2021 PAMIA Board Election Results
President – Martine Kersaint.
Secretary – Barry Kohler.
Treasurer – Randolph Cremer.
Members At Large – Katherine Mazza, John Paul Larson, Karen Topping.
The PAMIA Bylaws describe the board positions. One can be nominated for multiple positions. Term length is one year.
Serving on the board of a local biomed society earns points towards AAMI/ACI Certification renewals.
ISC StormCast for Thursday, December 7th, 2023
Whose packet is is anyway: a new RFC for attribution of internet probes
https://isc.sans.edu/forums/diary/Whose%20packet%20is%20it%20anyway%3A%20a%20new%20RFC%20for%20attribution%20of%20internet%20probes/30456/
MLFlow Vulnerability
https://www.contrastsecurity.com/security-influencers/discovering-mlflow-framework-zero-day-vulnerability-machine-language-model-security-contrast-security
https://mlflow.org/category/news/index.html
Abusing STS Tokens
https://redcanary.com/blog/aws-sts/
Atlasian Vulnerabilities
https://confluence.atlassian.com/security/security-advisories-bulletins-1236937381.html
Holiday Hack Challenge
https://www.sans.org/mlp/holiday-hack-challenge-2023/
ISC StormCast for Wednesday, December 6th, 2023
Cobalt Strike’s “Runtime Configuration”
https://isc.sans.edu/diary/Cobalt%20Strike%27s%20%22Runtime%20Configuration%22/30426
Adobe ColdFusion Exploit Abused
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-339a
Atos Unify OpenScape Vulnerability
https://sec-consult.com/vulnerability-lab/advisory/argument-injection-vulnerability-in-multiple-atos-unify-openscape-products/
ExtremeXOS Vulnerabilities
https://rhinosecuritylabs.com/research/extreme-networks-extremexos-vulnerabilities/
ISC StormCast for Tuesday, December 5th, 2023
Zarya Hacktivists: More than just Sharepoint
https://isc.sans.edu/diary/Zarya%20Hacktivists%3A%20More%20than%20just%20Sharepoint./30450
ICANN Registration Data Request Service (RDRS)
https://rdrs.icann.org/
Android Updates
https://source.android.com/docs/security/bulletin/2023-12-01
GitLab Patches
https://about.gitlab.com/releases/2023/11/30/security-release-gitlab-16-6-1-released/
ISC StormCast for Monday, December 4th, 2023
UEFI Exploit via Boot Image
https://binarly.io/posts/The_Far_Reaching_Consequences_of_LogoFAIL/index.html
Fake Phishing Scan Tricks Users into Installing Backdoor Plugin
https://www.wordfence.com/blog/2023/12/psa-fake-cve-2023-45124-phishing-scam-tricks-users-into-installing-backdoor-plugin/
Qlik Sense Exploited by Cactus Ransomware
https://arcticwolf.com/resources/blog/qlik-sense-exploited-in-cactus-ransomware-campaign/
https://www.praetorian.com/blog/qlik-sense-technical-exploit/
VMWare Vulnerability Patched
https://www.vmware.com/security/advisories/VMSA-2023-0026.html
ISC StormCast for Friday, December 1st, 2023
Apple Updates
https://isc.sans.edu/diary/Apple+Patches+Exploited+WebKit+Vulnerabilitiues+in+iOSiPadOSmacOS/30444
Prophetic Post by Intern on CVE-2023-1389 Foreshadows Mirai Botnet Expansion Today
https://isc.sans.edu/forums/diary/Prophetic+Post+by+Intern+on+CVE20231389+Foreshadows+Mirai+Botnet+Expansion+Today/30442/
Zyxel Vulnerabilities
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-authentication-bypass-and-command-injection-vulnerabilities-in-nas-products
Solarwinds Update
https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-4_release_notes.htm#link3
DNS Looking Glass
https://isc.sans.edu/tools/dnslookup/
ISC StormCast for Thursday, November 30th, 2023
Decoding the Patterns: Analzying DShield Honeypot Activity
https://isc.sans.edu/diary/Decoding%20the%20Patterns%3A%20Analyzing%20DShield%20Honeypot%20Activity%20%5BGuest%20Diary%5D/30428
Arcserve Unified Data Protection Multiple Vulnerabilities
https://www.tenable.com/security/research/tra-2023-37
Hikvision Vulnerabilities
https://www.hikvision.com/hk/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-products/
Assessing Prompt Injection Risks in 200+ Custom GPTs
https://arxiv.org/pdf/2311.11538.pdf
ISC StormCast for Wednesday, November 29th, 2023
Pro-Russian Attackers Scanning for Sharepoint Servers to Exploit CVE-2023-29357
https://isc.sans.edu/diary/Pro%20Russian%20Attackers%20Scanning%20for%20Sharepoint%20Servers%20to%20Exploit%20CVE-2023-29357/30436
Microsoft Deprecates Microsoft Defender Application Guard for Office
https://learn.microsoft.com/en-us/windows/whats-new/deprecated-features
Synology Vulnerability
https://www.synology.com/en-global/security/advisory/Synology_SA_23_16
Apache Tomcat Request Smuggling Vulnerability CVE-2023-46589
https://lists.apache.org/thread/0rqq6ktozqc42ro8hhxdmmdjm1k1tpxr
ISC StormCast for Tuesday, November 28th, 2023
Scans for ownCloud Vulnerability (CVE-2023-49103)
https://isc.sans.edu/diary/Scans%20for%20ownCloud%20Vulnerability%20%28CVE-2023-49103%29/30432
Windows Hello Fingerprint Reader Weakness
https://blackwinghq.com/blog/posts/a-touch-of-pwn-part-i/
ISC StormCast for Monday, November 27th, 2023
DShield Birthday
https://isc.sans.edu/diary/Happy%20Birthday%20DShield/30420
Mirai uses CVE-2023-1389
https://isc.sans.edu/diary/CVE-2023-1389%3A%20A%20New%20Means%20to%20Expand%20Botnets/30418
More Mirai Vulnerabilities
https://www.akamai.com/blog/security-research/new-rce-botnet-spreads-mirai-via-zero-days
Analyzing OVA Files
https://isc.sans.edu/diary/OVA%20Files/30424
Static Code Injections in OpenCart (CVE-2023-47444)
https://github.com/opencart/opencart/issues/12947
Holiday Hackchallenge
https://www.sans.org/mlp/holiday-hack-challenge-2023/
