SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

New Bypass Technique or Corrupt Word Document https://isc.sans.edu/forums/diary/New+Bypass+Technique+or+Corrupt+Word+Document/25984/ CitizenLab Analyzes Zoom Encryption https://citizenlab.ca/2020/04/move-fast-roll-your-own-crypto-a-quick-look-at-the-confidentiality-of-zoom-meetings/ https://www.sans.org/webcasts/zomg-its-zoom-114670 Mozilla Patches Critical Firefox Flaws https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/ Malicious JavaScript injected into Discord https://www.bleepingcomputer.com/news/security/discord-turned-into-an-account-stealer-by-updated-malware/

Twitter Cache Bug in Firefox https://privacy.twitter.com/en/blog/2020/data-cache-firefox MS-SQL Server Attack https://www.guardicore.com/2020/04/vollgar-ms-sql-servers-under-attack/ More Zoom Vulnerabilities https://objective-see.com/blog/blog_0x56.html Covid-19 Economic Impact Payments Scams https://www.justice.gov/usao-edky/press-release/file/1265371/download Safari Camera Access Bug https://www.ryanpickren.com/webcam-hacking-overview

Quakbot Malspam Sent From an Infected Windows Host https://isc.sans.edu/forums/diary/Qakbot+malspam+sent+from+an+infected+Windows+host/25972/ TPOT Cowrie to ISC Logs https://isc.sans.edu/forums/diary/TPOTs+Cowrie+to+ISC+Logs/25976/ SSH Issues After MacOS Update https://feed.tyler.io/so-uh-i-think-catalina-10154-broke-ssh/ Cloudflare DNS For Families https://blog.cloudflare.com/introducing-1-1-1-1-for-families/ Zoom Leaks Windows Password Hashes via UNC Links https://twitter.com/hackerfantastic/status/1245133371262619654

Kwampirs Update https://isc.sans.edu/forums/diary/Kwampirs+Targeted+Attacks+Involving+Healthcare+Sector/25968/ Exposed RDP https://blog.shodan.io/trends-in-internet-exposure/ D-Link DSL-2640B Vulnerability https://raelize.com/posts/d-link-dsl-2640b-security-advisories/ SMB 3.1.1 (CVE-2020-0796) Local Privilege Escalation Exploit https://github.com/danigargu/CVE-2020-0796

Crashing Windows Explorer Without a Click https://isc.sans.edu/forums/diary/Crashing+explorerexe+without+a+click/25966/ Zoom Privacy Policy https://blogs.harvard.edu/doc/2020/03/27/zoom/ Zoom Bombing https://www.fbi.gov/contact-us/field-offices/boston/news/press-releases/fbi-warns-of-teleconferencing-and-online-classroom-hijacking-during-covid-19-pandemic Zoom Related Domains Used for Phishing https://blog.checkpoint.com/2020/03/30/covid-19-impact-cyber-criminals-target-zoom-domains/

Covid19 Domain Classifier https://isc.sans.edu/covidclassifier.html https://www.youtube.com/watch?v=yNIlyJ3gI-4 Attackers Mail Malicious USB Drives and Teddy Bears https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/would-you-exchange-your-security-for-a-gift-card/ HongKong News Sites Used to Install Malware on iOS Devices https://blog.trendmicro.com/trendlabs-security-intelligence/operation-poisoned-news-hong-kong-users-targeted-with-mobile-malware-via-local-news-links/

Very Large Sample as an Obfuscation Technique https://isc.sans.edu/forums/diary/Very+Large+Sample+as+Evasion+Technique/25948/ iOS VPN Bypass https://protonvpn.com/blog/apple-ios-vulnerability-disclosure/ Free Covid19 Domain List https://www.domaintools.com/resources/blog/free-covid-19-threat-list-domain-risk-assessments-for-coronavirus-threats Linux Rubber Ducky Protection https://opensource.googleblog.com/2020/03/usb-keystroke-injection-protection.html

Dridex Update https://isc.sans.edu/forums/diary/Recent+Dridex+activity/25944/ Covid-19 Ransom https://twitter.com/johullrich/status/1242983197555789824 HP Enterprise SSD Firmware Bug https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00097382en_us Fake Google Chrome Update https://news.drweb.com/show/?i=13746&lng=en TrickBot Pushing a 2FA Bypass App in Germany https://securityintelligence.com/posts/trickbot-pushing-a-2fa-bypass-app-to-bank-customers-in-germany/

Updated Microsoft Advisory 200006 https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/adv200006 Memcached Denial of Service Vulnerability https://github.com/memcached/memcached/issues/629 Adobe Creative Cloud Desktop Application Patches https://helpx.adobe.com/security/products/creative-cloud/apsb20-11.html Microsoft Pausing Cumulative Updates Starting May https://docs.microsoft.com/en-us/windows/release-information/windows-message-center#405 Apple Security Patches https://support.apple.com/en-us/HT201222 OpenWRT Vulnerability Fixed https://thehackernews.com/2020/03/openwrt-rce-vulnerability.html

Windows Font Parsing 0-Day https://isc.sans.edu/forums/diary/Windows+Zeroday+Actively+Exploited+Type+1+Font+Parsing+Remote+Code+Execution+Vulnerability/25936/ Covid-19 Malware Summary https://github.com/parthdmaniar/coronavirus-covid-19-SARS-CoV-2-IoCs Firefox Turns TLS 1.0/1.1 Back on https://www.mozilla.org/en-US/firefox/74.0/releasenotes/