Podcasts about rig exploit kit

A daily look at the relevant information security news from overnight - 22 June, 2022Episode 250 - 22 June 2022Yodel Sings the Blues- https://www.bleepingcomputer.com/news/security/yodel-parcel-company-confirms-cyberattack-is-disrupting-delivery/ Chrome Release - https://www.securityweek.com/google-patches-14-vulnerabilities-release-chrome-103Acrobat Blocks PFD Checks- https://www.bleepingcomputer.com/news/security/adobe-acrobat-may-block-antivirus-tools-from-monitoring-pdf-files/Apple Removes the Stop Signs - https://www.zdnet.com/article/apples-ios-16-will-give-you-an-alternative-to-irritating-captcha-tests/Racoon Out - Dridex In - https://thehackernews.com/2022/06/rig-exploit-kit-now-infects-victims-pcs.htmlHi, I'm Paul Torgersen. It's Wednesday June 22nd, 2022, and once again from Chicago this is a look at the information security news from overnight. From BleepingComputer.comYodel delivery service company out of the UK says they have been disrupted due to a cyberattack. Deliveries were delayed and package tracking was down, but the company says that customer payment information has not been compromised. No word on the threat actor or specific malware used, but it is assumed to be a ransomware attack. From SecurityWeek.com:Google announced the release of Chrome 103 with patches for a total of 14 vulnerabilities, including nine reported by external researchers. The most severe of these bugs is a critical-severity use-after-free issue in Base. The company paid out $44,000 in bug bounties for this batch of fixes and said they have seen no indication that any of them have been exploited in the wild. From BleepingComputer.com:Adobe Acrobat is blocking security software from having visibility into the PDF files it opens, creating a security risk for users. These security tools work by injecting DLLs into software products being launched on a machine. Acrobat is actively checking if components from 30 security products are loaded into its processes and blocks them, essentially denying them from doing their job. Adobe says they are currently working with these vendors to address the issue. Details on the article. From ZDNet.com:In a move that will break absolutely nobody's heart, when Apple rolls out iOS 16 and MacOS Ventura, it will be the first to utilize Private Access Tokens instead of CAPTCHA challenges. Cloudflare estimates that up to 500 man-years are wasted each day looking for those grainy stop signs. No word from Google on when they will introduce this for Android, but they have been in the working group with Apple shaping the authentication standard. And last today, from TheHackerNews.comThe group behind the Raccoon Stealer malware have temporarily shuttered operations after the death of one of their team members. So the operators behind the Rig Exploit Kit have swapped the Raccoon out for the Dridex financial trojan. This little nasty has the capability to download additional payloads, steal customer login information from banking websites, capture screenshots, log keystrokes, and more. You can find additional details in the article. That's all for me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.

In today's podcast we cover four crucial cyber and technology topics, including: 1.RIG Exploit Kit replaces Raccoon Stealer with Dridex 2.Yodel parcels delayed amidst cyber attack 3.Kaspersky says newly dubbed ToddyCat abusing Microsoft Exchange 4.Microsoft says service outage related to power loss I'd love feedback, feel free to send your comments and feedback to  | cyberandtechwithmike@gmail.com

In today's podcast we cover four crucial cyber and technology topics, including: 1.Microsoft points to new exploit kit targeting Internet Explorer 2.Conti updgrades BazarLoader, adds Bumblebee 3.German Wind turbine firm hit by ransomware 4.Austin Peay State University hit by ransomware I'd love feedback, feel free to send your comments and feedback to  | cyberandtechwithmike@gmail.com

Rig Exploit Kit Installs Pitou.B. Trojan https://isc.sans.edu/forums/diary/Rig+Exploit+Kit+sends+PitouB+Trojan/25068/ AWS VPC Traffic Mirroring https://aws.amazon.com/blogs/aws/new-vpc-traffic-mirroring Elastic SIEM App https://www.elastic.co/blog/introducing-elastic-siem National Emergency Alerts Potentially Vulnerable to Attack https://www.colorado.edu/today/2019/06/11/emergency-alerts

Rig Exploit Kit Installs Pitou.B. Trojan https://isc.sans.edu/forums/diary/Rig+Exploit+Kit+sends+PitouB+Trojan/25068/ AWS VPC Traffic Mirroring https://aws.amazon.com/blogs/aws/new-vpc-traffic-mirroring Elastic SIEM App https://www.elastic.co/blog/introducing-elastic-siem National Emergency Alerts Potentially Vulnerable to Attack https://www.colorado.edu/today/2019/06/11/emergency-alerts

TCP SACK Panic DoS in Linux https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md https://tools.ietf.org/html/rfc879 Logitech Pointer Recall https://www.heise.de/security/meldung/Angreifbare-Logitech-Presenter-Hersteller-tauscht-gefaehrliche-USB-Empfaenger-aus-4423627.html An Infection from the Rig Exploit Kit https://isc.sans.edu/forums/diary/An+infection+from+Rig+exploit+kit/25040/

TCP SACK Panic DoS in Linux https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md https://tools.ietf.org/html/rfc879 Logitech Pointer Recall https://www.heise.de/security/meldung/Angreifbare-Logitech-Presenter-Hersteller-tauscht-gefaehrliche-USB-Empfaenger-aus-4423627.html An Infection from the Rig Exploit Kit https://isc.sans.edu/forums/diary/An+infection+from+Rig+exploit+kit/25040/

Ep. 282 | Everything Cryptocurrency: Coinhive, RIG Exploit Kit, Olympic Malware | AT&T ThreatTraq

Conexant Audio Drivers Log Keystrokes; https://www.modzero.ch/modlog/archives/2017/05/11/en_keylogger_in_hewlett-packard_audio_driver/index.html Rig Exploit Kit Used to Send Ramnit Trojan https://isc.sans.edu/forums/diary/Seamless+Campaign+using+Rig+Exploit+Kit+to+send+Ramnit+Trojan/22404/ Encase Forensic Imager Exploit http://blog.sec-consult.com/2017/05/chainsaw-of-custody-manipulating.html

Conexant Audio Drivers Log Keystrokes; https://www.modzero.ch/modlog/archives/2017/05/11/en_keylogger_in_hewlett-packard_audio_driver/index.html Rig Exploit Kit Used to Send Ramnit Trojan https://isc.sans.edu/forums/diary/Seamless+Campaign+using+Rig+Exploit+Kit+to+send+Ramnit+Trojan/22404/ Encase Forensic Imager Exploit http://blog.sec-consult.com/2017/05/chainsaw-of-custody-manipulating.html

Rig Exploit Kit Used to Spread Locky Ransomware https://isc.sans.edu/forums/diary/Rig+Exploit+Kit+from+the+Afraidgate+Campaign/21531/ Facebook Releases osquery for Windows https://blog.trailofbits.com/2016/09/27/windows-network-security-now-easier-with-osquery/ Update Cowrie and "New" Default Password used in Internet Wide Scans https://isc.sans.edu/ssh.html?pw=xc3511 BIND Name Server Update https://kb.isc.org/article/AA-01393/74/CVE-2016-2775%3A-A-query-name-which-is-too-long-can-cause-a-segmentation-fault-in-lwresd.html Various Cisco DoS Vulnerabilities https://tools.cisco.com/security/center/publicationListing.x?product=NonCisco#~Vulnerabilities

Rig Exploit Kit Used to Spread Locky Ransomware https://isc.sans.edu/forums/diary/Rig+Exploit+Kit+from+the+Afraidgate+Campaign/21531/ Facebook Releases osquery for Windows https://blog.trailofbits.com/2016/09/27/windows-network-security-now-easier-with-osquery/ Update Cowrie and "New" Default Password used in Internet Wide Scans https://isc.sans.edu/ssh.html?pw=xc3511 BIND Name Server Update https://kb.isc.org/article/AA-01393/74/CVE-2016-2775%3A-A-query-name-which-is-too-long-can-cause-a-segmentation-fault-in-lwresd.html Various Cisco DoS Vulnerabilities https://tools.cisco.com/security/center/publicationListing.x?product=NonCisco#~Vulnerabilities

Intro/Outro: La Fouine - Controle Abusif CTF движение в Украине и мире – интервью с Николаем Ильиным @MykolaIlin Рейтинги команд CTF https://ctftime.org и успехи dcua https://ctftime.org/team/762 Популярность CTF-соревнований в Украине и мире Принципы проведения CTF http://captf.com/maxims.html Типы соревнований, тактика и стратегия участия в CTF http://felicity.iiit.ac.in/contest/break_in/ http://ructf.org/e/2014/ http://ictf.cs.ucsb.edu/ http://www.phdays.com/ctf/king/ http://c2.cnews.ru/news/top/crc_opublikovany_rezultaty_onlajnkvesta https://ctftime.org/event/list/upcoming https://www.reddit.com/r/securityctf http://captf.com/calendar/ https://time.xctf.org.cn/ctfs/event/list/upcoming Для связи с Николаем используйте Twitter или пишите на mykola.ilin@defcon.org.ua Ten Million (Logins and) Passwords https://xato.net/passwords/ten-million-passwords/ https://www.reddit.com/r/10millionpasswords/comments/2w07mf/a_list_of_flaws_in_the_data_set/ Author: https://xato.net/about/#.VOioXELpb8F Online Check: http://peersm.com/findmyass Lenovo caught installing adware on new computers http://www.tripwire.com/state-of-security/security-data-protection/superfish-lenovo-adware-faq/ http://news.lenovo.com/article_display.cfm?article_id=1929 https://github.com/hannob/superfishy Кража миллиардов из 100 финансовых организаций по всему миру http://www.kaspersky.ru/about/news/virus/2015/ugroza-na-milliard http://krebsonsecurity.com/2015/02/the-great-bank-heist-or-death-by-1000-cuts/ Anunak vs Carbanak FAQ https://www.fox-it.com/en/press-releases/anunak-aka-carbanak-update/ Microsoft Pushes Patches for Dozens of Flaws http://krebsonsecurity.com/2015/02/microsoft-pushes-patches-for-dozens-of-flaws/ Bypassing Windows Security by modifying 1 Bit Only http://thehackernews.com/2015/02/bypassing-windows-security.html Universal XSS in IE 11 http://thehackernews.com/2015/02/internet-explorer-xss.html NSA Planted Stuxnet-Type Malware Deep Within Hard Drive Firmware http://top.rbc.ru/politics/17/02/2015/54e257fe9a7947e06164f582 Решили как-то за блогерами следить http://jurliga.ligazakon.ua/news/2015/2/13/124332.htm но потом передумали http://www.pravda.com.ua/rus/news/2015/02/16/7058739/ Рада ликвидировала Нацкомиссию по вопросам морали http://news.liga.net/news/politics/5053048-rada_likvidirovala_natskomissiyu_po_voprosam_morali.htm Отчет об уязвимости моб.интернета от Positive Technologies (pdf) http://www.ptsecurity.com/download/Vulnerabilities_of_Mobile_Internet.pdf The great SIM heist https://firstlook.org/theintercept/2015/02/19/great-sim-heist/ SSL is officially declared dead https://pciguru.wordpress.com/2015/02/07/ssl-is-officially-declared-dead/ GnuPG 2.1.2 released https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000361.html Facebook SCAM Alert: Get FREE $200 Amazon Gift Card! http://www.hacker9.com/free-amazon-gift-card-facebook.html Spat leads to partial leak of Rig Exploit Kit http://threatpost.com/spat-leads-to-partial-leak-of-rig-exploit-kit/111029 Forbes.com compromised by Chinese cyber spies targeting US firms http://www.net-security.org/secworld.php?id=17938

RIG Exploit Kit, Web servers helping exploits, Android malware spies on you when device is powered off, Superfish and the Internet Weather Report. Originally recorded February 24, 2015.