Supply chain cybersecurity trends: What professionals should be aware of and how to prepare for 2022
Throughout the past two years, supply chain professionals have experienced the national and international disruptions that can occur as a result of cyberattacks, with some threats completely halting certain sectors.
ISC StormCast for Wednesday, October 13th, 2021
Microsoft Patch Tuesday
https://isc.sans.edu/forums/diary/Microsoft+October+2021+Patch+Tuesday/27928/
Adobe Patches
https://helpx.adobe.com/security/security-bulletin.html
PyPi Remove mitmproxy2 Module
https://twitter.com/maximilianhils/status/1447525552370458625
https://web.archive.org/web/20211012105244/https://gist.github.com/mhils/7ff29d50b25a1c99e06834cf95684333
ISC StormCast for Tuesday, October 12th, 2021
Non HTTP Requests Hitting Web Server
https://isc.sans.edu/forums/diary/Things+that+go+Bump+in+the+Night+Non+HTTP+Requests+Hitting+Web+Servers/27924/
Apple Updates iOS/iPadOS to 15.0.2
https://saaramar.github.io/IOMFB_integer_overflow_poc/
https://support.apple.com/en-us/HT212846
Weak SSH Keys Used with GitKraken
https://github.blog/2021-10-11-github-security-update-revoking-weakly-generated-ssh-keys/
Let’s Encrypt Outage
https://letsencrypt.status.io/pages/incident/55957a99e800baa4470002da/6164b5af714e1f053880ba0c
Nominate the top cybersecurity leaders in the security industry
Security magazine is now accepting nominations for its 2022 Top Cybersecurity Leaders program. Learn how to submit nominations here.
SEC and Mercyhurst University create security internship program
The program, which connects security executives to students at Mercyhurst, aims to benefit both young security professionals building their careers and executives looking for new talent.
ISC StormCast for Monday, October 11th, 2021
Scanning for Previous Oracle WebLogic Vulnerabilities
https://isc.sans.edu/forums/diary/Scanning+for+Previous+Oracle+WebLogic+Vulnerabilities/27918/
Sorting Things Out – Sorting Data by IP Address
https://isc.sans.edu/forums/diary/Sorting+Things+Out+Sorting+Data+by+IP+Address/27916/
https://gitlab.com/slackermedia/bashcrawl
Telegram Does Not Remove Auto-Deleted Messages from Cache
https://habr.com/en/post/580582/
Microsoft To Disable Excel 4.0 Macros By Default
https://twitter.com/GelosSnake/status/1446192775087722497
https://m365admin.handsontek.net/macro-settings-update-to-disable-excel-4-0-macros-by-default/
US security must start with zero trust
As the United States continues to face attacks across critical sectors —
energy and infrastructure, healthcare, and operational technology (OT) —
a cultural shift in cybersecurity is taking place.
ISC StormCast for Friday, October 8th, 2021
Who is Hunting For Your IPTV Set-Top Box?
https://isc.sans.edu/forums/diary/Who+Is+Hunting+For+Your+IPTV+SetTop+Box/27912/
Another Update For Apache
https://httpd.apache.org
Font on Lake Rootkit
https://www.welivesecurity.com/2021/10/07/fontonlake-previously-unknown-malware-family-targeting-linux/
osquery 5 with macOS Endpoint Security
https://www.trailofbits.com/post/announcing-osquery-5-now-with-endpointsecurity-on-macos
The time to improve public safety cybersecurity is now
By understanding each of the bad actors, federal agencies, law enforcement and first responders — often victims of cyberhacktivism —
can better prepare for, and prevent, cyberattacks from happening. Here are a few basic steps every public safety agency can take.
