-delivers-gandcrab-5-2-ransomware/ Atlassian Sourcetree Vulnerability https://confluence.atlassian.com/sourcetreekb/sourcetree-security-advisory-2019-03-06-966678691.html Microsoft Defender for MacOS https://www.theregister.co.uk/2019/03/21/microsoft_defender_atp/

Using Active Directory (AD) To Find Hosts That Are Not in AD https://isc.sans.edu/forums/diary/Using+AD+to+find+hosts+that+arent+in+AD+fun+with+the+IPAddress+construct/24762/ Microsoft Anti Malware Crashing Windows https://social.technet.microsoft.com/Forums/en-US/18ab60a3-3b26-4a07-b68d-84085ce66ce5/scep-crashing-pcs?forum=ConfigMgrCompliance&prof=required Reduction in DDoS Attacks https://www.nexusguard.com/threat-report-q4-2018

Cloudflare Releases Proxy Detection Tools https://blog.cloudflare.com/monsters-in-the-middleboxes/ Business Email Compromise Moving to SMS https://www.agari.com/email-security-blog/bec-goes-mobile/ JavaScript Requests Without Same Origin Policy Limitations https://www.forcepoint.com/blog/security-labs/attacking-internal-network-public-internet-using-browser-proxy Discovering IPv6 Hosts With UPNP https://blog.talosintelligence.com/2019/03/ipv6-unmasking-via-upnp.html#more

Putty Updates https://www.chiark.greenend.org.uk/~sgtatham/putty/ Fujitsu Wireless Keyboard Vulnerabilities https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-033.txt Signed Malware Goes Undetected https://twitter.com/malwrhunterteam/status/1104082562216062978/photo/1?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1104082562216062978&ref_url=https%3A%2F%2Fwww.theregister.co.uk%2F2019%2F03%2F18%2Fsecurity_roundup_150319%2F Free Support for Ubuntu 14.04 LTS Ends in April https://lists.ubuntu.com/archives/ubuntu-announce/2019-March/000241.html Latest Mirai Version with Even More Exploits https://unit42.paloaltonetworks.com/new-mirai-variant-targets-enterprise-wireless-presentation-display-systems/

Binary Analysis With Jupyter and Radare2 https://isc.sans.edu/forums/diary/Binary+Analysis+with+Jupyter+and+Radare2/24748/ IMAP Brute Forcing against Cloud Accounts https://www.proofpoint.com/us/threat-insight/post/threat-actors-leverage-credential-dumps-phishing-and-legacy-email-protocols Google Allows GSuite Users to Disable SMS/Voice Authentication https://gsuiteupdates.googleblog.com/2019/03/more-control-over-2-step-verification-security-phone-sms.html Sniffing Bitlocker Keys from TPM https://pulsesecurity.co.nz/articles/TPM-sniffing

Analyzing ZIP Files in Ghydra https://isc.sans.edu/forums/diary/Tip+Ghidra+ZIP+Files/24732/ 64 Bit Certificate Serial Number Revocation https://adamcaudill.com/2019/03/09/tls-64bit-ish-serial-numbers-mass-revocation/ Cisco Default Account Problem https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190313-cspcscv Intel Patches https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00185.html https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00191.html

Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+March+2019+Patch+Tuesday/24742/ Adobe Updates https://helpx.adobe.com/security.html PSMiner https://blog.360totalsecurity.com/en/new-mining-worm-psminer-uses-multiple-high-risk-vulnerabilities-to-spread/ Automatic Certificate Managment Environment https://tools.ietf.org/html/rfc8555