SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

How Was Your Stay At The Hotel La Playa https://isc.sans.edu/forums/diary/How+was+your+stay+at+the+Hotel+La+Playa/22069 XAgent OS X Malware https://labs.bitdefender.com/2017/02/new-xagent-mac-malware-linked-with-the-apt28/ Conference Phone Compromise https://www.contextis.com//resources/blog/phwning-boardroom-hacking-android-conference-phone/

Microsoft Cancels Patch Tuesday https://blogs.technet.microsoft.com/msrc/2017/02/14/february-2017-security-update-release/ Adobe Update For Flash https://helpx.adobe.com/security/products/flash-player/apsb17-04.html WebSephere Update http://www-01.ibm.com/support/docview.wss?uid=swg21997743 Operation Kingphish https://medium.com/amnesty-insights/operation-kingphish-uncovering-a-campaign-of-cyber-attacks-against-civil-society-in-qatar-and-aa40c9e08852#.965et86vk Hacking Node-Serialize http://blog.websecurify.com/2017/02/hacking-node-serialize.html

New Tool: Packettotal.com http://www.packettotal.com What Not To Decrypt When Intercepting SSL https://isc.sans.edu/forums/diary/Stuff+I+Learned+Decrypting/22059/ webcast: https://www.sans.org/webcasts/8-ways-watch-invisible-analyzing-encrypted-network-traffic-103277 Simple Static Malware Analyzer https://github.com/secrary/SSMA Critical Firefox for Android Vulnerability https://www.mozilla.org/en-US/security/advisories/mfsa2017-04/ Ubuntu ntfs-3g Privilege Escalation https://bugs.chromium.org/p/project-zero/issues/detail?id=1072 Microsoft Patch Tuesday Changes http://www.infoworld.com/article/3139922/microsoft-windows/microsoft-to-revamp-its-documentation-for-security-patches.html

Vulnerabilities in Samsung KNOX https://googleprojectzero.blogspot.de/2017/02/lifting-hyper-visor-bypassing-samsungs.html Auditing MongoDB Configurations https://github.com/stampery/mongoaudit Reversing Javascript https://isc.sans.edu/forums/diary/Analysis+of+a+Suspicious+Piece+of+JavaScript/22056/ Wordpress REST API Flaw Widely Exploited https://www.wordfence.com/blog/2017/02/rapid-growth-in-rest-api-defacements/ Cryptographically Secure PHP Development https://paragonie.com/blog/2017/02/cryptographically-secure-php-development DEV522 Web Application Security Essentials https://www.sans.org/event/sans-2017/course/defending-web-applications-security-essentials

F5 Big IP Ticketbleed Vulnerability https://filippo.io/Ticketbleed/ CryptoShield Ransomware from Rig EK https://isc.sans.edu/forums/diary/CryptoShield+Ransomware+from+Rig+EK/22047/ Hancitor/Pony Malspam https://isc.sans.edu/forums/diary/HancitorPony+malspam/22053/ Apple Retaining Old Browser History Data https://blog.elcomsoft.com/2017/02/elcomsoft-extracts-deleted-safari-browsing-history-from-icloud/#more-3769 Brute Forcing LUKS Passwords https://0x00sec.org/t/breaking-encryption-hashed-passwords-luks-devices/811

Cloud Metadata URLs https://isc.sans.edu/forums/diary/Cloud+Metadata+Urls/22046/ Intel Atom C2000 Chip Failures http://www.theregister.co.uk/2017/02/06/cisco_intel_decline_to_link_product_warning_to_faulty_chip/ More W-2 Scams, Now Combined With Wire Transfer Scams https://nakedsecurity.sophos.com/2017/02/08/beware-the-latest-tax-season-spear-phishing-scam/ Macro Malware Coming to MacOS https://objective-see.com/blog/blog_0x17.html

Using Emojis as Passwords https://isc.sans.edu/forums/diary/My+Password+is+taco+Using+Emojis+for+Stronger+Passwords/22042/ Popular iOS Applications Not Using TLS https://medium.com/@chronic_9612/76-popular-apps-confirmed-vulnerable-to-silent-interception-of-tls-protected-data-2c9a2409dd1#.nv0mf6w4e Web Bluetooth Security Model https://medium.com/@jyasskin/the-web-bluetooth-security-model-666b4e7eed2#.kqtxdk70h E-Mail Spoofing in GMail https://www.linkedin.com/pulse/aware-sender-spoofing-amongst-gmail-users-renato-marinho

Malicous or Not? Help Me Decide https://isc.sans.edu/forums/diary/Malicious+Or+Not+You+decide/22040/ OpenBSD Http Server DoS Vulnerability https://pierrekim.github.io/blog/2017-02-07-openbsd-httpd-CVE-2017-5850.html Bypassing Tor Browser Via Windows DRM https://www.myhackerhouse.com/windows_drm_vs_torbrowser/ Freedom Hosting II Compromise https://www.scmagazineuk.com/major-dark-web-host-hacked-381000-sets-of-user-details-leaked-online/article/636259/

Base64 Encoded Malware Samples on Pastebin https://isc.sans.edu/forums/diary/Many+Malware+Samples+Found+on+Pastebin/22036/ Cisco Recaling Meraki Access Points over Fatal Hardware Flaw http://www.cisco.com/c/en/us/support/web/clock-signal.html SQL Injection Vulnerability in McAfee e Policy Orchastrator https://kc.mcafee.com/corporate/index?page=content&id=SB10187 Update from Microsoft on SMB 3 Vulnerability https://threatpost.com/microsoft-waits-for-patch-tuesday-to-fix-smb-zero-day/123541/ Malicious Files Sent via Whatsapp to Target Indian Military http://economictimes.indiatimes.com/news/defence/defence-security-forces-alerted-against-whatsapp-virus/articleshow/56258702.cms

SMB 3 0-Day DoS Exploit https://isc.sans.edu/forums/diary/Windows+SMBv3+Denial+of+Service+Proof+of+Concept+0+Day+Exploit/22029/ WordPress Update Silently Fixes Security Flaw https://make.wordpress.org/core/2017/02/01/disclosure-of-additional-security-fix-in-wordpress-4-7-2/ Webroot Update Patches BSOD Flaw https://community.webroot.com/t5/Product-Questions/BSOD-0x50-PAGE-FAULT-IN-NONPAGED-AREA/td-p/284302?sf54120672=1&sf54123115=1 Google Adds Support for Mandatory Two-Factor Authentication to G-Suite https://security.googleblog.com/2017/02/better-and-more-usable-protection-from.html Cisco Prime Home Vulnerablity https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-prime-home