SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

This podcast discusses command line parsing issues in Linux, a tampering technique in iOS 16, attacks on LinkedIn accounts, and privacy concerns related to robot vacuums.

Discussion on malicious modules in PowerShell Gallery and the importance of accurate timekeeping. Increase in targeted QR code attacks and the release of a Citrix ADC scanner tool by Mandiant.

This podcast covers security vulnerabilities in macOS Ventura's background task manager, including a bypass method, and a stack-based buffer overflow vulnerability in Eventy Avalanche. It also discusses vulnerabilities in Synology Cloud's quick connect feature and a warning from the FBI about fake cryptocurrency apps.

Discussion on PDFID false positives and a Microsoft vulnerability patch. Patch for power management systems used in data centers and vulnerabilities in CyberPower and Dataprobe. Ford's car Wi-Fi vulnerability with a buffer overflow issue in the Texas Instrument module.

Show Me All Your Windows https://isc.sans.edu/diary/Show%20me%20All%20Your%20Windows!/30116 Zero Touch Pwn https://blog.syss.com/posts/zero-touch-pwn/ Maginot DNS Spoofing Attack https://www.usenix.org/conference/usenixsecurity23/presentation/li-xiang

Some things never change, such as SQL Authentication "Encryption" https://isc.sans.edu/diary/Some%20things%20never%20change%20%3F%20such%20as%20SQL%20Authentication%20%3Fencryption%3F/30112 Defender Pretender: When Windows Defender Updates Become a Security Risk https://www.blackhat.com/us-23/briefings/schedule/#defender-pretender-when-windows-defender-updates-become-a-security-risk-32706 Dell Compellent Hardcoded Key https://www.dell.com/support/kbdoc/en-us/000216615/dsa-2023-282-security-update-for-dell-storage-integration-tools-for-vmware-dsitv-vulnerabilities Vulnerabilities in Sogou Keyboard https://citizenlab.ca/2023/08/vulnerabilities-in-sogou-keyboard-encryption/

Tunnelcrack VPN Vulnerability https://papers.mathyvanhoef.com/usenix2023-tunnelcrack.pdf Mozilla VPN Vulnerablity https://www.openwall.com/lists/oss-security/2023/08/03/1 Non English Exchange Server Patch Issues https://techcommunity.microsoft.com/t5/exchange-team-blog/released-august-2023-exchange-server-security-updates/bc-p/3894481/highlight/true VSCode Token Security https://cycode.com/blog/exposing-vscode-secrets/ Weekly Updates for Google Chrome https://security.googleblog.com/2023/08/an-update-on-chrome-security-updates.html

Microsoft Patch Tuesday https://isc.sans.edu/diary/Microsoft%20August%202023%20Patch%20Tuesday/30106 Adobe Updates https://helpx.adobe.com/security/security-bulletin.html

Update: Researchers Scanning the Internet https://isc.sans.edu/diary/Update%3A%20Researchers%20scanning%20the%20Internet/30102 Malicious OpenBullet Configuration Files https://www.kasada.io/threat-intel-openbullet-malware/ Abusing Cloudflare Tunnels https://www.guidepointsecurity.com/blog/tunnel-vision-cloudflared-abused-in-the-wild/

Are Leaked Credential Dumps Used by Attackers? https://isc.sans.edu/diary/Are%20Leaked%20Credentials%20Dumps%20Used%20by%20Attackers%3F/30098 New PaperCut RCE Vulnerability https://www.horizon3.ai/cve-2023-39143-papercut-path-traversal-file-upload-rce-vulnerability/ Microsoft mitigates Power Platform Custom Code information disclosure vulnerability https://msrc.microsoft.com/blog/2023/08/microsoft-mitigates-power-platform-custom-code-information-disclosure-vulnerability/ Microsoft Publishes Token theft Playbook https://learn.microsoft.com/en-us/security/operations/token-theft-playbook