ISC StormCast for Friday, August 28th 2015

By Johannes Ullrich Obfuscating Malicious Word Macros Inside PDFs
https://isc.sans.edu/forums/diary/PDF+maldoc1+maldoc2/20079/
Patch For BitTorrent Traffic Amplification Bug
http://engineering.bittorrent.com/2015/08/27/drdos-udp-based-protocols-and-bittorrent/
Adobe Cold Fusion Patch
https://helpx.adobe.com/security/products/coldfusion/apsb15-21.html
Iranian Attackers Phish Google 2FA Tokens
https://citizenlab.org/2015/08/iran_two_factor_phishing/ More Here      

ISC StormCast for Thursday, August 27th 2015

By Johannes Ullrich TeslaCrypt 2.0 Malware Moves Back to Angler from Neutrino EK
https://isc.sans.edu/forums/diary/Actor+that+tried+Neutrino+exploit+kit+now+back+to+Angler/20075/
Hardcoded Default Admin Password in Serveral DSL Routers
http://www.kb.cert.org/vuls/id/950576
Paypal Introduced “One Click” Payments
https://stories.paypal-corp.com/home/paypal-one-touch-is-now-being-used-by-millions-of-people-and-available-in-16-countries
Malware in Embeded RTF Documents
http://researchcenter.paloaltonetworks.com/2015/08/rtf-exploit-installs-italian-rat-uwarrior/
GRSecurity Restricting Availability of Stable Patches
https://grsecurity.net/announce.php More Here      

ISC StormCast for Wednesday, August 26th 2015

By Johannes Ullrich Dropbox Phishing
https://isc.sans.edu/forums/diary/Dropbox+Phishing+via+Compromised+Wordpress+Site/20073/
Recordable Activator Exploits Certifigate Vulnerability
http://blog.checkpoint.com/2015/08/25/certifigate-statistics-exploitation-mitigation/
Malware uses AutoIT to Run Macros
https://threatpost.com/autoit-used-in-targeted-attacks-to-move-rats/114406 More Here      

ISC StormCast for Tuesday, August 25th 2015

By Johannes Ullrich Samsung Smart Fridge Vulnerabilities
http://www.pentestpartners.com/blog/hacking-defcon-23s-iot-village-samsung-fridge/
Remote Access Security
https://isc.sans.edu/forums/diary/Are+You+Protecting+your+Backdoor/20069/
Amazon No Longer Allowing flash in Ads
http://advertising.amazon.com/ad-specs/en/policy/technical-guidelines
iPhone “Quicksand” Vulnerability
https://www.appthority.com/enterprise-mobile-threats/2015/08/19/quicksand-a-new-enterprise-ios-vulnerability/
Backdooring Javascript With Minifier
https://zyan.scripts.mit.edu/blog/backdooring-js/ More Here      

ISC StormCast for Monday, August 24th 2015

By Johannes Ullrich Decline in Malware From Windigo Group
https://isc.sans.edu/forums/diary/A+recent+decline+in+traffic+associated+with+Operation+Windigo/20065/
ZScaler Associates Recent Malware Spike with WordPress Exploits
http://research.zscaler.com/2015/08/neutrino-campaign-leveraging-wordpress.html
Predictable Android Lock Patterns
http://arstechnica.com/security/2015/08/new-data-uncovers-the-surprising-predictability-of-android-lock-patterns/
Apple Update for QuickTime
http://support.apple.com/kb/HT1222
PlentyOfFish Targeted by Malicious Ads
https://blog.malwarebytes.org/malvertising-2/2015/08/malvertising-hits-online-dating-site-plentyoffish/
Microsoft Only Published “Significant” Vulnerability details for Windows 10
http://www.theregister.co.uk/2015/08/21/microsoft_will_explain_only_significant_windows_10_updates/
More Here