SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Obfuscated QNAP bash Malware; https://isc.sans.edu/forums/diary/Obfuscated+bash+script+targeting+QNap+boxes/24348/ Half of All Phishing Sites Use HTTPS https://krebsonsecurity.com/2018/11/half-of-all-phishing-sites-now-have-the-padlock/ Chrome and Firefox to Remove FTP Support https://www.bleepingcomputer.com/news/google/chrome-and-firefox-developers-aim-to-remove-support-for-ftp/ California Wildfire Used in BEC Scams https://www.agari.com/identity-intelligence-blog/california-wildfire-email-scams/

ViperMonkey: VBA Maldoc Deobfuscation https://isc.sans.edu/forums/diary/ViperMonkey+VBA+maldoc+deobfuscation/24346/ Malicious NPM Libraries https://medium.com/@cnorthwood/todays-javascript-trash-fire-and-pile-on-f3efcf8ac8c7 Turning Your BMC Into A Revolving Door https://www.synacktiv.com/ressources/zeronights_2018_turning_your_bmc_into_a_revolving_door.pdf

Attacks Against Docker API https://isc.sans.edu/forums/diary/Moby+the+Shark/24340/ Mirai Like Attack Hitting Hadoop https://asert.arbornetworks.com/mirai-not-just-for-iot-anymore/ New Rowhammer Variant Effects ECC Memory https://www.vusec.net/projects/eccploit/

Critical Flash Update https://helpx.adobe.com/security/products/flash-player/apsb18-44.html Thanksgiving Lure for Emotet https://www.forcepoint.com/blog/security-labs/thanks-giving-emotet

Google Play Malware https://twitter.com/LukasStefanko ATM Vulnerabilities https://www.ptsecurity.com/upload/corporate/ww-en/analytics/ATM-Vulnerabilities-2018-eng.pdf Nagios XI Update https://www.tenable.com/security/research/tra-2018-37

Multipurpose PCAP Analysis Tool https://isc.sans.edu/forums/diary/Multipurpose+PCAP+Analysis+Tool/24322/ Quickly Investigating Websites with Lookyloo https://isc.sans.edu/forums/diary/Quickly+Investigating+Websites+with+Lookyloo/24320/ From Field Spoofing in GMail https://blog.cotten.io/hacking-gmail-with-weird-from-fields-d6494254722f?gi=ce61de4cb006

Emotet Spreading IcedID Banking Malware https://isc.sans.edu/forums/diary/Emotet+infection+with+IcedID+banking+Trojan/24312/ Crypto Miners Abusing Insecure Docker Installs https://forums.juniper.net/t5/Threat-Research/Container-Malware-Miners-Go-Docker-Hunting-In-The-Cloud/ba-p/400587 GPS Watches Can Be Used To Track Kids https://www.pentestpartners.com/security-blog/tracking-and-snooping-on-a-million-kids/ Firefox Will Notify Users of Breached Sites https://blog.mozilla.org/blog/2018/11/14/firefox-monitor-launches-in-26-languages-and-adds-new-desktop-browser-feature/ David Kennel: All-Seeing Eye or Blind Man? Understanding the Linux Kernel Auditing System https://www.sans.org/reading-room/whitepapers/linux/all-seeing-eye-blind-man-understanding-linux-kernel-auditing-system-38605

Details about Zero Day Exploit Taking Advantage of Win32k Vuln. https://securelist.com/a-new-exploit-for-zero-day-vulnerability-cve-2018-8589/88845/ PacSec Pwn2Own Results https://www.zerodayinitiative.com/blog/2018/11/13/pwn2own-tokyo-2018-day-one-results https://www.zerodayinitiative.com/blog/2018/11/14/pwn2own-tokyo-2018-day-two-results-and-master-of-pwn More Spectre/Meltdown Flaws https://arxiv.org/pdf/1811.05441.pdf

Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/November+2018+Microsoft+Patch+Tuesday/24308/ Adobe Security Bulletins https://helpx.adobe.com/security.html

Google BGP Hijack via Russia https://twitter.com/thousandeyes/status/1062102171506765825 https://www.wsj.com/articles/google-internet-traffic-is-briefly-misdirected-through-russia-china-1542068392 Microcode Bootloader USB https://www.techpowerup.com/forums/threads/intel-microcode-boot-loader.248858/ Wordpress GDPR Tool Vulnerable https://www.wordfence.com/blog/2018/11/trends-following-vulnerability-in-wp-gdpr-compliance-plugin/