Securely Access Your Desktop By NOT VPN’ing.

I have been thinking lately on how I can access my home desktop (don’t ask me why I wan’t to do this) or my router/firewall config (which is not directly accessible to internet.

On this article, let’s explore some ideas on how we can accomplish this without running a VPN server or subscribing to any third-party remote access services.

… stay tuned

 

ISC StormCast for Wednesday, May 23rd 2018

Malicious SYLK Files Used to Execute Code in Excel
https://isc.sans.edu/forums/diary/Malware+Distributed+via+slk+Files/23687/
BMW Releases Patches for Several Cars
https://keenlab.tencent.com/en/Experimental_Security_Assessment_of_BMW_Cars_by_KeenLab.pdf
Mac Crypto Miners
https://blog.malwarebytes.com/threat-analysis/mac-threat-analysis/2018/05/new-mac-cryptominer-uses-xmrig/
VMWare Spectre Updates
https://www.vmware.com/security/advisories/VMSA-2018-0012.html
More Here      

ISC StormCast for Tuesday, May 22nd 2018

Spectre NG Patches
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012
https://newsroom.intel.com/editorials/addressing-new-research-for-side-channel-analysis/
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012
https://bugs.chromium.org/p/project-zero/issues/detail?id=1528
New “Moon” Variant
http://blog.netlab.360.com/gpon-exploit-in-the-wild-iv-themoon-botnet-join-in-with-a-0day/
https://isc.sans.edu/forums/diary/Something+Wicked+this+way+comes/23681/
Extracting Keys From Windows ssh-agent
https://blog.ropnop.com/extracting-ssh-private-keys-from-windows-10-ssh-agent/
More Here      

ISC StormCast for Monday, May 21st 2018

Redis Cryptocoin Mining Worm
https://isc.sans.edu/forums/diary/Anatomy+of+a+Redis+mining+worm/23673/
Evolving Chrome’s Security Indicator
https://blog.chromium.org/2018/05/evolving-chromes-security-indicators.html
DrayTek CSRF 0-Day Exploited to Change DNS Servers
https://www.draytek.co.uk/support/security-advisories/kb-advisory-csrf-and-dns-dhcp-web-attacks
Rowhammer Remote Exploit
https://www.cs.vu.nl/~herbertb/download/papers/throwhammer_atc18.pdf
https://arxiv.org/abs/1805.04956
More Here      

ISC StormCast for Friday, May 18th 2018

By Johannes B. Ullrich, Ph.D. Claymore Miner Attack
Insecure Claymore Miner Management API Exploited in the Wild
PCI DSS Version 3.2.1. Released
https://isc.sans.edu/forums/diary/PCI+DSS+version+321+is+out/23667/
Keeper Releases Update
https://keepersecurity.com/blog/2018/05/15/response-may-15-seclists-report/
Cisco Security Update
https://tools.cisco.com/security/center/publicationListing.x
More Here      

ISC StormCast for Thursday, May 17th 2018

By Johannes B. Ullrich, Ph.D. Critical DHCP Client Vulnerability in RedHat Enterprise Server 6/7
https://access.redhat.com/security/vulnerabilities/3442151
UPnP Misconfiguration DDoS Attack
https://www.theregister.co.uk/2018/05/16/upnp_amplifies_ddos_attacks/
Ubuntu Snap Store Miner Incident Followup
https://blog.ubuntu.com/2018/05/15/trust-and-security-in-the-snap-store
iOS / Android “Zipper Down” Vulnerability
https://zipperdown.org/
More Here