2021 PAMIA Board Election Results
President – Martine Kersaint.
Secretary – Barry Kohler.
Treasurer – Randolph Cremer.
Members At Large – Katherine Mazza, John Paul Larson, Karen Topping.
The PAMIA Bylaws describe the board positions. One can be nominated for multiple positions. Term length is one year.
Serving on the board of a local biomed society earns points towards AAMI/ACI Certification renewals.
ISC StormCast for Friday, June 2nd, 2023
After 28 Years, SSLv2 is Still Not Gone
https://isc.sans.edu/forums/diary/After%2028%20years%2C%20SSLv2%20is%20still%20not%20gone%20from%20the%20internet…%20but%20we’re%20getting%20there/29908/
Operation Triangulation: iOS Devices Targeted With Previously Unknown Malware
https://securelist.com/operation-triangulation/109842/
MOVEit Transfer Criticial Vulnerability
https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-31May2023
Code Injection Vulnerablity in Reportlab Python Library
https://github.com/c53elyas/CVE-2023-33733
How organizations can protect against phishing campaigns
With cybersecurity threats on the rise, there are two crucial steps an organization can take to avoid falling victim to a credential phishing attack.
ISC StormCast for Thursday, June 1st, 2023
Apache NiFi Attacks
https://isc.sans.edu/diary/Your%20Business%20Data%20and%20Machine%20Learning%20at%20Risk%3A%20Attacks%20Against%20Apache%20NiFi/29900
Gigabyte App Center Backdoor;
https://eclypsium.com/blog/supply-chain-risk-from-gigabyte-app-center-backdoor/
Salesforce Ghost Sites
https://www.varonis.com/blog/salesforce-ghost-sites
CVE-2023-34152: Shell Command Injection in ImageMagick
https://securityonline.info/cve-2023-34152-shell-command-injection-bug-affecting-imagemagick/
AMA: Campus Safety Leader Edition — Todd Jones
In this AMA episode from Security magazine, Todd Jones, Director of Campus Safety at the Minneapolis College of Art and Design, talks campus security.
ISC StormCast for Wednesday, May 31st, 2023
Malspam Pushes ModiLoader Infection for Remocs Rat
https://isc.sans.edu/diary/Malspam%20pushes%20ModiLoader%20%28DBatLoader%29%20infection%20for%20Remcos%20RAT/29896
MacOS SIP Bypass
https://www.microsoft.com/en-us/security/blog/2023/05/30/new-macos-vulnerability-migraine-could-bypass-system-integrity-protection/
OpenSSL Update
https://www.openssl.org/news/secadv/20230530.txt
Barracuda Email Security Gateway Applicance Vulnerability Details
https://www.barracuda.com/company/legal/esg-vulnerability#:~:text=the%20section%20below.-,Endpoint%20IOCs,-Table%204%20lists
Void Rabisu RomCom Backdoor
https://www.trendmicro.com/en_us/research/23/e/void-rabisu-s-use-of-romcom-backdoor-shows-a-growing-shift-in-th.html
Nextcloud Vulnerability
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-mr7q-xf62-fw54
Zyxel NAS Vulnerability
https://sternumiot.com/iot-blog/ntp-textbox-vulnerability-in-zyxel-nas326-nas540-and-nas542-devices/
Wait Just An Infosec: Higher Ed
https://www.youtube.com/watch?v=ufEuo-096yc&list=PLtgaAEEmVe6B2kqkE9KdgPJdtbqNiaiOn&index=8
ISC StormCast for Tuesday, May 30th, 2023
Analyzing Office Documents Embedded Inside PowerPoint Files
https://isc.sans.edu/diary/Analyzing%20Office%20Documents%20Embedded%20Inside%20PPT%20%28PowerPoint%29%20Files/29894
DocuSign Themed Email Leads to Script-Based Infection
https://isc.sans.edu/diary/DocuSign-themed%20email%20leads%20to%20script-based%20infection/29888
File Archiver In The Browser
https://mrd0x.com/file-archiver-in-the-browser/
Securing PyPI accounts via Two-Factor Authentication
https://blog.pypi.org/posts/2023-05-25-securing-pypi-with-2fa/
Apache Casandra Vulnerabilities
https://lists.apache.org/thread/mwd02nrw2go8shg29rnp3o4hgompvkp5
MOXA MXsecurity Vulerabilities
https://www.moxa.com/en/support/product-support/security-advisory/mxsecurity-command-injection-and-hardcoded-credential-vulnerabilities
ISC StormCast for Friday, May 26th, 2023
IR Case/Alert Management
https://isc.sans.edu/diary/IR%20Case%20Alert%20Management/29880
Exploit for CVE-2023-2825 GitLab Vulnerability
https://github.com/Occamsec/CVE-2023-2825
Expo Framework OAUTH Vulnerability CVE-2023-28131
https://salt.security/blog/a-new-oauth-vulnerability-that-may-impact-hundreds-of-online-services
Mitel MiVoice Vulnerability CVE-2023-31457 CVE-2023-32748
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0004
D-Link Vulnerabilities
https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10332
ISC StormCast for Thursday, May 25th, 2023
More Data Enrichment for Cowrie Logs
https://isc.sans.edu/diary/More%20Data%20Enrichment%20for%20Cowrie%20Logs/29878
Volt Typhoon: Living of the Land
https://media.defense.gov/2023/May/24/2003229517/-1/-1/0/CSA_Living_off_the_Land.PDF
Android App Breaking Bad
https://www.welivesecurity.com/2023/05/23/android-app-breaking-bad-legitimate-screen-recording-file-exfiltration/
Zyxel Updates
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-buffer-overflow-vulnerabilities-of-firewalls
Baracuda Email Security Gateway Vulnerability
https://status.barracuda.com/incidents/34kx82j5n4q9
Gitlab Patch
https://about.gitlab.com/releases/2023/05/23/critical-security-release-gitlab-16-0-1-released/
ISC StormCast for Wednesday, May 24th, 2023
Apache Nifi Scans
https://isc.sans.edu/diary/Help+us+figure+this+out+Scans+for+Apache+Nifi/29874/
Samsung Updates fix 0-Day
https://security.samsungmobile.com/securityUpdate.smsb
Lenovo All-In One Bricked by Windows Update
https://www.reddit.com/r/Lenovo/comments/136tatm/lenovo_firmware_10055_bricking_thinkcentre_v53024/
Dell VxRail Security Update
https://www.dell.com/support/kbdoc/en-us/000213011/dsa-2023-071-dell-vxrail-security-update-for-multiple-third-party-component-vulnerabilities-7-0-450
BrutePrint: Expose Smartphone Fingerprint Authentication to Brute-force Attack
https://arxiv.org/pdf/2305.10791.pdf
