SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

WPA2 "Krack" Attack https://www.krackattacks.com/ https://securingthehuman.sans.org/blog/2017/10/16/28748/ Adobe Flash Player Update https://helpx.adobe.com/security/products/flash-player/apsb17-32.html Two (identical) uTorrent Binaries With Different Hashes https://isc.sans.edu/forums/diary/Its+in+the+signature/22928/

Peeking Into an Outlook .msg File https://isc.sans.edu/forums/diary/Peeking+into+msg+files/22926/ Abandoned Domains / Equifax/Transunion Lead to Fake Falsh Update https://blog.malwarebytes.com/threat-analysis/2017/10/equifax-transunion-websites-push-fake-flash-player/ Microsoft Patch Causes Corrupted Systems https://support.microsoft.com/en-us/help/4049094 DoubleLocker Android Ransomware https://www.welivesecurity.com/2017/10/13/doublelocker-innovative-android-malware/ Chrome Extension Mines Crypto Currency https://www.bleepingcomputer.com/news/security/chrome-extension-uses-your-gmail-to-register-domains-names-and-injects-coinhive/

Version Control Tools Are Not Only For Developers https://isc.sans.edu/forums/diary/Version+control+tools+arent+only+for+Developers/22922/ Coin Hive Javascript Crypto Currency Miner Found on Piratebay https://twitter.com/esterling_/status/918240914623090695 https://crypto-loot.com Macro-less Code Exec in MSWord Rediscovered https://sensepost.com/blog/2017/macro-less-code-exec-in-msword/ https://blog.nviso.be/2017/10/11/detecting-dde-in-ms-office-documents/ Hard Disks Can Be Used As Microphones https://github.com/ortegaalfredo/kscope/blob/master/doc/HDD-microphones.pdf

Outlook Includes plain text version of e-mail with S/MIME Encryption https://www.sec-consult.com/en/blog/2017/10/fake-crypto-microsoft-outlook-smime-cleartext-disclosure-cve-2017-11776/index.html RubyGems Remote Code Execution Vulnerability http://blog.rubygems.org/2017/10/09/unsafe-object-deserialization-vulnerability.html Google Home Mini Recorded Everything http://www.androidpolice.com/2017/10/10/google-nerfing-home-minis-mine-spied-everything-said-247/ Cameradar Finds Open RTSP Streams https://github.com/EtixLabs/cameradar

Microsoft Monthly Updates https://isc.sans.edu/forums/diary/October+2017+Security+Updates/22916/ Spoofed iOS iCloud Login https://krausefx.com/blog/ios-privacy-stealpassword-easily-get-the-users-apple-id-password-just-by-asking

Base64 Encoded Word Documents https://isc.sans.edu/forums/diary/Base64+All+The+Things/22912/ Skimmer Scanner Helps Find Credit Card Skimmers https://github.com/sparkfunX/Skimmer_Scanner TLS 1.3 Remains "On Hold" https://www.ietf.org/mail-archive/web/tls/current/msg24517.html FIDO U2F Key Review / Test https://www.imperialviolet.org/2017/10/08/securitykeytest.html

Payment Handler API https://w3c.github.io/payment-handler/ https://blog.lukaszolejnik.com/privacy-of-web-request-api/ OpenSSH Version 7.6 Released http://www.openssh.com/txt/release-7.6 Microsoft Delaying Some Patches for Earlier Windows Versions https://googleprojectzero.blogspot.sg/2017/10/using-binary-diffing-to-discover.html The Dangers of Cables https://isc.sans.edu/forums/diary/Whats+in+a+cable+The+dangers+of+unauthorized+cables/22904/

Extract HTTP Requests from PCAPs and Turn Them Into cURL Commands https://isc.sans.edu/forums/diary/pcap2curl+Turning+a+pcap+file+into+a+set+of+cURL+commands+for+replay/22900/ Apple Patches Embarrasing MacOS High Sierra Flaw https://www.appleworld.today/blog/2017/10/5/macos-high-sierra-flaw-exposes-passwords-of-encrypted-apfs-volumes Another Tomcat PUT Vulnerability https://lists.apache.org/thread.html/3fd341a604c4e9eab39e7eaabbbac39c30101a022acc11dd09d7ebcb@%3Cannounce.tomcat.apache.org%3E Dallas Haselhorst: HL7 Healthcare Protocol https://www.sans.org/reading-room/whitepapers/hipaa/hl7-data-interfaces-medical-environments-understanding-fundamental-flaw-healthcare-38005 https://www.sans.org/reading-room/whitepapers/vpns/hl7-data-interfaces-medical-environments-attacking-defending-achilles-heel-healthcare-38010 https://www.tripwire.com/state-of-security/security-data-protection/hl7-data-interfaces-in-medical-environments/

Cyber Security Awareness Month: Ouch! Newsletter https://securingthehuman.sans.org/newsletters/ouch/issues/OUCH-201710_en.pdf Modified Rowhammer Attack Bypasses Current Defenses https://arxiv.org/pdf/1710.00551.pdf Metasploit Modules For VMWare Escape https://www.zerodayinitiative.com/blog/2017/10/04/vmware-escapology-how-to-houdini-the-hypervisor

Fedex Malspam Pushes Formbook Infostealer Malware https://isc.sans.edu/forums/diary/Malspam+pushing+Formbook+info+stealer/22888/ Wordpress Plugins Heavily Abused For Site Defacements https://www.wordfence.com/blog/2017/10/3-zero-day-plugin-vulnerabilities-exploited-wild/ Fake WordPress Security Plugin Being Advertised https://blog.sucuri.net/2017/09/fake-plugins-fake-security.html Proof Of Concept Information Disclosure for Internet Explorer https://www.brokenbrowser.com/revealing-the-content-of-the-address-bar-ie/ Nzyme Wifi Frame Recording and Forensics https://wtf.horse/2017/10/02/introducing-nzyme-wifi-802-11-frame-recording-and-forensics/ Cyber Security Interviews https://twitter.com/CSI_Podcast/status/915026734801489921