# SANS ISC

The DAA File Format, (Fri, Aug 16th) Fri, 16 Aug 2019 20:49:50 GMT
In diary entry "Malicious .DAA Attachments", we extracted a malicious executable from a Direct Access Archive file.
ISC Stormcast For Friday, August 16th 2019 https://isc.sans.edu/podcastdetail.html?id=6624, (Fri, Aug 16th) Fri, 16 Aug 2019 03:00:03 GMT
Analysis of a Spearphishing Maldoc, (Thu, Aug 15th) Thu, 15 Aug 2019 19:45:11 GMT
A spearphishing attack with a VBA maldoc on US utility companies was mentioned in SANS NewsBites Vol. 21, Num. 61. I always like to take a look at malicious documents mentioned in the news. Luckily for me, Proofpoint&#;x26;#;39;s analysis includes the hashes of the maldocs, and one maldoc can be found on VirusTotal.
ISC Stormcast For Thursday, August 15th 2019 https://isc.sans.edu/podcastdetail.html?id=6622, (Thu, Aug 15th) Thu, 15 Aug 2019 03:00:03 GMT
ISC Stormcast For Wednesday, August 14th 2019 https://isc.sans.edu/podcastdetail.html?id=6620, (Wed, Aug 14th) Wed, 14 Aug 2019 03:00:03 GMT
Recent example of MedusaHTTP malware, (Wed, Aug 14th) Wed, 14 Aug 2019 00:00:51 GMT
Introduction
August 2019 Microsoft Patch Tuesday, (Tue, Aug 13th) Tue, 13 Aug 2019 20:16:14 GMT
This month we got patches for 93 vulnerabilities total. According to Microsoft, none of them are being exploited.
ISC Stormcast For Tuesday, August 13th 2019 https://isc.sans.edu/podcastdetail.html?id=6618, (Tue, Aug 13th) Tue, 13 Aug 2019 03:00:03 GMT
Malicious .DAA Attachments, (Mon, Aug 12th) Mon, 12 Aug 2019 18:10:48 GMT
Reader Jason submitted a suspicious file he received via email: attachment Swift Detail.daa
ISC Stormcast For Monday, August 12th 2019 https://isc.sans.edu/podcastdetail.html?id=6616, (Mon, Aug 12th) Mon, 12 Aug 2019 03:00:03 GMT

# threatpost.com

Fake News and Influence: Information Warfare in the Digital Age Fri, 16 Aug 2019 21:05:25 +0000
It's been around forever, but in a modern digital era marked by influence campaigns and deep fakes, information warfare has become much easier to carry out.
ThreatList: 4.1B Records Exposed in Breaches in First Half of 2019 Fri, 16 Aug 2019 19:54:38 +0000
The number of exposed records has hit record highs in just the first two quarters.
Breached Passwords Still in Use By Hundreds of Thousands Fri, 16 Aug 2019 19:40:37 +0000
More than 300,000 users still utilize credentials that have been compromised - with people visiting video streaming and porn sites most at fault, Google found in a new study.
News Wrap: DejaBlue Bugs and Biometrics Data Breaches Fri, 16 Aug 2019 19:05:05 +0000
From the biometrics of one million being exposed, to new Microsoft Bluekeep-like threats, Threatpost discusses the top news of the week.
HTTP Bugs Open Websites to DoS Attacks Thu, 15 Aug 2019 19:20:38 +0000
Eight vulnerabilities in the HTTP/2 server implementations were found in vendors Amazon, Apple, Microsoft and Apache.
Energy Sector Phish Swims Past Microsoft Email Security via Google Drive Thu, 15 Aug 2019 18:49:07 +0000
The savvy technique of avoiding malicious links in the email allowed the phishing attack to reach its targets.
Apache Security Advisories Red Flag Wrong Versions in Patching Gaffe Thu, 15 Aug 2019 18:41:37 +0000
Up to 24 Apache Struts Security Advisories listed the wrong versions that were impacted by vulnerabilities, researchers warn.
Choice Hotels Breach Showcases Need for Shared Responsibility Model Thu, 15 Aug 2019 17:04:15 +0000
700,000 customer records were exposed after being housed on a vendor's server that lacked appropriate security.
Clickjacking Evolves to Hook Millions of Top-Site Visitors Thu, 15 Aug 2019 16:16:47 +0000
Researchers said that clickjacking is a threat that's evolving, with new tactics just starting to emerge.
Fingerprints of 1M Exposed in Public Biometrics Database Wed, 14 Aug 2019 19:46:30 +0000
A publicly accessible database exposed the fingerprints and facial recognition information of millions, thrusting biometrics security into the spotlight once again.

# Reddit netsec

# Krebs On Security

Meet Bluetana, the Scourge of Pump Skimmers Wed, 14 Aug 2019 12:25:32 +0000
"Bluetana," a new mobile app that looks for Bluetooth-based payment card skimmers hidden inside gas pumps, is helping police and state employees more rapidly and accurately locate compromised fuel stations across the nation, a study released this week suggests. Data collected in the course of the investigation also reveals some fascinating details that may help explain why these pump skimmers are so lucrative and ubiquitous.
Patch Tuesday, August 2019 Edition Tue, 13 Aug 2019 21:57:13 +0000
Most Microsoft Windows (ab)users probably welcome the monthly ritual of applying security updates about as much as they look forward to going to the dentist: It always seems like you were there just yesterday, and you never quite know how it's all going to turn out. Fortunately, this month's patch batch from Redmond is mercifully light, at least compared to last month.
SEC Investigating Data Leak at First American Financial Corp. Mon, 12 Aug 2019 20:30:17 +0000
The U.S. Securities and Exchange Commission (SEC) is investigating a security failure on the Web site of real estate title insurance giant First American Financial Corp. that exposed more than 885 million personal and financial records tied to mortgage deals going back to 2003, KrebsOnSecurity has learned.

# Bruce Schneier's blog

# TWITTER

?>

# WIRED Threat Level

# exploit-db.com

# Securiteam

News/Blogs

anti-virus-rants.blogspot.com
appsecstreetfighter.com
arbornetworks.com
blackbag.nl
blog.c22.cc
blog.didierstevens.com
blog.fireeye.com
blog.metasploit.com
blog.rootshell.be
blogs.iss.net
bugtraq mailing list
carnal0wnage.attackresearch.com
cnet insecurity-complex
cognitivedissidents.wordpress.com
computerworld.com
corelan.be
cybersec.eu
darkreading.com
ethicalhack3r.co.uk
full disclosure mailing list
gnucitizen.org
h-online.com security
ha.ckers.org
infosecisland.com
infosyssec.org
intotheboxes
isc.sans.org
krebsonsecurity.com
lcamtuf.coredump.cx
net-security.org
packetstan.com
packetstormsecurity.org
pauldotcom.com
samy.pl
schneier.com
securityfocus.com
shadowserver.org
skullsecurity.org
theregister.co.uk security
thoughtcrime.org
threatpost.com
vulnfactory.org
wired threat level
www.heise.de/security
xs-sniper.com
xssed.com
zone-h.org

Tools

exploit-db.com
google translate
ikat
internet archive
ipcalc
JS password generator
mozilla plugincheck
nslookup
openwall.com
owasp.org
robtex.com
shodanhq.com
virustotal.com
whois
xss cheat sheet
zeltser.com/cheat-sheets

?>