Handler on Duty: Didier Stevens
Threat Level: green
Podcast Detail
From LNK to BAT; MSFT Teams Scams; MSFT Office LOLBAS; Android App Versioning; Aruba; Mitel
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://chrt.fm/track/2748D7/https://traffic.libsyn.com/securitypodcast/8602.mp3
My Next Class
Application Security: Securing Web Apps, APIs, and Microservices | Washington | Dec 13th - Dec 18th 2024 |
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
Interested in Internet Storm Center stickers? Check here if there are still some available for today.
From small LNK to large malicious BAT file with zero VT score
https://isc.sans.edu/diary/From%20small%20LNK%20to%20large%20malicious%20BAT%20file%20with%20zero%20VT%20score/30094
Social Engineering via Microsoft Teams
https://www.microsoft.com/en-us/security/blog/2023/08/02/midnight-blizzard-conducts-targeted-social-engineering-over-microsoft-teams/
Automating the Search for LOLBAS
https://pentera.io/resources/whitepapers/the-lolbas-odyssey-finding-new-lolbas-and-how-you-can-too/
Sneaky Versioning Used to Bypass Scanners
https://thehackernews.com/2023/08/malicious-apps-use-sneaky-versioning.html
Aruba Patches
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-010.txt
Mitel Patches
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0008
https://isc.sans.edu/diary/From%20small%20LNK%20to%20large%20malicious%20BAT%20file%20with%20zero%20VT%20score/30094
Social Engineering via Microsoft Teams
https://www.microsoft.com/en-us/security/blog/2023/08/02/midnight-blizzard-conducts-targeted-social-engineering-over-microsoft-teams/
Automating the Search for LOLBAS
https://pentera.io/resources/whitepapers/the-lolbas-odyssey-finding-new-lolbas-and-how-you-can-too/
Sneaky Versioning Used to Bypass Scanners
https://thehackernews.com/2023/08/malicious-apps-use-sneaky-versioning.html
Aruba Patches
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-010.txt
Mitel Patches
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0008
Discussion
New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form
Application Security: Securing Web Apps, APIs, and Microservices | Washington | Dec 13th - Dec 18th 2024 |
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
Network Monitoring and Threat Detection In-Depth | Baltimore | Mar 3rd - Mar 8th 2025 |
Application Security: Securing Web Apps, APIs, and Microservices | Orlando | Apr 13th - Apr 18th 2025 |