SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+Patch+Tuesday+Summary+for+July+2016/21249/ "Ranscam" Ransom Ware Deleted Data http://blog.talosintel.com/2016/07/ranscam.html

Hiding in White Text: Word Documents with Embedded Payloads https://isc.sans.edu/forums/diary/Hiding+in+White+Text+Word+Documents+with+Embedded+Payloads/21227/ Pokemon Go Requests "Full Access" to iOS User's Google Account http://adamreeve.tumblr.com/post/147120922009/pokemon-go-is-a-huge-security-risk Hacking Siri With Barely Audible Voice Commands https://security.cs.georgetown.edu/~tavish/hvc_usenix.pdf iOS Users Locked Out of Devices by Ransom Attacks http://www.csoonline.com/article/3093016/security/apple-devices-held-for-ransom-rumors-claim-40m-icloud-accounts-hacked.html Contact Form For Feedback https://isc.sans.edu/contact.html

Pentesters (and Attackers) Love Internet Connected Security Cameras! https://isc.sans.edu/forums/diary/Pentesters+and+Attackers+Love+Internet+Connected+Security+Cameras/21231/ Lessons Learned From Industrial Control Systems https://isc.sans.edu/forums/diary/Lessons+Learned+from+Industrial+Control+Systems/21243/ BMW Portal Insecurity http://www.vulnerability-lab.com/get_content.php?id=1736 http://www.vulnerability-lab.com/get_content.php?id=1737 Pokemon Go App Used To Rob Users https://regmedia.co.uk/2016/07/10/34798567498753.pdf Facebook Messenger End-to-End Encryption http://newsroom.fb.com/news/2016/07/messenger-starts-testing-end-to-end-encryption-with-secret-conversations/

Patchwork: Is it still "Advanced" if all you have to do is Copy/Paste? https://isc.sans.edu/forums/diary/Patchwork+Is+it+still+Advanced+if+all+you+have+to+do+is+CopyPaste/21235/ OUCH Newsletter https://securingthehuman.sans.org/resources/newsletters/ouch/2016#july2016 Discovering Malware in TLS Traffic http://arxiv.org/abs/1607.01639 TP-Link Uses tplinklogin.net Domain http://thehackernews.com/2016/07/tp-link-router-setting.html

CryptXXX Update https://isc.sans.edu/forums/diary/CryptXXX+ransomware+updated/21229/ Symantec Patches On the Way (but not fast) https://twitter.com/taviso?lang=en Android Adware/Malware https://blog.checkpoint.com/wp-content/uploads/2016/07/HummingBad-Research-report_FINAL-62916.pdf HP Updates Comware and VCX Routers https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05184351 Tracking Devices With Randomized Wifi MAC Addresses http://papers.mathyvanhoef.com/asiaccs2016.pdf

Apache Fixes Critical HTTP/2 TLS Authentication Flaw https://isc.sans.edu/forums/diary/Apache+Update+TLS+Certificate+Authentication+Bypass+with+HTTP2+CVE20164979/21223/ Gigabyte and HP Motherboards Affected by "ThinkPwn" UEFI Vulnerability https://twitter.com/al3xtjames UK Police Data Breaches https://www.bigbrotherwatch.org.uk/wp-content/uploads/2016/07/Safe-in-Police-Hands.pdf Mac Malware Uses Tor For C&C https://labs.bitdefender.com/2016/07/new-mac-backdoor-nukes-os-x-systems/ Front Door Intercom Backdoor http://www.synacktiv.ninja/ressources/NDH-Intercoms_presentation_Dudek.pdf wget arbitrary command line execution with redirects https://blogs.securiteam.com/index.php/archives/2701

Change in patterns for the pseudoDarkleech Campaign https://isc.sans.edu/forums/diary/Change+in+patterns+for+the+pseudoDarkleech+campaign/21217/ Thinkpad SMS Arbitrary Code Execution Exploit https://github.com/Cr4sh/ThinkPwn SQLLite Temp File Vulnerability http://seclists.org/fulldisclosure/2016/Jul/0 AVG Publishes Mulit-Ransomware Decryption Tool http://now.avg.com/dont-pay-the-ransom-avg-releases-six-free-decryption-tools-to-retrieve-your-files/ Euro 2016 App Leaks User's Data http://wandera.com/downloads/Euro_Paper.pdf

Phishing Campaign with Blurred Images https://isc.sans.edu/forums/diary/Phishing+Campaign+with+Blurred+Images/21207/ FoxIT Patches PDF Reader Security Flaws https://www.foxitsoftware.com/support/security-bulletins.php#content-2016 Vulnerabilities in StartCom's API https://www.computest.nl/blog/startencrypt-considered-harmful-today/ Hummer Trojan Leads Android Malware http://www.cmcm.com/blog/en/security/2016-06-29/995.html

Critical Symantec AV Vulnerabilities http://googleprojectzero.blogspot.ca/2016/06/how-to-compromise-enterprise-endpoint.html Google "My Activity" https://myactivity.google.com/myactivity Hashcat/OCLHashcat 3.0 Released https://hashcat.net/forum/thread-5559.html Lenovo Thinkpad Firmware Reverse Analysis http://blog.cr4.sh/2016/06/exploring-and-exploiting-lenovo.html Linux Privilege Escalation Vulnerabilities http://www.openwall.com/lists/oss-security/2016/06/24/5

Odd User-Agents https://isc.sans.edu/forums/diary/What+is+your+most+unusual+UserAgent/21203/ ZimbraCrypt Ransomware http://www.bleepingcomputer.com/news/security/zimbra-ransomware-written-in-python-targets-zimbra-mail-store/ Hard Drives Still Not Wiped Before Selling Them on EBay http://www2.blancco.com/en-rs-leftovers-a-data-recovery-study PhotoLogin Option For LogmeOnce https://www.logmeonce.com/photologin/