SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Annotating Golang Binaries with Cutter and Jupyter https://isc.sans.edu/forums/diary/Annotating+Golang+binaries+with+Cutter+and+Jupyter/24790/ ASUS Targeted MAC Addresses Available for Download https://skylightcyber.com/2019/03/28/unleash-the-hash-shadowhammer-mac-list/ Weaponized Version of New Zealand Attack Manifesto https://bluehexagon.ai/blog/weaponized-version-of-new-zealand-terror-suspects-manifesto-discovered-in-the-wild/ Kubernetes Directory Traversal https://www.twistlock.com/labs-blog/disclosing-directory-traversal-vulnerability-kubernetes-copy-cve-2019-1002101/ VMWare Patches https://www.vmware.com/security/advisories/VMSA-2019-0005.html

Creating Your Own Passive DNS Logs https://isc.sans.edu/forums/diary/Running+your+Own+Passive+DNS+Service/24784/ Incomplete Patch for Cisco RV320 Routers https://www.redteam-pentesting.de/en/advisories/rt-sa-2019-003/-cisco-rv320-unauthenticated-configuration-export https://www.redteam-pentesting.de/en/advisories/rt-sa-2019-004/-cisco-rv320-unauthenticated-diagnostic-data-retrieval TPLink Debug Port Vulnerability https://twitter.com/mjg59/status/1111106885736787975 https://pastebin.com/GAzccR95

Microsoft Releases Application Guard for Firefox and Chrome https://blogs.windows.com/windowsexperience/2019/03/15/announcing-windows-10-insider-preview-build-18358/ New Set of LTE Vulnerabilities https://syssec.kaist.ac.kr/pub/2019/kim_sp_2019.pdf NVidia Privilege Escalation https://rhinosecuritylabs.com/application-security/nvidia-arbitrary-file-writes-to-command-execution-cve-2019-5674/

Apple Updates https://support.apple.com/en-us/HT201222 ASUS Response to Kaspersky Report https://www.asus.com/News/hqfgVUyZ6uyAyJe1 Firefox Importing Windows Root Certificates https://bugzilla.mozilla.org/show_bug.cgi?id=1533397 UC Webbrowser MITM Vulnerability https://www.bleepingcomputer.com/news/security/uc-browser-for-android-desktop-exposes-500-million-users-to-mitm-attacks/

ASUS Live Update "ShadowHammer" Backdoor https://www.kaspersky.com/blog/shadow-hammer-teaser https://shadowhammer.kaspersky.com/ Telegram Unsent Feature https://techcrunch.com/2019/03/25/going-going-gone/ F5 Big IP Updates https://support.f5.com/csp/article/K14812883

Reversing Malware Written In Golang https://isc.sans.edu/forums/diary/Introduction+to+analysing+Go+binaries/24770/ More "VelvetSweatshop" Maldocs https://isc.sans.edu/forums/diary/VelvetSweatshop+Maldocs/24772/ Reading QR Codes in Python https://isc.sans.edu/forums/diary/Decoding+QR+Codes+with+Python/24774/ Pwn2Own Contest: Firefox, Safari, Edge and others fall https://www.zdnet.com/article/tesla-car-hacked-at-pwn2own-contest/ Norwegian Nokia Phones Sent Data to China (Article in Norwegian) https://nrkbeta.no/2019/03/21/norske-telefoner-sendte-personopplysninger-til-kina/ Java Card Vulnerabilities https://seclists.org/fulldisclosure/2019/Mar/35

Google Photo Cross-Site-Leak Exposes Picture Meta Data https://www.imperva.com/blog/now-patched-google-photos-vulnerability-let-hackers-track-your-friends-and-location-history/ Fake CDC EMails Spread GandCrab Ransomware https://myonlinesecurity.co.uk/fake-cdc-flu-pandemic-warning-delivers-gandcrab-5-2-ransomware/ Atlassian Sourcetree Vulnerability https://confluence.atlassian.com/sourcetreekb/sourcetree-security-advisory-2019-03-06-966678691.html Microsoft Defender for MacOS https://www.theregister.co.uk/2019/03/21/microsoft_defender_atp/

Using Active Directory (AD) To Find Hosts That Are Not in AD https://isc.sans.edu/forums/diary/Using+AD+to+find+hosts+that+arent+in+AD+fun+with+the+IPAddress+construct/24762/ Microsoft Anti Malware Crashing Windows https://social.technet.microsoft.com/Forums/en-US/18ab60a3-3b26-4a07-b68d-84085ce66ce5/scep-crashing-pcs?forum=ConfigMgrCompliance&prof=required Reduction in DDoS Attacks https://www.nexusguard.com/threat-report-q4-2018

Cloudflare Releases Proxy Detection Tools https://blog.cloudflare.com/monsters-in-the-middleboxes/ Business Email Compromise Moving to SMS https://www.agari.com/email-security-blog/bec-goes-mobile/ JavaScript Requests Without Same Origin Policy Limitations https://www.forcepoint.com/blog/security-labs/attacking-internal-network-public-internet-using-browser-proxy Discovering IPv6 Hosts With UPNP https://blog.talosintelligence.com/2019/03/ipv6-unmasking-via-upnp.html#more

Putty Updates https://www.chiark.greenend.org.uk/~sgtatham/putty/ Fujitsu Wireless Keyboard Vulnerabilities https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-033.txt Signed Malware Goes Undetected https://twitter.com/malwrhunterteam/status/1104082562216062978/photo/1?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1104082562216062978&ref_url=https%3A%2F%2Fwww.theregister.co.uk%2F2019%2F03%2F18%2Fsecurity_roundup_150319%2F Free Support for Ubuntu 14.04 LTS Ends in April https://lists.ubuntu.com/archives/ubuntu-announce/2019-March/000241.html Latest Mirai Version with Even More Exploits https://unit42.paloaltonetworks.com/new-mirai-variant-targets-enterprise-wireless-presentation-display-systems/