SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

HTML Based Phishing Run https://isc.sans.edu/forums/diary/HTML+based+Phishing+Run/26242/ Major T-Mobile Outage (may affect other carriers as well) https://twitter.com/NevilleRay/status/1272650750665953280 https://status.duo.com/incidents/txv7kq6tr0h8 Vulnerabilities in LTE and 5G Networks https://positive-tech.com/storage/articles/gtp-2020/threat-vector-gtp-2020-eng.pdf SANSFIRE Handler Talks Xavier Mertens: https://www.sans.org/webcasts/sansatmic-walk-logs-hell-115420 Bojan Zdrnja: https://www.sans.org/webcasts/sansatmic-arcane-web-mobile-application-vulnerHTML Phishing

Fileless Excel Malware https://isc.sans.edu/forums/diary/Malicious+Excel+Delivering+Fileless+Payload/26232/ Windows Update Issues https://support.microsoft.com/en-us/help/4566779/usb-printer-port-missing-after-disconnecting-printer-while-windows-10 https://answers.microsoft.com/en-us/windows/forum/all/cumulative-updates-june-9th-2020/45a8a7f3-cb89-459e-acf1-32d9de15c099 Privnote.com Phishing https://krebsonsecurity.com/2020/06/privnotes-com-is-phishing-bitcoin-from-users-of-private-messaging-service-privnote-com/ SANS @Mic Talk: ISC Handler Bojan Zdrnja https://www.sans.org/webcasts/sansatmic-arcane-web-mobile-application-vulnerabilities-115425

Anti-Debugging JavaScript Techniques https://isc.sans.edu/forums/diary/AntiDebugging+JavaScript+Techniques/26228/ Facebook Messenger Desktop App Vulnerability https://blog.reasonsecurity.com/2020/06/11/persistence-method-using-facebook-messenger-desktop-app/ Outlook Massmailing Macros https://www.welivesecurity.com/2020/06/11/gamaredon-group-grows-its-game/ STI Student Research: Dennis Taggard; Ebb and Flow: Network Flow Logging as a Staple of Public Cloud Visibility or a Waning Imperative? Paper: https://www.sans.org/reading-room/whitepapers/cloud/ebb-flow-network-flow-logging-staple-public-cloud-visibility-waning-imperative-39580 Video: https://youtu.be/faoFx7Q3_aM

Job Application Themed Malspam Pushes ZLoader https://isc.sans.edu/forums/diary/Job+applicationthemed+malspam+pushes+ZLoader/26222/ More Expiring Root CAs https://scotthelme.co.uk/impending-doom-root-ca-expiring-legacy-clients/ Black Lives Matter Themed Malware https://www.bleepingcomputer.com/news/security/fake-black-lives-matter-voting-campaign-spreads-trickbot-malware/

Microsoft Patch Day https://isc.sans.edu/forums/diary/Microsoft+June+2020+Patch+Tuesday/26220/ SMBleed https://github.com/ZecOps/CVE-2020-1206-POC Adobe Patches https://helpx.adobe.com/security.html Intel Patch Day https://blogs.intel.com/technology/2020/06/ipas-security-advisories-for-june-2020/?linkId=100000012832617

Translating BASE64 Obfuscated Scripts https://isc.sans.edu/forums/diary/Translating+BASE64+Obfuscated+Scripts/26214/ Fake Ransomware Decryptor https://www.bleepingcomputer.com/news/security/fake-ransomware-decryptor-double-encrypts-desperate-victims-files/ GNUTLS TLS 1.3 Machine in the Middle https://gitlab.com/gnutls/gnutls/-/issues/1011 CallStranger UPNP Vulnerability https://callstranger.com/ Shellcode Analysis 101 https://www.sans.org/webcasts/sansatmic-shellcode-analysis-101-114160

PHP FastCGI Attacks https://isc.sans.edu/forums/diary/Not+so+FastCGI/26208/ Protest Cybersecurity https://isc.sans.edu/forums/diary/Cyber+Security+for+Protests/26210/ uBlock Origin Blocks Portscans https://www.bleepingcomputer.com/news/security/ublock-origin-ad-blocker-now-blocks-port-scans-on-most-sites/ QNAP Vulnerability https://www.qnap.com/en/security-advisory/qsa-20-01

Anti-Debugging Technique Based on Memory Protection https://isc.sans.edu/forums/diary/AntiDebugging+Technique+based+on+Memory+Protection/26200/ Suspending Suspicious Domain Feed/Update to Researcher IP Feed https://isc.sans.edu/forums/diary/Suspending+Suspicious+Domain+Feed+Update+to+Researcher+IP+Feed/26204/ Bank Transaction Comments Used for Abusive Messages https://www.theregister.com/2020/06/04/commonwealth_bank_bans_indecent_transaction_descriptions/ Android Security Bulletin https://source.android.com/security/bulletin/2020-06-01 Android Wallpaper Crash https://www.androidauthority.com/android-wallpaper-crash-1124577/ STI Research Paper: Janusz Pazgier; Efficacy of UNIX HIDS https://www.sans.org/reading-room/whitepapers/detection/efficacy-unix-hids-39565

Polish Malspam Pushes ZLoader Malware https://isc.sans.edu/forums/diary/Polish+malspam+pushes+ZLoader+malware/26196/ Cisco Patches IP-in-IP Flaw https://securityaffairs.co/wordpress/104192/security/ip-in-ip-flaw-cisco.html Zoom Fixes Two Critical Flaws https://blog.talosintelligence.com/2020/06/vuln-spotlight-zoom-code-execution-june-2020.html Firefox Disables Automatic DNS over HTTPS Selection to Prevent DDoS https://www.mozilla.org/en-US/firefox/77.0.1/releasenotes/

Type 2 Strackstrings https://isc.sans.edu/forums/diary/Stackstrings+type+2/26192/ More Details About AddTrust External CA Root Expiration https://www.agwa.name/blog/post/fixing_the_addtrust_root_expiration VMWare Cloud Director Vulnerability and Exploit https://citadelo.com/en/blog/full-infrastructure-takeover-of-vmware-cloud-director-CVE-2020-3956/