Handler on Duty: Guy Bruneau
Threat Level: green
Podcast Detail
Bumblebee via TransferXL; MSFT OOB Update; SonicWall SMA1000; QNAP Deadbolt; DOJ Policy Update; Exposed Kubernetes
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://chrt.fm/track/2748D7/https://traffic.libsyn.com/securitypodcast/8016.mp3
My Next Class
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
Network Monitoring and Threat Detection In-Depth | Baltimore | Mar 3rd - Mar 8th 2025 |
Interested in Internet Storm Center stickers? Check here if there are still some available for today.
Bumblebee Malware from TransferXL URLs
https://isc.sans.edu/forums/diary/Bumblebee+Malware+from+TransferXL+URLs/28664/
Microsoft Out-of-Band Update fixes Authentication Issues
https://docs.microsoft.com/en-us/windows/release-health/status-windows-11-21h2#you-might-see-authentication-failures-on-the-server-or-client-for-services
Sonicwall Patch for SMA 1000
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0010
QNAP NAS Deadbolt Ransomware
https://www.qnap.com/en/security-news/2022/take-immediate-actions-to-secure-qnap-nas-and-update-qts-to-the-latest-available-version
380,000 open Kubernetes API Servers
https://www.shadowserver.org/news/over-380-000-open-kubernetes-api-servers/
Doj Annnounces New Polciy for Charging Cases under the Computer Fraud and Abuse Act
https://www.justice.gov/opa/pr/department-justice-announces-new-policy-charging-cases-under-computer-fraud-and-abuse-act
https://isc.sans.edu/forums/diary/Bumblebee+Malware+from+TransferXL+URLs/28664/
Microsoft Out-of-Band Update fixes Authentication Issues
https://docs.microsoft.com/en-us/windows/release-health/status-windows-11-21h2#you-might-see-authentication-failures-on-the-server-or-client-for-services
Sonicwall Patch for SMA 1000
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0010
QNAP NAS Deadbolt Ransomware
https://www.qnap.com/en/security-news/2022/take-immediate-actions-to-secure-qnap-nas-and-update-qts-to-the-latest-available-version
380,000 open Kubernetes API Servers
https://www.shadowserver.org/news/over-380-000-open-kubernetes-api-servers/
Doj Annnounces New Polciy for Charging Cases under the Computer Fraud and Abuse Act
https://www.justice.gov/opa/pr/department-justice-announces-new-policy-charging-cases-under-computer-fraud-and-abuse-act
Discussion
New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
Network Monitoring and Threat Detection In-Depth | Baltimore | Mar 3rd - Mar 8th 2025 |
Application Security: Securing Web Apps, APIs, and Microservices | Orlando | Apr 13th - Apr 18th 2025 |
Application Security: Securing Web Apps, APIs, and Microservices | San Diego | May 5th - May 10th 2025 |
Network Monitoring and Threat Detection In-Depth | Baltimore | Jun 2nd - Jun 7th 2025 |