SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Fake Google Chrome Update Installs Malware on Android https://www.zscaler.com/blogs/research/android-infostealer-posing-fake-google-chrome-update Android May Security Bulletin https://source.android.com/security/bulletin/2016-05-01.html Google Chrome Update https://source.android.com/security/bulletin/2016-05-01.html Pwned List Got Pwned http://krebsonsecurity.com/2016/05/how-the-pwnedlist-got-pwned/

ATM Jackpotting: Analysis of ATM APIs https://securelist.com/analysis/publications/74533/malware-and-non-malware-ways-for-atm-jackpotting-extended-cut/ Reverse Engineering A ATM Machine Skimmer https://trustfoundry.net/reverse-engineering-a-discovered-atm-skimmer/ Bathroom Scale Vulnerability https://help.fitbit.com/articles/en_US/Help_article/How-do-I-update-my-Aria-scale/ Fake Mobile Payment Apps in Google Play Store https://info.phishlabs.com/blog/fraudster-phishing-users-with-malicious-mobile-apps

Powershell and DNS/DHCP https://isc.sans.edu/forums/diary/DNS+and+DHCP+Recon+using+Powershell/20995/ New Version of PCI Standard Released https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-2_Summary_of_Changes.pdf OpenSSL Patch Pre-Announced https://mta.openssl.org/pipermail/openssl-announce/2016-April/000069.html NTP Patches http://blog.talosintel.com/2016/04/vulnerability-spotlight-further-ntpd_27.html#more

SAML Federated Identity Vulnerability in Office 365 http://www.economyofmechanism.com/office365-authbypass.html .AS Registry Vulnerable to Direct Object Reference https://isecguy.wordpress.com/2016/04/25/flaw-allowed-anyone-to-modify-take-control-over-any-as-domain/ Driveby Exploit Used to Deliver Android Ransomware https://www.bluecoat.com/security-blog/2016-04-25/android-exploit-delivers-dogspectus-ransomware CryptXXX Decrypt Tool https://support.kaspersky.com/viruses/disinfection/8547?_ga=1.128163404.1397432418.1454514283#block3

OS X Memory Forensics https://isc.sans.edu/forums/diary/An+Introduction+to+Mac+memory+forensics/20989/ Facebook App Used to Delivery Facebook Phish http://news.netcraft.com/archives/2016/04/22/hook-like-and-sinker-facebook-serves-up-its-own-phish.html Android.Spy.277.origin Keeps Being Delivered By Google Play Store Apps http://blog.checkpoint.com/2016/04/22/in-the-wild-google-cant-close-the-door-on-android-malware/ Tool To Replay RDP Sessions From pcaps http://www.contextis.com/resources/blog/rdp-replay-code-release/ Juniper Update http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727&cat=SIRT_1&actp=LIST RouterSploit Router Exploit Framework https://github.com/reverse-shell/routersploit

Details From the Breach of the Central Bank of Bangladesh http://baesystemsai.blogspot.de/2016/04/two-bytes-to-951m.html Apple Image IO Denial of Service https://www.landaire.net/blog/apple-imageio-denial-of-service/ Text Messages Used to Phish Apple IDs http://www.independent.co.uk/life-style/gadgets-and-tech/news/apple-id-password-expired-expiry-text-website-scam-phishing-a6991126.html Critical HP Data Protector Patch https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05085988 Armada Collection (or imposter) Making Fake DDoS Threats https://blog.cloudflare.com/empty-ddos-threats-meet-the-armada-collective/

Angler EK Used to Spread CryptXXX https://isc.sans.edu/forums/diary/Angler+Exploit+Kit+Bedep+and+CryptXXX/20981/ Honeports Powershell Script https://isc.sans.edu/forums/diary/Honeyports+powershell+script/20979/ Online Credit Card Fraud Soars http://www.pymnts.com/fraud-prevention/2016/online-fraud-attack-rates-soar-since-october/ How to Trick Traffic Sensors https://securelist.com/blog/research/74454/how-to-trick-traffic-sensors/ Opera VPN Service Analysis https://gist.github.com/spaze/558b7c4cd81afa7c857381254ae7bd10 https://www.helpnetsecurity.com/2016/04/21/opera-browser-free-vpn/

Accellion Secure File Transfer Vulnerability and Facebook Exploitation http://devco.re/blog/2016/04/21/how-I-hacked-facebook-and-found-someones-backdoor-script-eng-ver/ Application Whitelisting Bypass With regsvr32 http://subt0x10.blogspot.com/2016/04/bypass-application-whitelisting-script.html New NetworkManager Version Released https://cgit.freedesktop.org/NetworkManager/NetworkManager/plain/NEWS?id=nm-1-2 Opera Includes Free VPN http://www.opera.com/blogs/desktop/2016/04/free-vpn-integrated-opera-for-windows-mac/

Decoding Pseudo Darkleech https://isc.sans.edu/forums/diary/Decoding+PseudoDarkleech+1/20969/ Tesla Crypt 4.1 https://www.endgame.com/blog/your-package-has-been-successfully-encrypted-teslacrypt-41a-and-malware-attack-chain RansomWhere Protects OS X Users from Ransware https://objective-see.com/products/ransomwhere.html Testing TLS Libraries With TLS Attackers https://github.com/RUB-NDS/TLS-Attacker

Oracle Critical Patch Update http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html Flash Provides Top Targeted Vulnerabilties for 2015 https://www.solutionary.com/_assets/pdf/research/2015-gtir.pdf Google Publishes Data About Safe Browsing Effectiveness http://static.googleusercontent.com/media/research.google.com/en//pubs/archive/44924.pdf Detecting curl pipes to bash https://www.idontplaydarts.com/2016/04/detecting-curl-pipe-bash-server-side/