Daily update on current cyber security threats
…
continue reading
We're your daily briefing on the pulse of the cyber world. Each day, we decrypt the complex landscape of cyber threats, zero in on the latest hacks, and dissect the strategies that keep data defenders on their toes. Whether it's a deep dive into the latest enterprise breach, a spotlight on emerging threat vectors, or actionable intel from the cybersecurity trenches, 'DCTIB' is your essential source for the cyber news that matters. Join us in the loop, and stay one step ahead in the digital age
…
continue reading
The DailyCyber Podcast and New Live Stream every Wednesday at 6:00 pm EDT is focused on providing the truth into the Cyber Security industry. Discussions on Cyber Security trends, technologies, solutions, news, education, certifications, careers and interviews with leading Cyber Security experts on various Cyber Security topics. Subscribe today to make sure you don't miss an episode. IMPORTANT: The views, information and/or opinions expressed on this podcast/stream are solely those of Brando ...
…
continue reading
1
ISC StormCast for Thursday, May 2nd, 2024
6:51
6:51
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
6:51
Linux Trojan - Xorddos with Filename eyshcjdmzg https://isc.sans.edu/diary/Linux%20Trojan%20-%20Xorddos%20with%20Filename%20eyshcjdmzg/30880 AWS S3 Denial of Wallet Amplification Attack https://medium.com/@maciej.pocwierz/how-an-empty-s3-bucket-can-make-your-aws-bill-explode-934a383cb8b1 https://blog.limbus-medtec.com/the-aws-s3-denial-of-wallet-am…
…
continue reading
1
ISC StormCast for Wednesday, May 1st, 2024
6:38
6:38
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
6:38
Another Day, Another NAS: Attacks against Zyxel NAS326 Devices CVE-2023-4473, CVE-2023-4474 https://isc.sans.edu/diary/Another%20Day%2C%20Another%20NAS%3A%20Attacks%20against%20Zyxel%20NAS326%20devices%20CVE-2023-4473%2C%20CVE-2023-4474/30884 R-Bitrary Code Execution: Vulnearbility in R's Deserialization https://hiddenlayer.com/research/r-bitrary-c…
…
continue reading
1
ISC StormCast for Tuesday, April 30th, 2024
6:55
6:55
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
6:55
DLink NAS Exploit Variation https://www.qnap.com/en/security-advisory/qsa-24-09 Muddling Meerkat DNS Abuse https://blogs.infoblox.com/threat-intelligence/a-cunning-operator-muddling-meerkat-and-chinas-great-firewall/ Android TV Data Leakage https://www.youtube.com/watch?v=QiyBXXO8QpA https://www.404media.co/android-tvs-can-expose-user-email-inboxes…
…
continue reading
1
ISC StormCast for Monday, April 29th, 2024
6:36
6:36
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
6:36
Okta warns of increase in credential stuffing https://sec.okta.com/blockanonymizers Fake payment cards used by Police in Japan https://twitter.com/vxunderground/status/1783522097425211887 Phishing Campaigns Targeting USPS https://www.akamai.com/blog/security-research/phishing-usps-malicious-domains-traffic-equal-to-legitimate-traffic Chrome 124 Bre…
…
continue reading
1
ISC StormCast for Friday, April 26th, 2024
20:28
20:28
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
20:28
Does it matter if iptables isn't running on my honeypot? https://isc.sans.edu/forums/diary/Does%20it%20matter%20if%20iptables%20isn't%20running%20on%20my%20honeypot%3F/30862/ Unplugging PlugX: Singholing the PlugX USB worm botnet https://blog.sekoia.io/unplugging-plugx-sinkholing-the-plugx-usb-worm-botnet/ pfSense Updates https://docs.netgate.com/a…
…
continue reading
1
ISC StormCast for Thursday, April 25th, 2024
6:09
6:09
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
6:09
API Rug Pull - The NIST NVD Database and API https://isc.sans.edu/diary/API%20Rug%20Pull%20-%20The%20NIST%20NVD%20Database%20and%20API%20%28Part%204%20of%203%29/30868 Cisco Patches Vulnerabilities and Discovers Arcane Backdoor https://blog.talosintelligence.com/arcanedoor-new-espionage-focused-campaign-found-targeting-perimeter-network-devices/ Vul…
…
continue reading
1
ISC StormCast for Wednesday, April 24th, 2024
6:22
6:22
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
6:22
Struts2 devmode Still a Problem Ten Years Later https://isc.sans.edu/forums/diary/Struts%20%22devmode%22%3A%20Still%20a%20problem%20ten%20years%20later%3F/30866/ Analyzing Forest Blizard's Custom Post-Compromise Tool for exploiting CVE-2022-38028 https://www.microsoft.com/en-us/security/blog/2024/04/22/analyzing-forest-blizzards-custom-post-comprom…
…
continue reading
1
ISC StormCast for Tuesday, April 23rd, 2024
6:05
6:05
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
6:05
Number of Industrial Devices Accessible From Internet Up 30 Thousand over three years https://isc.sans.edu/diary/It%20appears%20that%20the%20number%20of%20industrial%20devices%20accessible%20from%20the%20internet%20has%20risen%20by%2030%20thousand%20over%20the%20past%20three%20years/30860 Evil XDR: Turning an XDR into an Offensive Tool https://www.…
…
continue reading
1
ISC StormCast for Monday, April 22nd, 2024
5:36
5:36
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
5:36
The CVE's They are A-Changing https://isc.sans.edu/diary/The%20CVE%27s%20They%20are%20A-Changing!/30850 CrushFTP 0-Day Vulnerability https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update https://www.reddit.com/r/crowdstrike/comments/1c88788/situational_awareness_20240419_crushftp_virtual/ GitHub Comment Bug Used to Distribute Malware https://ww…
…
continue reading
1
ISC StormCast for Friday, April 19th, 2024
5:06
5:06
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
5:06
Delinea Secret Server Authn Authz Bypass https://straightblast.medium.com/all-your-secrets-are-belong-to-us-a-delinea-secret-server-authn-authz-bypass-adc26c800ad3 Ivanti Avalanche Poc/Details https://www.tenable.com/security/research/tra-2024-10 Advanced Phishing Campaign https://www.lookout.com/threat-intelligence/article/cryptochameleon-fcc-phis…
…
continue reading
1
ISC StormCast for Thursday, April 18th, 2024
5:19
5:19
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
5:19
Malicious PDF File As Delivery Mechanism https://isc.sans.edu/diary/Malicious%20PDF%20File%20Used%20As%20Delivery%20Mechanism/30848 Updated Palo Alto Networks GlobalProtect Guidance https://security.paloaltonetworks.com/CVE-2024-3400 Coordinated Social Engineering Takeovers of Open Source Projects; https://openssf.org/blog/2024/04/15/open-source-se…
…
continue reading
1
ISC StormCast for Wednesday, April 17th, 2024
5:33
5:33
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
5:33
Palo Alto Networks GlobalProtect exploit public and widely exploited CVE-2024-3400 https://isc.sans.edu/forums/diary/Palo%20Alto%20Networks%20GlobalProtect%20exploit%20public%20and%20widely%20exploited%20CVE-2024-3400/30844/ Putty Private Key Recovery https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html Oracle Critical Pa…
…
continue reading
1
ISC StormCast for Tuesday, April 16th, 2024
6:17
6:17
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
6:17
Quick Palo Alto Networks Global Protect Vulnerablity Update CVE-2024-3400 https://isc.sans.edu/diary/30838 Delinea patches critical vulnerability in secret manager https://trust.delinea.com/?tcuUid=17aaf4ef-ada9-46d5-bf97-abd3b07daae3 Lancom Windows Setup Assistant May Reset Password https://www.lancom-systems.com/service-support/general-security-i…
…
continue reading
1
ISC StormCast for Sunday, April 14th, 2024
5:41
5:41
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
5:41
Palo Alto Networks GlobalProtect 0-Day CVE-2024-3400 https://security.paloaltonetworks.com/CVE-2024-3400 https://www.volexity.com/blog/2024/04/12/zero-day-exploitation-of-unauthenticated-remote-code-execution-vulnerability-in-globalprotect-cve-2024-3400/#RespondingToCompromiseOleh Dr. Johannes B. Ullrich
…
continue reading
1
ISC StormCast for Friday, April 12th, 2024
6:11
6:11
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
6:11
BatBadBut: You can't securely execute commands on Windows https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/ FortiClient Linux Remote Code Execution https://www.fortiguard.com/psirt/FG-IR-23-087 Apple Threat Notifications and Protecting Against Mercenary Spyware https://support.apple.com/en-us/102174 New Tech…
…
continue reading
1
ISC StormCast for Thursday, April 11th, 2024
5:59
5:59
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
5:59
Rust Command API code execution vulnerability CVE-2024-24576 https://blog.rust-lang.org/2024/04/09/cve-2024-24576.html Adobe Updates: Magento Adobe Commerce CVE-2024-20759 CVE-2024-20758 https://helpx.adobe.com/security/products/magento/apsb24-18.html https://helpx.adobe.com/security.html Fortinet FortiOS And FortiProxy Vulnerability CVE-2023-41677…
…
continue reading
1
ISC StormCast for Wednesday, April 10th, 2024
6:31
6:31
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
6:31
Microsoft Patches https://isc.sans.edu/forums/diary/April%202024%20Microsoft%20Patch%20Tuesday%20Summary/30822/ D-Link NAS Backdoor https://github.com/netsecfish/dlink LG SmartTV Vulnerabilities https://www.bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/Oleh Dr. Johannes B. Ullrich
…
continue reading
1
ISC StormCast for Tuesday, April 9th, 2024
5:59
5:59
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
5:59
A Use Case for Adding Threat Hunting to Your Security Operations Team. https://isc.sans.edu/diary/30816 Notepad++ Parasite Site https://notepad-plus-plus.org/news/help-to-take-down-parasite-site/ Hugging Face Pickle File Vulnerablities https://huggingface.co/blog/hugging-face-wiz-security-blog Google Considers V8 Sandbox no longer experimental http…
…
continue reading
1
ISC StormCast for Monday, April 8th, 2024
5:29
5:29
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
5:29
Heartbleed 10th Anniversary https://heartbleed.com/ Possible Libarchive Backdoor Vulnerability https://github.com/libarchive/libarchive/pull/1609 Magento XML Backdoor https://sansec.io/research/magento-xml-backdoor Google Public DNS's approach to fight against cache poisoning attacks https://security.googleblog.com/2024/03/google-public-dnss-approa…
…
continue reading
1
ISC StormCast for Friday, April 5th, 2024
15:11
15:11
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
15:11
Slicing up DoNex with Binary Ninja https://isc.sans.edu/diary/Slicing%20up%20DoNex%20with%20Binary%20Ninja/30812 HTTP/2 Continuation Flood https://nowotarski.info/http2-continuation-flood-technical-details/ Dangers of CSS in HTML Email https://lutrasecurity.com/en/articles/kobold-letters/ Dan Mazzella: Infostealers in Automotive Headunits https://w…
…
continue reading
1
ISC StormCast for Thursday, April 4th, 2024
6:02
6:02
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
6:02
Playing with xzbot: Some things you can learn from SSH traffic https://isc.sans.edu/forums/diary/Some%20things%20you%20can%20learn%20from%20SSH%20traffic/30808/ Google Proposes Device Bound Session Credentials (DBSC) https://blog.chromium.org/2024/04/fighting-cookie-theft-using-device.html Four More Ivanti Vulnerabilities https://forums.ivanti.com/…
…
continue reading
1
ISC StormCast for Wednesday, April 3rd, 2024
5:39
5:39
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
5:39
Chrome Incognito Mode Settlement https://www.wired.com/story/google-chrome-incognito-mode-data-deletion-settlement/ Google E-Mail Sender Guidelines FAQ https://support.google.com/a/answer/14229414?hl=en&fl=1&sjid=2270464422796374445-NC Cisco Updates and VPN Best Practices https://www.cisco.com/c/en/us/support/docs/security/secure-firewall-threat-de…
…
continue reading
1
ISC StormCast for Tuesday, April 2nd, 2024
7:09
7:09
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
7:09
The amazingly scary xz sshd backdoor https://isc.sans.edu/diary/The%20amazingly%20scary%20xz%20sshd%20backdoor/30802 The xz-utils backdoor in security advisories by national CSIRTs https://isc.sans.edu/diary/The+xzutils+backdoor+in+security+advisories+by+national+CSIRTs/30800 Checking CSV Files https://isc.sans.edu/diary/Checking%20CSV%20Files/3079…
…
continue reading
1
ISC StormCast for Monday, April 1st, 2024
7:37
7:37
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
7:37
xz-utils Backdoor CVE-2024-3094 https://www.openwall.com/lists/oss-security/2024/03/29/4 https://tukaani.org/xz-backdoor/ https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27 Backdoor reverse analysis https://bsky.app/profile/did:plc:x2nsupeeo52oznrmplwapppl/post/3kowjkx2njy2b YARA Rule https://github.com/byinarie/CVE-2024-3094-info/…
…
continue reading
1
ISC StormCast for Friday, March 29th, 2024
5:36
5:36
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
5:36
From JavaScript to AsyncRAT https://isc.sans.edu/diary/From%20JavaScript%20to%20AsyncRAT/30788 TeamCity Patches https://www.jetbrains.com/privacy-security/issues-fixed/?product=TeamCity&version=2024.03 Okta Verify for Windows Auto-update Arbitrary Code Execution CVE-2024-0980 https://trust.okta.com/security-advisories/okta-verify-windows-auto-updat…
…
continue reading