ISC StormCast for Friday, June 18th, 2021

By Johannes B. Ullrich, Ph.D. Network Forensics on Azure VMs https://isc.sans.edu/forums/diary/Network+Forensics+on+Azure+VMs+Part+1/27536/ Fake Ledger Hardware Wallets https://www.ledger.com/phishing-campaigns-status#phishing-campaigns https://www.reddit.com/r/ledgerwallet/comments/o154gz/package_from_ledger_is_this_legit/ Zoll Defibrilator Dashboard Vulnerability https://us-cert.cisa.gov/ics/advisories/icsma-21-161-01 Akamai Prolexic Outage https://threatpost.com/hiccup-akamais-ddos-outages/167004/ More Here      

ISC StormCast for Thursday, June 17th, 2021

By Johannes B. Ullrich, Ph.D. June 2021 Forensic Quiz https://isc.sans.edu/forums/diary/June+2021+Forensic+Contest/27532/ ThroughTek IP Camera SDK Vulnerability https://www.nozominetworks.com/blog/new-iot-security-risk-throughtek-p2p-supply-chain-vulnerability/ Peleoton Insecure Boot Vulnerability https://www.mcafee.com/blogs/other-blogs/mcafee-labs/a-new-program-for-your-peloton-whether-you-like-it-or-not/ Microsoft Defender for Endpoint Detecting Jailbroken Devices https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/announcing-new-capabilities-on-android-and-ios/ba-p/2442730 More Here      

ISC StormCast for Wednesday, June 16th, 2021

By Johannes B. Ullrich, Ph.D. Multi Perimeter Device Exploit Mirai Version Hunting For Sonicwall, DLink, Cisco and more https://isc.sans.edu/forums/diary/Multi+Perimeter+Device+Exploit+Mirai+Version+Hunting+For+Sonicwall+DLink+Cisco+and+more/27528/ Google Open Sourcing Homomorphic Encrypion Libraries https://developers.googleblog.com/2021/06/our-latest-updates-on-fully-homomorphic-encryption.html Stealing Tokens, emails, files and more in Microsoft Teams https://medium.com/tenable-techblog/stealing-tokens-emails-files-and-more-in-microsoft-teams-through-malicious-tabs-a7e5ff07b138 More Here      

ISC StormCast for Tuesday, June 15th, 2021

By Johannes B. Ullrich, Ph.D. Apple iOS 12.5.4 Security Update https://support.apple.com/en-us/HT212548 NIST.gov DNS Issues https://puck.nether.net/pipermail/outages/2021-June/013670.html Akkadian Provisioning Manager Multiple Vulnerabilities https://www.rapid7.com/blog/post/2021/06/08/akkadian-provisioning-manager-multiple-vulnerabilities-disclosure/ Bypassing MFA in Exchange Online https://www.microsoft.com/security/blog/2021/06/14/behind-the-scenes-of-business-email-compromise-using-cross-domain-threat-data-to-disrupt-a-large-bec-infrastructure/ More Here      

ISC StormCast for Monday, June 14th, 2021

By Johannes B. Ullrich, Ph.D. EoL SonicWall SRA 4600 VPN Gateways Exploited in Current Attacks https://isc.sans.edu/forums/diary/Sonicwall+SRA+4600+Targeted+By+an+Old+Vulnerability/27518/ Older Fortinet Vulnerability Still Exploited https://isc.sans.edu/forums/diary/Fortinet+Targeted+for+Unpatched+SSL+VPN+Discovery+Activity/27520/ PrivacyMic: Utlizing Inaudible Frequencies for Privacy Preserving Daily Activity Recognition http://alansonsample.com/publications/docs/2021%20-%20CHI%20-%20PrivacyMic-%20Utilizing%20Inaudible%20Frequencies%20for%20Privacy%20Preserving%20Daily%20Activity%20Recognition.pdf Linux Vulnerability in polkit https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/ More Here