Handler on Duty: Xavier Mertens
Threat Level: green
Podcast Detail
Kaspersky Publishes Investigation Results; Inineon Bug Test; Micropath DDE; Finding Miners
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://chrt.fm/track/2748D7/https://traffic.libsyn.com/securitypodcast/5730.mp3
My Next Class
Application Security: Securing Web Apps, APIs, and Microservices | Washington | Dec 13th - Dec 18th 2024 |
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
Interested in Internet Storm Center stickers? Check here if there are still some available for today.
Results of Kaspersky's Internal Investigation
https://www.kaspersky.com/blog/internal-investigation-preliminary-results/19894/
Infineon Bug Testing Tool
https://gist.githubusercontent.com/marcan/fc87aa78085c2b6f979aefc73fdc381f/raw/526bc2f2249a2e3f5d4450c7c412e0dbf57b2288/roca_test.py
https://github.com/ThomasHabets/simple-tpm-pk11/blob/master/check-srk/check-srk.cc
Micropatch Available for "DDE Vulnerability"
https://0patch.blogspot.com/2017/10/0patching-office-dde-ddeauto.html
Finding Cryptocurrency Miners
https://medium.com/@s3yfullah/hacking-cryptocurrency-miners-with-osint-techniques-677bbb3e0157
https://www.kaspersky.com/blog/internal-investigation-preliminary-results/19894/
Infineon Bug Testing Tool
https://gist.githubusercontent.com/marcan/fc87aa78085c2b6f979aefc73fdc381f/raw/526bc2f2249a2e3f5d4450c7c412e0dbf57b2288/roca_test.py
https://github.com/ThomasHabets/simple-tpm-pk11/blob/master/check-srk/check-srk.cc
Micropatch Available for "DDE Vulnerability"
https://0patch.blogspot.com/2017/10/0patching-office-dde-ddeauto.html
Finding Cryptocurrency Miners
https://medium.com/@s3yfullah/hacking-cryptocurrency-miners-with-osint-techniques-677bbb3e0157
Discussion
New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form
Application Security: Securing Web Apps, APIs, and Microservices | Washington | Dec 13th - Dec 18th 2024 |
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
Network Monitoring and Threat Detection In-Depth | Baltimore | Mar 3rd - Mar 8th 2025 |
Application Security: Securing Web Apps, APIs, and Microservices | Orlando | Apr 13th - Apr 18th 2025 |