ISC StormCast for Friday, October 15th, 2021

By Johannes B. Ullrich, Ph.D. Port Forwarding with Windows for the Win
https://isc.sans.edu/forums/diary/PortForwarding+with+Windows+for+the+Win/27934/
Please Fix Your E-Mail Brute Forcing Tool
https://isc.sans.edu/forums/diary/Please+fix+your+EMail+Brute+forcing+tool/27930/
Ad Blocker Injects Ads
https://www.imperva.com/blog/the-ad-blocker-that-injects-ads/
Romance Scams Go After Crypto Currency
https://nakedsecurity.sophos.com/2021/10/13/romance-scams-with-a-cryptocurrency-twist-new-research-from-sophoslabs/
Sysmon For Linux
https://github.com/Sysinternals/SysmonForLinux
Foxit Updates
https://www.foxit.com/support/security-bulletins.html

VMWare Updates
https://www.vmware.com/security/advisories/VMSA-2021-0023.html
More Here      

ISC StormCast for Wednesday, October 13th, 2021

By Johannes B. Ullrich, Ph.D. Microsoft Patch Tuesday
https://isc.sans.edu/forums/diary/Microsoft+October+2021+Patch+Tuesday/27928/
Adobe Patches
https://helpx.adobe.com/security/security-bulletin.html
PyPi Remove mitmproxy2 Module
https://twitter.com/maximilianhils/status/1447525552370458625
https://web.archive.org/web/20211012105244/https://gist.github.com/mhils/7ff29d50b25a1c99e06834cf95684333
More Here      

ISC StormCast for Tuesday, October 12th, 2021

By Johannes B. Ullrich, Ph.D. Non HTTP Requests Hitting Web Server
https://isc.sans.edu/forums/diary/Things+that+go+Bump+in+the+Night+Non+HTTP+Requests+Hitting+Web+Servers/27924/
Apple Updates iOS/iPadOS to 15.0.2
https://saaramar.github.io/IOMFB_integer_overflow_poc/
https://support.apple.com/en-us/HT212846
Weak SSH Keys Used with GitKraken
https://github.blog/2021-10-11-github-security-update-revoking-weakly-generated-ssh-keys/
Let’s Encrypt Outage
https://letsencrypt.status.io/pages/incident/55957a99e800baa4470002da/6164b5af714e1f053880ba0c
More Here      

ISC StormCast for Monday, October 11th, 2021

By Johannes B. Ullrich, Ph.D. Scanning for Previous Oracle WebLogic Vulnerabilities
https://isc.sans.edu/forums/diary/Scanning+for+Previous+Oracle+WebLogic+Vulnerabilities/27918/
Sorting Things Out – Sorting Data by IP Address
https://isc.sans.edu/forums/diary/Sorting+Things+Out+Sorting+Data+by+IP+Address/27916/
https://gitlab.com/slackermedia/bashcrawl
Telegram Does Not Remove Auto-Deleted Messages from Cache
https://habr.com/en/post/580582/
Microsoft To Disable Excel 4.0 Macros By Default
https://twitter.com/GelosSnake/status/1446192775087722497
https://m365admin.handsontek.net/macro-settings-update-to-disable-excel-4-0-macros-by-default/
More Here      

ISC StormCast for Friday, October 8th, 2021

By Johannes B. Ullrich, Ph.D. Who is Hunting For Your IPTV Set-Top Box?
https://isc.sans.edu/forums/diary/Who+Is+Hunting+For+Your+IPTV+SetTop+Box/27912/
Another Update For Apache
https://httpd.apache.org
Font on Lake Rootkit
https://www.welivesecurity.com/2021/10/07/fontonlake-previously-unknown-malware-family-targeting-linux/
osquery 5 with macOS Endpoint Security
https://www.trailofbits.com/post/announcing-osquery-5-now-with-endpointsecurity-on-macos
More Here