Securely Access Your Desktop By NOT VPN’ing.

I have been thinking lately on how I can access my home desktop (don’t ask me why I wan’t to do this) or my router/firewall config (which is not directly accessible to internet.

On this article, let’s explore some ideas on how we can accomplish this without running a VPN server or subscribing to any third-party remote access services.

… stay tuned

 

ISC StormCast for Tuesday, June 15th, 2021

By Johannes B. Ullrich, Ph.D. Apple iOS 12.5.4 Security Update
https://support.apple.com/en-us/HT212548
NIST.gov DNS Issues
https://puck.nether.net/pipermail/outages/2021-June/013670.html
Akkadian Provisioning Manager Multiple Vulnerabilities
https://www.rapid7.com/blog/post/2021/06/08/akkadian-provisioning-manager-multiple-vulnerabilities-disclosure/
Bypassing MFA in Exchange Online
https://www.microsoft.com/security/blog/2021/06/14/behind-the-scenes-of-business-email-compromise-using-cross-domain-threat-data-to-disrupt-a-large-bec-infrastructure/
More Here      

ISC StormCast for Monday, June 14th, 2021

By Johannes B. Ullrich, Ph.D. EoL SonicWall SRA 4600 VPN Gateways Exploited in Current Attacks
https://isc.sans.edu/forums/diary/Sonicwall+SRA+4600+Targeted+By+an+Old+Vulnerability/27518/
Older Fortinet Vulnerability Still Exploited
https://isc.sans.edu/forums/diary/Fortinet+Targeted+for+Unpatched+SSL+VPN+Discovery+Activity/27520/
PrivacyMic: Utlizing Inaudible Frequencies for Privacy Preserving Daily Activity Recognition
http://alansonsample.com/publications/docs/2021%20-%20CHI%20-%20PrivacyMic-%20Utilizing%20Inaudible%20Frequencies%20for%20Privacy%20Preserving%20Daily%20Activity%20Recognition.pdf
Linux Vulnerability in polkit
https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/
More Here      

ISC StormCast for Friday, June 11th, 2021

By Johannes B. Ullrich, Ph.D. Are Cookie Banners a Waste of Time or a Complete Waste of Time?
https://isc.sans.edu/forums/diary/Are+Cookie+Banners+a+Waste+of+Time+or+a+Complete+Waste+of+Time/27436/
Citrix Application Delivery Controller Vulnerability
https://support.citrix.com/article/CTX297155
VoIP Monitor GUI XSS
https://www.rtcsec.com/post/2021/06/abusing-sip-for-cross-site-scripting-most-definitely/
Denial of Service Vulnerabilitiesin RabbitMQ, EMQ X,and VeneMQ
https://www.synopsys.com/blogs/software-security/cyrc-advisory-rabbitmq-emqx-vernemq/
More Here      

ISC StormCast for Thursday, June 10th, 2021

By Johannes B. Ullrich, Ph.D. Architecture, Compilers and Black Magic
https://isc.sans.edu/forums/diary/Architecture+compilers+and+black+magic+or+what+else+affects+the+ability+of+AVs+to+detect+malicious+files/27510/
ALPACA TLS Attack
https://alpaca-attack.com/ALPACA.pdf
Google Chrome Update
https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html
More Here      

ISC StormCast for Wednesday, June 9th, 2021

By Johannes B. Ullrich, Ph.D. Microsoft Patch Tuesday
https://isc.sans.edu/forums/diary/Microsoft+June+2021+Patch+Tuesday/27506/
PuzzleMaker Attacks With Chrome Zero-Day Exploit Chain
https://securelist.com/puzzlemaker-chrome-zero-day-exploit-chain/102771/
Intel Patches
https://www.intel.com/content/www/us/en/security-center/default.html
Adobe Updates
https://helpx.adobe.com/security.html
Let’s Encrypt and CentOS 7
https://blog.devgenius.io/lets-encrypt-change-affects-openssl-1-0-x-and-centos-7-49bd66016af3
More Here