ISC StormCast for Friday, October 1st, 2021
Visa/Apple Express Transit Relay Attack
https://www.bbc.com/news/technology-58719891
FluBot Offering Fake FlutBot Protection
https://twitter.com/CERTNZ/status/1443701853665980440
Undetected Azure Active Directory Brute-Force Attacks
https://www.secureworks.com/research/undetected-azure-active-directory-brute-force-attacks
SANS.edu Student Christopher DeWees: Expired Domain Dumpster Diving https://www.sans.edu/cyber-research/40505/
Boston Scientific Zoom Latitude
This advisory contains mitigations for Use of Password Hash with Insufficient Computational Effort, Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techniques, Improper Access Control, Missing Support for Integrity Check, and Reliance on Component That is Not Updateable vulnerabilities in the Boston Scientific Zoom Latitude programmer/recorder/monitor (PRM) 3120 model.
Why automation, artificial intelligence and machine learning are becoming increasingly critical for SOC operations
The path to success requires artificial intelligence and machine learning to supercharge the expertise and experience of an equally innovative and warm-bodied defender working as part of an enterprise security operations center and outsourced services like managed detection and response.
Cybercrime hurts some population groups more than others
A new survey of 5,000 internet users around the globe reveals disparities between demographic groups when it comes to internet safety and privacy.
ISC StormCast for Thursday, September 30th, 2021
Keeping Track of Time: Network Time Protocol and GPSD Bug
https://isc.sans.edu/forums/diary/Keeping+Track+of+Time+Network+Time+Protocol+and+a+GPSD+Bug/27886/
Apple Airtags Stored XSS
https://medium.com/@bobbyrsec/zero-day-hijacking-icloud-credentials-with-apple-airtags-stored-xss-6997da43a216
CISA/NSA Guidance To Configure VPNs
https://media.defense.gov/2021/Sep/28/2002863184/-1/-1/0/CSI_SELECTING-HARDENING-REMOTE-ACCESS-VPNS-20210928.PDF
Facebook Open Sourcing “Mariana Trench” Tool To Analyze Android and Java Apps
https://engineering.fb.com/2021/09/29/security/mariana-trench/
5 minutes with Jerry Caponera – Developing a risk-oriented view into cybersecurity
Jerry Caponera, Head of Risk Strategies at ThreatConnect, discusses the importance of developing a risk-oriented view into cybersecurity and why cyber risk needs to be quantified in the same way as operational risk or credit risk.
Law enforcement versus private security in the United States
Law enforcement officers are leaving agencies and joining private security. Hiring retired officers can benefit enterprise security in a number of ways.
ISC StormCast for Wednesday, September 29th, 2021
TLS 1.3 and SSL: The Current State of Affairs
https://isc.sans.edu/forums/diary/TLS+13+and+SSL+the+current+state+of+affairs/27882/
EFF Discontinues HTTPS Everywhere Plugin
https://www.eff.org/deeplinks/2021/09/https-actually-everywhere
Malicious CryptoCoin Wallet
https://discourse.mozilla.org/t/got-hacked-by-the-add-on-called-safepal-wallet/85797
Microsoft Automates Exchange Mitigations
https://techcommunity.microsoft.com/t5/exchange-team-blog/new-security-feature-in-september-2021-cumulative-update-for/ba-p/2783155
SIA scholarship gives opportunity to young security professionals
The Security Industry Association (SIA) RISE scholarship has opened applications to young professionals seeking to further their security education.
