ISC StormCast for Thursday, September 23rd, 2021
An XML-Obfustcated Office Document (CVE-2021-40444)
https://isc.sans.edu/forums/diary/An+XMLObfuscated+Office+Document+CVE202140444/27860/
Exchange Autodiscovering Leaks Credentials
https://www.guardicore.com/labs/autodiscovering-the-great-leak/
Nagios Vulnerabilities
https://claroty.com/2021/09/21/blog-research-securing-network-management-systems-nagios-xi/
Apple Deprecating TLS 1.0/1.1
https://developer.apple.com/news/?id=bv8ur34d
5 cybersecurity threats for businesses in 2021—and 3 tips to combat them
Whether you build up in-house expertise or find a trusted outside partner, cybersecurity can no longer be a project set on the back burner. Let’s walk through five prevalent cybersecurity threats for businesses, along with three helpful tips to combat them.
ISC StormCast for Wednesday, September 22nd, 2021
A First Look at Apple’s iOS 15 “Private Relay” feature
https://isc.sans.edu/forums/diary/A+First+Look+at+Apples+iOS+15+Private+Relay+feature/27858/
macOS Finder Security Feature Bypass Leads to Possible RCE
https://ssd-disclosure.com/ssd-advisory-macos-finder-rce/
VMWare vCenter Advisory
https://blogs.vmware.com/vsphere/2021/09/vmsa-2021-0020-what-you-need-to-know.html
NetGear Circle Parental Control Vulnerablity
https://blog.grimm-co.com/2021/09/mama-always-told-me-not-to-trust.html
University of Wisconsin adds cybersecurity degree
The Wisconsin university’s Whitewater campus hosts the Cybersecurity Center for Business which provides training programs for organizations in the area, offers an online M.S. in cybersecurity, and has just launched a B.S. in the field.
5 minutes with Kat Kemper – Using security technology within healthcare to minimize risk, increase efficiency and reduce costs
At HCA Healthcare, Kat Kemper, Director of Physical Security, has built the enterprise security program from the ground up, developing and implementing physical security measures to support patient care, privacy and overall security goals.
ISC StormCast for Tuesday, September 21st, 2021
OMIGOD Exploits Captured in the Wild.
https://isc.sans.edu/forums/diary/OMIGOD+Exploits+Captured+in+the+Wild+Researchers+responsible+for+half+of+scans+for+related+ports/27852/
Apple iOS/iPadOS/tvOS 15 Updates (and WatchOS, Xcode, Safari)
https://support.apple.com/en-us/HT201222
ManageEngine ADSelfService Plus Exploited
https://us-cert.cisa.gov/ncas/alerts/aa21-259a
Embrace a holistic approach to vulnerability management
Identifying and scanning is an important aspect of vulnerability management, but it’s just one piece of the puzzle. Organizations failing to see the full vulnerability picture need to embrace a holistic approach with their vulnerability management program.
ISC StormCast for Monday, September 20th, 2021
Malicious Calendar Subscriptions Are Back
https://isc.sans.edu/forums/diary/Malicious+Calendar+Subscriptions+Are+Back/27846/
Simple Analysis of a CVE-2021-40444 (MSHTML) Document
https://isc.sans.edu/forums/diary/Simple+Analysis+Of+A+CVE202140444+docx+Document/27848/
Mirai Botnet Hunting OMIGOD
https://twitter.com/1ZRR4H/status/1438580885142507528
https://isc.sans.edu/port.html?port=1270
Exploit for Netgear Flaws Available
https://gynvael.coldwind.pl/?id=742
ISC StormCast for Friday, September 17th, 2021
Phishing 101: why depend on one suspicious message subject when you can use many
https://isc.sans.edu/forums/diary/Phishing+101+why+depend+on+one+suspicious+message+subject+when+you+can+use+many/27842/
PrintNightmare Fix Breaks Network Printing
https://www.bleepingcomputer.com/news/security/new-windows-security-updates-break-network-printing/
Malware Taking Advantage of Linux Subsystem for Windows
https://blog.lumen.com/no-longer-just-theory-black-lotus-labs-uncovers-linux-executables-deployed-as-stealth-windows-loaders/
Travis CI Patch
https://travis-ci.community/t/security-bulletin/12081
IBM System x IMM Vulnerability
https://support.lenovo.com/es/en/product_security/len-66347
Fake iTerm installing Malware on OS X
https://objective-see.com/blog/blog_0x66.html
