2018-036-Derbycon 2018 Audio with Cheryl Biswas and Tomasz Tula

Pizza Party Link -

https://www.eventbrite.com/e/brakesec-derbycon-pizza-meetup-tickets-50719385046

News stories-

Software/library bloat

http://tonsky.me/blog/disenchantment/

https://hackernoon.com/how-it-feels-to-learn-javascript-in-2016-d3a717dd577f

https://gbhackers.com/hackers-abusing-windows-management-interface-command-tool-to-deliver-malware-that-steal-email-account-passwords/

https://hackerhurricane.blogspot.com/2016/09/avoiding-ransomware-with-built-in-basic.html

https://www.zdnet.com/article/windows-utility-used-by-malware-in-new-information-theft-campaigns/

https://attack.mitre.org/wiki/Technique/T1170 - HTA file malware examples

https://nakedsecurity.sophos.com/2018/09/26/finally-a-fix-for-the-encrypted-webs-achilles-heel/

https://www.bbc.com/news/technology-45686890 -

(facebook account hack)

https://github.com/eset/malware-ioc/blob/master/sednit/lojax.adoc IOC’s from various malware

UEFI rootkit - https://www.bleepingcomputer.com/news/security/apt28-uses-lojax-first-uefi-rootkit-seen-in-the-wild/

Block These Extensions:

File Extension File Type

.adp Access Project (Microsoft)

.app Executable Application

.asp Active Server Page

.bas BASIC Source Code

.bat Batch Processing

.cer Internet Security Certificate File

.chm Compiled HTML Help

.cmd DOS CP/M Command File, Command File for Windows NT

.cnt Help file index

.com Command

.cpl Windows Control Panel Extension(Microsoft)

.crt Certificate File

.csh csh Script

.der DER Encoded X509 Certificate File

.exe Executable File

.fxp FoxPro Compiled Source (Microsoft)

.gadget Windows Vista gadget

.hlp Windows Help File

.hpj Project file used to create Windows Help File

.hta Hypertext Application

.inf Information or Setup File

.ins IIS Internet Communications Settings (Microsoft)

.isp IIS Internet Service Provider Settings (Microsoft)

.its Internet Document Set, Internet Translation

.js JavaScript Source Code

.jse JScript Encoded Script File

.ksh UNIX Shell Script

.lnk Windows Shortcut File

.mad Access Module Shortcut (Microsoft)

.maf Access (Microsoft)

.mag Access Diagram Shortcut (Microsoft)

.mam Access Macro Shortcut (Microsoft)

.maq Access Query Shortcut (Microsoft)

.mar Access Report Shortcut (Microsoft)

.mas Access Stored Procedures (Microsoft)

.mat Access Table Shortcut (Microsoft)

.mau Media Attachment Unit

.mav Access View Shortcut (Microsoft)

.maw Access Data Access Page (Microsoft)

.mda Access Add-in (Microsoft), MDA Access 2 Workgroup (Microsoft)

.mdb Access Application (Microsoft), MDB Access Database (Microsoft)

.mde Access MDE Database File (Microsoft)

.mdt Access Add-in Data (Microsoft)

.mdw Access Workgroup Information (Microsoft)

.mdz Access Wizard Template (Microsoft)

.msc Microsoft Management Console Snap-in Control File (Microsoft)

.msh Microsoft Shell

.msh1 Microsoft Shell

.msh2 Microsoft Shell

.mshxml Microsoft Shell

.msh1xml Microsoft Shell

.msh2xml Microsoft Shell

.msi Windows Installer File (Microsoft)

.msp Windows Installer Update

.mst Windows SDK Setup Transform Script

.ops Office Profile Settings File

.osd Application virtualized with Microsoft SoftGrid Sequencer

.pcd Visual Test (Microsoft)

.pif Windows Program Information File (Microsoft)

.plg Developer Studio Build Log

.prf Windows System File

.prg Program File

.pst MS Exchange Address Book File, Outlook Personal Folder File (Microsoft)

.reg Registration Information/Key for W95/98, Registry Data File

.scf Windows Explorer Command

.scr Windows Screen Saver

.sct Windows Script C...