SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

New Vulnerabilities Found in OpenVPN https://guidovranken.wordpress.com/2017/06/21/the-openvpn-post-audit-bug-bonanza/ RAR Unpack Vulnerability Affects BitDefender https://bugs.chromium.org/p/project-zero/issues/detail?id=1278&desc=6 Honda Plant Shuts Down Over Wannacry https://www.bleepingcomputer.com/news/security/one-month-later-wannacry-ransomware-is-still-shutting-down-factories/

Cisco Ships Private Key For drmlocal.cisco.com With Video Player https://groups.google.com/forum/#!topic/mozilla.dev.security.policy/T6emeoE-lCU Windows Error Reporting: DFIR Benefits and Privacy Concerns https://isc.sans.edu/forums/diary/Windows+Error+Reporting+DFIR+Benefits+and+Privacy+Concerns/22536/ Deteting Memory Curruption in glibc https://github.com/DhavalKapil/libdheap Let's Encrypt ACME Protocol To Become IETF Standard https://tools.ietf.org/html/draft-ietf-acme-acme-06 Microsoft Publishes Analysis of NSA Exploits https://blogs.technet.microsoft.com/mmpc/2017/06/16/analysis-of-the-shadow-brokers-release-and-mitigation-with-windows-10-virtualization-based-security/

Stack Clash Vulnerability Affects Various Unix Based Operating Systems https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt Separation Of Duties / Malicious Administrators https://isc.sans.edu/forums/diary/As+Your+Admin+Walks+Out+the+Door/22530/ Progress in Sattelite Based Quantum Cryptography https://www.wired.com/story/chinese-satellite-relays-a-quantum-signal-between-cities/ https://www.helpnetsecurity.com/2017/06/19/extremely-secure-data-encryption/ Women Connect Event Minneapolis: https://www.sans.org/event/minneapolis-2017/bonus-sessions/12162

Uptick in Port 83 Traffic https://isc.sans.edu/forums/diary/What+is+going+on+with+Port+83/22524/ WINS DoS Vulnerability will not be fixed by Microsoft https://blog.fortinet.com/2017/06/14/wins-server-remote-memory-corruption-vulnerability-in-microsoft-windows-server Microsoft to Release Patch to Turn off SMB1 https://www.bleepingcomputer.com/news/microsoft/microsoft-to-disable-smbv1-in-windows-starting-this-fall/ UK Hacker Stole Personell Data For US Military Sattelite Network https://public-newsroom-nca-01.azurewebsites.net/news/hacker-stole-satellite-data-from-us-department-of-defence Sophos Web Appliance Will Now Update via https https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-2---security-and-defect-fix-rollup

WikiLeaks Releases Documents About Cherry Blossom Wifi Hacking Toolkit https://wikileaks.org/vault7/#Cherry%20Blossom More DVR Vulnerabilities https://www.pentestpartners.com/security-blog/what-did-mirai-miss-making-a-better-bigger-botnet/ More Microsoft Windows Defender Vulnerabilities http://www.theregister.co.uk/2017/06/15/microsoft_how_about_sandboxing_windows_defenders_engine/ Decryption Utility For Jaff Crypto Ransomware https://noransom.kaspersky.com Preston Ackerman: Two Factor Authentication by Home End-Users https://www.sans.org/reading-room/whitepapers/authentication/impediments-adoption-two-factor-authentication-home-end-users-37607

Systemd Odd Defaults https://isc.sans.edu/forums/diary/Systemd+Could+Fallback+to+Google+DNS/22516/ Voice over LTE Vulnerabilities https://www.sstic.org/media/SSTIC2017/SSTIC-actes/remote_geolocation_and_tracing_of_subscribers_usin/SSTIC2017-Article-remote_geolocation_and_tracing_of_subscribers_using_4g_volte_android_phone-le-moal_ventuzelo_coudray.pdf Tails 3.0 Released https://tails.boum.org/install/download/index.en.html Nexus 9 Headphone Jack Vulnerability https://alephsecurity.com/2017/06/13/nexus9-ephemeral-fiq/

MSFT June Patchday Fixes Remaining Known NSA Vulnerabilities https://isc.sans.edu/forums/diary/Microsoft+and+Adobe+June+2017+Patch+Tuesday+Two+Exploited+Vulnerabilities+Patched/22512/ North Korea Building DDoS Botnet https://www.us-cert.gov/ncas/alerts/TA17-164A

Industropyer / CrashOverride Malware Analysis From Power System Attacks https://www.welivesecurity.com/2017/06/12/industroyer-biggest-threat-industrial-control-systems-since-stuxnet/ https://dragos.com/blog/crashoverride/CrashOverride-01.pdf MacSpy Spyware As A Service For Macs http://www.alienvault.com/blogs/labs-research/macspy-os-x-rat-as-a-service VolUtility Memory Analysis Made Easy https://isc.sans.edu/forums/diary/An+Introduction+to+VolUtility/22508/ Google News Abused For Spam http://www.theregister.co.uk/2017/06/12/googles_news_algorithm_serves_up_penis_pills_for_all/

SAMBA Vulnerability Exploited To Install Bitcoin Miners https://securelist.com/78674/sambacry-is-coming/ Intel's AMT Technology Used For Covert Channel https://blogs.technet.microsoft.com/mmpc/2017/06/07/platinum-continues-to-evolve-find-ways-to-maintain-invisibility/ Broadcom Vulnerablities to be Announced https://www.blackhat.com/us-17/briefings.html#broadpwn-remotely-compromising-android-and-ios-via-a-bug-in-broadcoms-wi-fi-chipsets Release Lag In National Vulnerablity Database https://www.recordedfuture.com/vulnerability-disclosure-delay/

Cisco Prime Data Center Network Manager Vulnerabilities https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-dcnm1 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-dcnm2 Oracle Peoplesoft Default Accounts https://erpscan.com/press-center/blog/peoplesoft-default-accounts/ FOSCAM Camera Default Passwords and Other Vulnerabilities http://images.news.f-secure.com/Web/FSecure/%7B43df9e0d-20a8-404a-86d0-70dcca00b6e5%7D_vulnerabilities-in-foscam-IP-cameras_report.pdf Android Malware With Code Injections https://securelist.com/78648/dvmap-the-first-android-malware-with-code-injection/ STI Student John Dittmer: Legal Implication of Vulnerablity Scans https://www.sans.org/reading-room/whitepapers/legal/minimizing-legal-risk-cybersecurity-scanning-tools-37522