September 3rd, 2020

My tweets

  • Wed, 15:23: Mirai Botnet Attack IoT Devices via CVE-2020-5902: Based on the workaround published for CVE-2020-5902, we found a Mirai botnet downloader that can be added to new malware variants to scan for exposed Big-IP boxes for intrusion and deliver the malicious… https://t.co/45Vp1YFVFQ https://t.co/FJeZB8P5HE
  • Wed, 18:41: Water Nue Phishing Targets Execs’ Office 365 Accounts: A series of ongoing BEC campaigns that uses spear-phishing schemes on Office 365 accounts has been seen targeting senior positions of over 1,000 companies across US and Canada since March 2020. https://t.co/5vxP88y6La https://t.co/9KHjjRlNd8
  • Wed, 19:49: Patch Tuesday: Fixes for Important Vulnerabilities: The August batch of Patch Tuesday updates includes 120 updates for the Microsoft suite, with 17 fixes rated as Critical, and the remaining 103 ranked as Important. ZDI disclosed 11 flaws, five of which… https://t.co/ndZCdiBoou https://t.co/6FTynZufHY
  • Wed, 22:00: XCSSET Mac Malware: Infects Xcode Projects, Uses 0Days: Further investigation led us to a developer’s Xcode project that contained XCSSET source malware, which leads to a rabbit hole of malicious payloads. Most notable in our investigation is the… https://t.co/f8Cl1fUNCz https://t.co/0MiHzxq77F
  • Thu, 03:30: How Unsecure gRPC Implementations Can Compromise APIs: This blog discusses the security pitfalls that developers might face when shifting to gRPC and implementing gRPC in their projects. We provide recommendations on how to protect gRPC implementations… https://t.co/EXpmZuTLDK https://t.co/kwVxOaIQf5
  • Thu, 07:21: Black Hat Trip Report – Trend Micro: Trend Micro presented two important talks on IIoT vulnerabilities at Black Hat USA 2020. The first discussed weaknesses in proprietary languages used by industrial robots, while the second discussed vulnerabilities in… https://t.co/hfSZAwPNh3 https://t.co/LTBNkoxlEI
  • Thu, 08:31: Connected Security Solutions Help City of Tyler: Supporting a population of approximately 107,000, City of Tyler's CIO's vision relies on the use of data to deliver exceptional services to citizens, today and into the future. https://t.co/qHMMC20s0g https://t.co/7kBZTd44an
  • Thu, 11:42: CVE-2020-1380: Analysis of Recently Fixed IE Zero-Day: As part of August’s Patch Tuesday, Microsoft patched one zero-day vulnerability that targeted Internet Explorer 11, specifically CVE-2020-1380. It is a use-after-free bug in Internet Explorer's… https://t.co/rJwZNUgXmC https://t.co/slDrrZku1E