News And Information For And About People Of Color-Told with a little flava. Support this podcast: https://podcasters.spotify.com/pod/show/alexander-kaydin/support
…
continue reading
Broadcasting from Eugene Oregon since 2009 with over 500 episodes and rebroadcast on over 20 other services making us one of the longest Internet talk radio stations in the Eugene area, welcome to KRBN Internet News Talk Radio. Featured program every Wednesday, The Boze Noze Show hosted by sitting West Lane County Commissioner Jay Bozievich. Jay is donating his time each week to make himself directly available to the general public. Check out our Facebook page https://www.facebook.com/KRBNra ...
…
continue reading
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minutes long summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Storm Center. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
…
continue reading
1
Internet Explorers: SEO, PPC and Content Marketing News
Digital Third Coast - Tom Shearman, Kristen Geil and Nathan Pabich
…
continue reading
Vietnam Internet Radio News
…
continue reading
IoTA is the companion blog to the IoTA Podcast. IoTA is dedicated to the Internet of Things. The Podcast will review daily news stories in IoT and will conduct frequent companion episodes where we interview people who are in the IoT Industry.
…
continue reading
1
RIApodcast - we discuss the latest news and topics in Rich Internet Applications and Technologies
John Mason
A technology podcast focusing on Rich Internet Technologies such as ColdFusion, Flex, Flash, jQuery and AIR.
…
continue reading
Zyxel NAS Attacks; R Vulnerability; Malicious Containers; NVMe-oF/TCP Vulns; Another Day, Another NAS: Attacks against Zyxel NAS326 Devices CVE-2023-4473, CVE-2023-4474 https://isc.sans.edu/diary/Another%20Day%2C%20Another%20NAS%3A%20Attacks%20against%20Zyxel%20NAS326%20devices%20CVE-2023-4473%2C%20CVE-2023-4474/30884 R-Bitrary Code Execution: Vuln…
…
continue reading
UINWA is the real news, told with a little flava --- Support this podcast: https://podcasters.spotify.com/pod/show/alexander-kaydin/support
…
continue reading
DLink NAS Exploit Variation; DNS and Great Firewall of China; Android TV Data Leakage DLink NAS Exploit Variation https://www.qnap.com/en/security-advisory/qsa-24-09 Muddling Meerkat DNS Abuse https://blogs.infoblox.com/threat-intelligence/a-cunning-operator-muddling-meerkat-and-chinas-great-firewall/ Android TV Data Leakage https://www.youtube.com…
…
continue reading
Credential Stuffing Increase; Fake Payment Cards; USPS Phishing; Chrome Post Quantum TLS Issues; Okta warns of increase in credential stuffing https://sec.okta.com/blockanonymizers Fake payment cards used by Police in Japan https://twitter.com/vxunderground/status/1783522097425211887 Phishing Campaigns Targeting USPS https://www.akamai.com/blog/sec…
…
continue reading
Honeypot Firewalls; Unplugging PlugX; pfsense and GitLab Updates; Blocking LOLBins @sans_edu Does it matter if iptables isn't running on my honeypot? https://isc.sans.edu/forums/diary/Does%20it%20matter%20if%20iptables%20isn't%20running%20on%20my%20honeypot%3F/30862/ Unplugging PlugX: Singholing the PlugX USB worm botnet https://blog.sekoia.io/unpl…
…
continue reading
NVD API Updates; Cisco Patches and Backdoor; Keyboard App Vulns; node-mysql2 vulns; API Rug Pull - The NIST NVD Database and API https://isc.sans.edu/diary/API%20Rug%20Pull%20-%20The%20NIST%20NVD%20Database%20and%20API%20%28Part%204%20of%203%29/30868 Cisco Patches Vulnerabilities and Discovers Arcane Backdoor https://blog.talosintelligence.com/arca…
…
continue reading
struts2 devmode scans; Russian PrinterNightmare; Exchange Server Fix; Flowmon Exploit; GuptiMiner; Struts2 devmode Still a Problem Ten Years Later https://isc.sans.edu/forums/diary/Struts%20%22devmode%22%3A%20Still%20a%20problem%20ten%20years%20later%3F/30866/ Analyzing Forest Blizard's Custom Post-Compromise Tool for exploiting CVE-2022-38028 http…
…
continue reading
Exposed ICS; Evil XDR; GitLab Comment Bug; Number of Industrial Devices Accessible From Internet Up 30 Thousand over three years https://isc.sans.edu/diary/It%20appears%20that%20the%20number%20of%20industrial%20devices%20accessible%20from%20the%20internet%20has%20risen%20by%2030%20thousand%20over%20the%20past%20three%20years/30860 Evil XDR: Turning…
…
continue reading
CVE Changes; CrushFTP 0-Day; GitHub Comment Bug; YubiKey Manager Bug; PAN GlobalProtect Update The CVE's They are A-Changing https://isc.sans.edu/diary/The%20CVE%27s%20They%20are%20A-Changing!/30850 CrushFTP 0-Day Vulnerability https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update https://www.reddit.com/r/crowdstrike/comments/1c88788/situationa…
…
continue reading
Delinea PoC; Ivanti Avalanche PoC; Advanced Phishing Campaign; go-getter update; OfflRouter Virus Delinea Secret Server Authn Authz Bypass https://straightblast.medium.com/all-your-secrets-are-belong-to-us-a-delinea-secret-server-authn-authz-bypass-adc26c800ad3 Ivanti Avalanche Poc/Details https://www.tenable.com/security/research/tra-2024-10 Advan…
…
continue reading
AgentTesla via PDF; GlobalProtect Updates; Open Source Takeovers; OpenMetaData Attacks Malicious PDF File As Delivery Mechanism https://isc.sans.edu/diary/Malicious%20PDF%20File%20Used%20As%20Delivery%20Mechanism/30848 Updated Palo Alto Networks GlobalProtect Guidance https://security.paloaltonetworks.com/CVE-2024-3400 Coordinated Social Engineerin…
…
continue reading
GlobalProtect Exploit Public; Putty Private Key Vuln; Palo Alto Networks GlobalProtect exploit public and widely exploited CVE-2024-3400 https://isc.sans.edu/forums/diary/Palo%20Alto%20Networks%20GlobalProtect%20exploit%20public%20and%20widely%20exploited%20CVE-2024-3400/30844/ Putty Private Key Recovery https://www.chiark.greenend.org.uk/~sgtatham…
…
continue reading
GlobalProtect Updates; Delinea Patch; Lancom PW reset; PHP Patch; Duo leak; LastPass Deepfake Quick Palo Alto Networks Global Protect Vulnerablity Update CVE-2024-3400 https://isc.sans.edu/diary/30838 Delinea patches critical vulnerability in secret manager https://trust.delinea.com/?tcuUid=17aaf4ef-ada9-46d5-bf97-abd3b07daae3 Lancom Windows Setup …
…
continue reading
Palo Alto Networks GlobalProtect 0-Day Vulnerability Exploited Palo Alto Networks GlobalProtect 0-Day CVE-2024-3400 https://security.paloaltonetworks.com/CVE-2024-3400 https://www.volexity.com/blog/2024/04/12/zero-day-exploitation-of-unauthenticated-remote-code-execution-vulnerability-in-globalprotect-cve-2024-3400/#RespondingToCompromise keywords:…
…
continue reading
UINWA is the real news, told with a little Flava --- Support this podcast: https://podcasters.spotify.com/pod/show/alexander-kaydin/support
…
continue reading
BatBadBut Vulnerability; FortiClient Linux RCE; Apple Notifications; GitHub Search Tricks; BatBadBut: You can't securely execute commands on Windows https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/ FortiClient Linux Remote Code Execution https://www.fortiguard.com/psirt/FG-IR-23-087 Apple Threat Notificatio…
…
continue reading
Rust Vulnerability; Adobe Updates; Fortinet Patches; Malicious Windows Driver Rust Command API code execution vulnerability CVE-2024-24576 https://blog.rust-lang.org/2024/04/09/cve-2024-24576.html Adobe Updates: Magento Adobe Commerce CVE-2024-20759 CVE-2024-20758 https://helpx.adobe.com/security/products/magento/apsb24-18.html https://helpx.adobe.…
…
continue reading
Microsoft Patches; D-Link NAS Backdoor; LG WebOS TV Vulnerabilities Microsoft Patches https://isc.sans.edu/forums/diary/April%202024%20Microsoft%20Patch%20Tuesday%20Summary/30822/ D-Link NAS Backdoor https://github.com/netsecfish/dlink LG SmartTV Vulnerabilities https://www.bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/ keywords:…
…
continue reading
Why Threat Hunting; Notepad++ Domain Issue; Pickle ML Vulns; V8 Sandbox A Use Case for Adding Threat Hunting to Your Security Operations Team. https://isc.sans.edu/diary/30816 Notepad++ Parasite Site https://notepad-plus-plus.org/news/help-to-take-down-parasite-site/ Hugging Face Pickle File Vulnerablities https://huggingface.co/blog/hugging-face-w…
…
continue reading
Heartbleed 10th Anniversary; Magento Backdoor; Fighting DNS Spoofing; Brocade Vuln; @sans_emea evening talk Heartbleed 10th Anniversary https://heartbleed.com/ Possible Libarchive Backdoor Vulnerability https://github.com/libarchive/libarchive/pull/1609 Magento XML Backdoor https://sansec.io/research/magento-xml-backdoor Google Public DNS's approac…
…
continue reading
--- Support this podcast: https://podcasters.spotify.com/pod/show/alexander-kaydin/support
…
continue reading
Reversing DoNex; HTTP/2 Continuation Flood; Kobold Letters; Infostealers in Automotive Headunits @sans_edu Slicing up DoNex with Binary Ninja https://isc.sans.edu/diary/Slicing%20up%20DoNex%20with%20Binary%20Ninja/30812 HTTP/2 Continuation Flood https://nowotarski.info/http2-continuation-flood-technical-details/ Dangers of CSS in HTML Email https:/…
…
continue reading
Playing with xzbot; Device Bound Session Credentials; Ivanti Vulns; Google Pixel 0-Day Playing with xzbot: Some things you can learn from SSH traffic https://isc.sans.edu/forums/diary/Some%20things%20you%20can%20learn%20from%20SSH%20traffic/30808/ Google Proposes Device Bound Session Credentials (DBSC) https://blog.chromium.org/2024/04/fighting-coo…
…
continue reading
Chrome Incognito Mode; GMail Anti-Spam; Cisco Updates; Apache Pulsar Updates; Progress Flowmon Vuln; Chrome Incognito Mode Settlement https://www.wired.com/story/google-chrome-incognito-mode-data-deletion-settlement/ Google E-Mail Sender Guidelines FAQ https://support.google.com/a/answer/14229414?hl=en&fl=1&sjid=2270464422796374445-NC Cisco Updates…
…
continue reading
xz-utils update; csv files; MacOS Infostealer The amazingly scary xz sshd backdoor https://isc.sans.edu/diary/The%20amazingly%20scary%20xz%20sshd%20backdoor/30802 The xz-utils backdoor in security advisories by national CSIRTs https://isc.sans.edu/diary/The+xzutils+backdoor+in+security+advisories+by+national+CSIRTs/30800 Checking CSV Files https://…
…
continue reading
xz-utils Backdoor (CVE-2024-3094) xz-utils Backdoor CVE-2024-3094 https://www.openwall.com/lists/oss-security/2024/03/29/4 https://tukaani.org/xz-backdoor/ https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27 Backdoor reverse analysis https://bsky.app/profile/did:plc:x2nsupeeo52oznrmplwapppl/post/3kowjkx2njy2b YARA Rule https://githu…
…
continue reading
JavaScript to AsyncRAT; TeamCity Patch; Okta Verify Patch; Google 0-Day Report From JavaScript to AsyncRAT https://isc.sans.edu/diary/From%20JavaScript%20to%20AsyncRAT/30788 TeamCity Patches https://www.jetbrains.com/privacy-security/issues-fixed/?product=TeamCity&version=2024.03 Okta Verify for Windows Auto-update Arbitrary Code Execution CVE-2024…
…
continue reading