))
Johnny Ball is famous for knowing many things, so who better to tell you how to keep your computer safe from online fraud. Johnny's guides contain all you need to know about internet and email security. There are four wisdom-packed episodes to download onto your computer and portable audio player.
…
continue reading
Daily update on current cyber security threats
…
continue reading
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minutes long summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Storm Center. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
…
continue reading
Internet safety, security, and digital parenting tips. You'll learn about protecting kids online (cybersafety), and general digital security and privacy (for adults as well as kids). https://DefendingDigital.com
…
continue reading
1
Network Security News Summary for Monday November 04th, 2024
5:48
5:48
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
5:48
Odd SSH Username; QPDF; Okta bcrypt issue; Synology Patches; Fake Lastpass Reviews; October Activity with Username chenzilong https://isc.sans.edu/diary/October%202024%20Activity%20with%20Username%20chenzilong/31400 qpdf Extracting PDF Streams https://isc.sans.edu/diary/qpdf%3A%20Extracting%20PDF%20Streams/31406 Okta bcrypt issue https://trust.okta…
…
continue reading
1
ISC StormCast for Thursday, October 31st, 2024
5:53
5:53
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
5:53
Scans for RDP Gateways https://isc.sans.edu/diary/Scans%20for%20RDP%20Gateways/31398 CyberPanel Exploited https://www.bleepingcomputer.com/news/security/massive-psaux-ransomware-attack-targets-22-000-cyberpanel-instances/ Windows Themes Files Spoofing CVE-2024-38030 https://blog.0patch.com/2024/10/we-patched-cve-2024-38030-found-another.html QNAP P…
…
continue reading
1
Network Security News Summary for Thursday October 31th, 2024
5:53
5:53
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
5:53
RDP Gateway Scans; CyberPanel Exploited; QNAP Patches; Facebook Malvertising Scans for RDP Gateways https://isc.sans.edu/diary/Scans%20for%20RDP%20Gateways/31398 CyberPanel Exploited https://www.bleepingcomputer.com/news/security/massive-psaux-ransomware-attack-targets-22-000-cyberpanel-instances/ Windows Themes Files Spoofing CVE-2024-38030 https:…
…
continue reading
1
ISC StormCast for Wednesday, October 30th, 2024
6:11
6:11
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
6:11
Critical RCE Vulnerabilty in Cyberpanel https://dreyand.rs/code/review/2024/10/27/what-are-my-options-cyberpanel-v236-pre-auth-rce Spring WebFlux Vulnerability https://access.redhat.com/security/cve/cve-2024-38821 https://spring.io/security/cve-2024-38821 Inbound SMTP DANE with DNSSEC for Exchange Online https://techcommunity.microsoft.com/t5/excha…
…
continue reading
1
Network Security News Summary for Wednesday October 30th, 2024
6:11
6:11
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
6:11
CyberPanel RCE; Spring WebFlux Vuln; MSFT Implements DANE; Attackers Enable RDP Critical RCE Vulnerabilty in Cyberpanel https://dreyand.rs/code/review/2024/10/27/what-are-my-options-cyberpanel-v236-pre-auth-rce Spring WebFlux Vulnerability https://access.redhat.com/security/cve/cve-2024-38821 https://spring.io/security/cve-2024-38821 Inbound SMTP D…
…
continue reading
1
ISC StormCast for Tuesday, October 29th, 2024
5:26
5:26
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
5:26
Apple Update Everything https://isc.sans.edu/diary/Apple%20Updates%20Everything/31390 Selfcontained HTML Phishing Attachment Using Telegram to Exfiltrate Credentials https://isc.sans.edu/diary/Selfcontained+HTML+phishing+attachment+using+Telegram+to+exfiltrate+stolen+credentials/31388/ ChatGPT-4o Guardrail Jailbreak: Hex Encoding for Writing CVE Ex…
…
continue reading
1
Network Security News Summary for Tuesday October 29th, 2024
5:27
5:27
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
5:27
Apple Updates; HTML File Phishing via Telegram; ChatGTP-4o Encoding Evasion Apple Update Everything https://isc.sans.edu/diary/Apple%20Updates%20Everything/31390 Selfcontained HTML Phishing Attachment Using Telegram to Exfiltrate Credentials https://isc.sans.edu/diary/Selfcontained+HTML+phishing+attachment+using+Telegram+to+exfiltrate+stolen+creden…
…
continue reading
1
ISC StormCast for Monday, October 28th, 2024
5:38
5:38
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
5:38
Two currently (old) exploited Ivanti vulnerabilities https://isc.sans.edu/diary/Two%20currently%20%28old%29%20exploited%20Ivanti%20vulnerabilities/31384 Arcadyan FMIMG51AX000J (WiFi Alliance) RCE CVE-2024-41992 https://ssd-disclosure.com/ssd-advisory-arcadyan-fmimg51ax000j-wifi-alliance-rce/ Okta iOS App Vulnerability CVE-2024-10327 https://trust.o…
…
continue reading
1
Network Security News Summary for Monday October 28th, 2024
5:38
5:38
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
5:38
Old Ivanti Vulns Exploited; Arcadyan Wifi RCE; Okta iOS Vuln; TeamTNT Docker Hunt Two currently (old) exploited Ivanti vulnerabilities https://isc.sans.edu/diary/Two%20currently%20%28old%29%20exploited%20Ivanti%20vulnerabilities/31384 Arcadyan FMIMG51AX000J (WiFi Alliance) RCE CVE-2024-41992 https://ssd-disclosure.com/ssd-advisory-arcadyan-fmimg51a…
…
continue reading
1
ISC StormCast for Friday, October 25th, 2024
5:13
5:13
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
5:13
Development Features Enabled in Production https://isc.sans.edu/diary/Development%20Features%20Enabled%20in%20Prodcution/31380 Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials https://blog.talosintelligence.com/large-scale-brute-force-activity-targeting-vpns-ssh-services-with-commonly-used-login-cre…
…
continue reading
1
Network Security News Summary for Friday October 25th, 2024
5:14
5:14
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
5:14
Dev Features in Prod; Cisco VPN DOS and Authenticed RCE; Hard Coded Cloud Credentials Development Features Enabled in Production https://isc.sans.edu/diary/Development%20Features%20Enabled%20in%20Prodcution/31380 Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials https://blog.talosintelligence.com/lar…
…
continue reading
1
ISC StormCast for Thursday, October 24th, 2024
6:39
6:39
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
6:39
Everybody Loves Bash Scripts Including Attackers https://isc.sans.edu/diary/Everybody%20Loves%20Bash%20Scripts.%20Including%20Attackers./31376 Fortimanager Exploited Vulnerability https://www.fortiguard.com/psirt/FG-IR-24-423 Sharepoint Exploit https://www.cisa.gov/news-events/alerts/2024/10/22/cisa-adds-one-known-exploited-vulnerability-catalog ht…
…
continue reading
1
Network Security News Summary for Thursday October 24th, 2024
6:40
6:40
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
6:40
Shell Scripts; Fortimanager Mess; Sharepoint Exploit; OpenSSL Patch; Reduced Cert Lifetime Everybody Loves Bash Scripts Including Attackers https://isc.sans.edu/diary/Everybody%20Loves%20Bash%20Scripts.%20Including%20Attackers./31376 Fortimanager Exploited Vulnerability https://www.fortiguard.com/psirt/FG-IR-24-423 Sharepoint Exploit https://www.ci…
…
continue reading
1
ISC StormCast for Wednesday, October 23rd, 2024
5:21
5:21
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
5:21
How much HTTP (not HTTPS) Traffic is Traversing Your Perimeter? https://isc.sans.edu/diary/How%20much%20HTTP%20%28not%20HTTPS%29%20Traffic%20is%20Traversing%20Your%20Perimeter%3F/31372 VMSA-2024-0019:VMware vCenter Server updates address heap-overflow and privilege escalation vulnerabilities (CVE-2024-38812, CVE-2024-38813) https://support.broadcom…
…
continue reading
1
Network Security News Summary for Wednesday October 23th, 2024
5:21
5:21
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
5:21
HTTP vs. HTTPS; VMware, Unifi, Roundgroup, Atlassian, OneDev Patches, Vulnerability and Exploits How much HTTP (not HTTPS) Traffic is Traversing Your Perimeter? https://isc.sans.edu/diary/How%20much%20HTTP%20%28not%20HTTPS%29%20Traffic%20is%20Traversing%20Your%20Perimeter%3F/31372 VMSA-2024-0019:VMware vCenter Server updates address heap-overflow a…
…
continue reading
1
ISC StormCast for Tuesday, October 22nd, 2024
6:26
6:26
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
6:26
A Network Nerd's Take on Emergency Preparedness https://isc.sans.edu/diary/A%20Network%20Nerd%27s%20Take%20on%20Emergency%20Preparedness/31356 HM Surf Vulnerability Access to Camera Exploited CVE-2024-44133 https://www.microsoft.com/en-us/security/blog/2024/10/17/new-macos-vulnerability-hm-surf-could-lead-to-unauthorized-data-access/ Fortinet relea…
…
continue reading
1
Network Security News Summary for Tuesday October 22th, 2024
6:26
6:26
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
6:26
Emergency Preparedness; HM Surf Exploited; Fortinet and ScienLogic Vague Patches A Network Nerd's Take on Emergency Preparedness https://isc.sans.edu/diary/A%20Network%20Nerd%27s%20Take%20on%20Emergency%20Preparedness/31356 HM Surf Vulnerability Access to Camera Exploited CVE-2024-44133 https://www.microsoft.com/en-us/security/blog/2024/10/17/new-m…
…
continue reading
1
ISC StormCast for Monday, October 21st, 2024
5:42
5:42
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
5:42
Microsoft 365: Partially incomplete log data due to monitoring agent issue https://m365admin.handsontek.net/multiple-services-partially-incomplete-log-data-due-to-monitoring-agent-issue/ End-to-End Encrytped Cloud Storage in the Wild: A Broken Ecosystem https://brokencloudstorage.info/paper.pdf ESET Branded Malware https://x.com/ESETresearch/status…
…
continue reading
1
Network Security News Summary for Monday October 21th, 2024
5:43
5:43
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
5:43
Lost MSFT 365 Logs; Broken Cloud Storage; ESET Branded Malware; Synology, Spring and Grafana Updates Microsoft 365: Partially incomplete log data due to monitoring agent issue https://m365admin.handsontek.net/multiple-services-partially-incomplete-log-data-due-to-monitoring-agent-issue/ End-to-End Encrytped Cloud Storage in the Wild: A Broken Ecosy…
…
continue reading
1
ISC StormCast for Friday, October 18th, 2024
5:52
5:52
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
5:52
Scanning Activity from Subnet 15.184.0.0/16. https://isc.sans.edu/diary/Scanning%20Activity%20from%20Subnet%2015.184.0.0%2016/31362 Gatekeeper Bypass /unit42.paloaltonetworks.com/gatekeeper-bypass-macos/ Oracle Critical Patch Update https://www.oracle.com/security-alerts/cpuoct2024.html Cisco ATA 190 Series Analog Telephone Adapter Firmware Vulnera…
…
continue reading
1
Network Security News Summary for Friday October 18th, 2024
5:53
5:53
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
5:53
AWS Scans; Gatekeeper Bypass; Oracle CPU; Cisco ATA 190 Patch; SAP Code Injection; Dept of Commerce Advertises Drugs; Scanning Activity from Subnet 15.184.0.0/16. https://isc.sans.edu/diary/Scanning%20Activity%20from%20Subnet%2015.184.0.0%2016/31362 Gatekeeper Bypass /unit42.paloaltonetworks.com/gatekeeper-bypass-macos/ Oracle Critical Patch Update…
…
continue reading
1
ISC StormCast for Thursday, October 17th, 2024
5:38
5:38
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
5:38
The Top 10 Not So Common SSH Usernames and Passwords https://isc.sans.edu/diary/The%20Top%2010%20Not%20So%20Common%20SSH%20Usernames%20and%20Passwords/31360 CISA Product Security Bad Practices https://www.cisa.gov/resources-tools/resources/product-security-bad-practices Kubernetes Image Builder Vulnerability CVE-2024-9486 CVE-2024-9594 https://disc…
…
continue reading
1
Network Security News Summary for Thursday October 17th, 2024
5:38
5:38
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
5:38
Not so Common Passwords; Security Bad Practices; Kubernetes Image Builder Vuln; Solarwinds Helpdesk Exploited; noexec bypass The Top 10 Not So Common SSH Usernames and Passwords https://isc.sans.edu/diary/The%20Top%2010%20Not%20So%20Common%20SSH%20Usernames%20and%20Passwords/31360 CISA Product Security Bad Practices https://www.cisa.gov/resources-t…
…
continue reading
1
ISC StormCast for Wednesday, October 16th, 2024
6:44
6:44
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
6:44
Angular-base64-upload Demo Script Exploited https://isc.sans.edu/diary/Angular-base64-upload%20Demo%20Script%20Exploited%20%28CVE-2024-42640%29/31354 Quantum Annealing Public Key Cryptographic Attack Algorithm Based on D-Wave Advantage http://cjc.ict.ac.cn/online/onlinepaper/wc-202458160402.pdf EDRSilencer https://github.com/netero1010/EDRSilencer …
…
continue reading
1
Network Security News Summary for Wednesday October 16th, 2024
6:45
6:45
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
6:45
Demo Script Exploits; Angular-base64-upload Demo Script Exploited https://isc.sans.edu/diary/Angular-base64-upload%20Demo%20Script%20Exploited%20%28CVE-2024-42640%29/31354 Quantum Annealing Public Key Cryptographic Attack Algorithm Based on D-Wave Advantage http://cjc.ict.ac.cn/online/onlinepaper/wc-202458160402.pdf EDRSilencer https://github.com/n…
…
continue reading
