SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Malicious .iso Attachments https://isc.sans.edu/forums/diary/Malicious+iso+Attachments/22636/ Maldoc with .lnk File https://isc.sans.edu/forums/diary/Another+lnk+File/22640/ Large Ethereum Hack http://hackingdistributed.com/2017/07/22/deep-dive-parity-bug/

Symantec Sloppy Key Verification Leads To Revocation of Certificates https://blog.hboeck.de/archives/888-How-I-tricked-Symantec-with-a-Fake-Private-Key.html Gnome Thumbnailer Executes Code http://news.dieweltistgarnichtso.net/posts/gnome-thumbnailer-msi-fail.html

Bots Searching for Keys and Config Files https://isc.sans.edu/forums/diary/Bots+Searching+for+Keys+Config+Files/22630/ Apple Updates Everything https://support.apple.com/en-us/HT201222 Trend Micro Sees SambaCry Exploits http://blog.trendmicro.com/trendlabs-security-intelligence/linux-users-urged-update-new-threat-exploits-sambacry/ Google Increases Developer Scrutiny https://developers.googleblog.com/2017/05/updating-developer-identity-guidelines.html

Oracle Quarterly Critical Patch Update http://www.oracle.com/technetwork/security-advisory/cpujul2017verbose-3236625.html Cisco WebEx Plugin Update https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170717-webex https://bugs.chromium.org/p/project-zero/issues/detail?id=1324&desc=2 Node.JS DoS Vulnerability https://nodejs.org/en/blog/vulnerability/july-2017-security-releases/ Bitdefender Remote Stack Buffer Overflow https://landave.io/2017/07/bitdefender-remote-stack-buffer-overflow-via-7z-ppmd/ Coindash Hack https://twitter.com/coindashio/status/886936799695818752 https://www.coindash.io DowJones Leaks Customer Data via S3 Buckets https://www.upguard.com/breaches/cloud-leak-dow-jones

SMS Phishing Asks Victims to Upload Picture of Token Card https://isc.sans.edu/forums/diary/SMS+Phishing+induces+victims+to+photograph+its+own+token+card/22616/ Critical FreeRADIUS Update https://guidovranken.wordpress.com/2017/07/17/11-remote-vulnerabilities-inc-2x-rce-in-freeradius-packet-parsers/ OS X Malware Installs Crypto Messenger Signal https://blog.checkpoint.com/2017/07/13/osxdok-refuses-go-away-money/

NemucodAES UPS Malspam https://isc.sans.edu/forums/diary/NemucodAES+and+the+malspam+that+distributes+it/22614/ Analyzing Malicious Office Document With LNK https://isc.sans.edu/forums/diary/Office+maldoc+lnk/22618/ Gandi Breach Leads to Domain Compromise https://news.gandi.net/en/2017/07/detailed-incident-report/ iSmart Alarm Vulnerabilities http://dojo.bullguard.com/blog/burglar-hacker-when-a-physical-security-is-compromised-by-iot-vulnerabilities/

Malware Loads ffmpeg For Video Recording Features https://blog.malwarebytes.com/threat-analysis/2017/07/malware-abusing-ffmpeg/ Password Managers and Cloud Storage https://discussions.agilebits.com/discussion/76956/can-i-still-buy-standalone-license-for-the-1password-no-longer-being-marketed/p8 SAP Point of Sales Express Patch https://erpscan.com/press-center/blog/sap-cyber-threat-intelligence-report-july-2017/ Roderick Currie: Car Hacking Developments https://www.sans.org/reading-room/whitepapers/internet/developments-car-hacking-36607

Simple File Integrity Monitoring With Backup Scripts https://isc.sans.edu/forums/diary/Backup+Scripts+the+FIM+of+the+Poor/22606/ Ethereum Wallet Services Targeted By Scammers http://www.ibtimes.co.uk/ethereum-under-siege-scammers-make-700000-6-days-slack-reddit-phishing-attacks-1629866 MongoDB Security Surprises For Shared Hosting https://medium.com/@alexbyk/mongodb-at-shared-hosting-security-surprises-c441ecb84b54 Trend Micro Vulnerabilities https://www.coresecurity.com/advisories/trend-micro-deep-discovery-director-multiple-vulnerabilities

Microsoft Patch Tuesday https://isc.sans.edu/diary//22602 AT&T Cell Phone Takeover https://carpeaqua.com/2017/07/07/hack-the-planet/ Systemd Invalid Username Bug To Be Fixed https://github.com/systemd/systemd/pull/6300

Takeover of .io TLD https://thehackerblog.com/the-io-error-taking-control-of-all-io-domains-with-a-targeted-registration/ Malwarebytes Quarterly Malware Report https://www.malwarebytes.com/pdf/white-papers/CybercrimeTacticsAndTechniques-Q2-2017.pdf OpenBSD Introducing KARL To Randomize Kernel Layout at Boot https://marc.info/?l=openbsd-tech&m=149732026405941&w=2