ISC StormCast for Tuesday, April 12th, 2022
Spring: It isn’t just about Spring4Shell.
https://isc.sans.edu/forums/diary/Spring+It+isnt+just+about+Spring4Shell+Spring+Cloud+Function+Vulnerabilities+are+being+probed+too/28538/
Microsoft Windows Autopatch
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/get-current-and-stay-current-with-windows-autopatch/ba-p/3271839
More npm protestware
https://github.com/Yaffle/EventSource/commit/de137927e13d8afac153d2485152ccec48948a7a
Raspberry Pi Update
https://www.raspberrypi.com/news/raspberry-pi-bullseye-update-april-2022/
SuperCare Health discloses data breach affecting 300k individuals
California-based respiratory care provider SuperCare Health disclosed a data breach affecting more than 300,000 individuals.
Joyce Hunter appointed Advisory Board Chair at CyberArg
Security expert Joyce Hunter has been appointed as Chair of CyberAg’s newly established advisory board.
Alert fatigue crippling security operation centers
As the cybersecurity industry grapples with the ongoing talent shortage, security operations centers (SOCs) are already overwhelmed, and a constant stream of alerts doesn’t necessarily make their jobs any easier.
Risk mitigation for domestic terrorism and radicalization
The risk of radicalization for private and public organizations is real. Security leaders can mitigate some risk by evaluating processes and procedures.
ISC StormCast for Monday, April 11th, 2022
Misc Spring4Shell Items
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67
https://www.trendmicro.com/en_us/research/22/d/cve-2022-22965-analyzing-the-exploitation-of-spring4shell-vulner.html
https://github.com/AgainstTheWest/NginxDay
Russian Certificate Authority Update
https://koen.engineer/russias-certificate-authority-for-sanctioned-organizations-645d61af8ac6
Conti Source Code Leak Leads to Copycats
https://www.bleepingcomputer.com/news/security/hackers-use-contis-leaked-ransomware-to-attack-russian-companies/
5 steps to strengthen cybersecurity defenses in wake of Ukraine-Russia crisis
Five practical steps to increase an organization’s security posture and resilience to protect against potential attacks related to the Ukraine-Russia crisis.
ISC StormCast for Friday, April 8th, 2022
What is BIMI
https://isc.sans.edu/forums/diary/What+is+BIMI+and+how+is+it+supposed+to+help+with+Phishing/28528/
Watchguard Vulnerability behind Cyclops Blink
https://techsearch.watchguard.com/KB?type=Article&SFDCID=kA16S000000SOCGSA4&lang=en_US
Malware Targeting Amazon Lambdas
https://www.cadosecurity.com/cado-discovers-denonia-the-first-malware-specifically-targeting-lambda/
Ashley Taylor: Doppelgaengers: Finding Job Scammers Who Steal Brand Identities
https://www.sans.edu/cyber-research/doppelgangers-finding-job-scammers-who-steal-brand-identities/
Combatting intrusion, theft and terrorism on railways with security and surveillance technology
Security incidents that affect railways usually fall into one of three categories: intrusion, theft, or terrorism. To keep passengers and freight safe, physical security must always be ensured.
