AT&T Tech Channel
AT&T Archives: Similiarities of Wave Behavior (Bonus Edition)
updated
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Originally recorded on December 12, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Originally recorded on October 18, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Originally recorded on August 16, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Originally recorded on August 8, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Originally recorded on August 2, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Originally recorded on July 6, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Originally recorded on June 28, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Originally recorded on June 14, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Originally recorded on June 8, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Originally recorded on April 24, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Register for the 2022 AT&T Security Conference at security-conference.att.com
Originally recorded on May 10, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Originally recorded on April 26, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
thehackernews.com/2022/04/fbi-shut-down-russia-linked-cyclops.html
The Episode follows ports:
636 : LDAPS
989 : FTPS Protocol (DATA)
990: FTPS Protocol (CONTROL)
992: TELNET Protocol over TLS/SSL
994: ircs [Secure IRC]
995: pop3s [POP3 over TLS/SSL]
3269: msft-gc-ssl [Microsoft Global Catalog with LDAP/SSL]
8443: Pcsync HTTPS [ Common alternate HTTPS port]
Originally recorded on April 12, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Resources:
msrc-blog.microsoft.com (Microsoft security blog for Azure impacts)
cisa.gov/uscert/apache-log4j-vulnerability-guidance (CISA)
logging.apache.org/log4j/2.x/security.html (Apache)
Originally recorded on March 29, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Matt shares some interest port activity on Internet Weather:
Port 52869/TCP (Realtek SDK Miniigd UPnP SOAP)
Port 55555/TCP (UPnP?)
Originally recorded on April 5, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Port 9010/TCP (HikVision Ezviz)
Port 5555/TCP (Android Remote Debug)
Originally recorded on March 15, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
• Port 139/TCP (NetBIOS)
• Port 443/TCP (HTTPS)
• Port 445/TCP (SMB)
• Port 2323/TCP (Telnet alternate)
Matt Keyser, Brian Rexroad and Manish Jain of the AT&T Chief Security Office discuss the week's top cybersecurity news, and share news on the current trends of malware, spam, and internet anomalies observed on the AT&T Network.
Originally recorded on February 17, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Originally recorded on February 17, 2022. AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com.
Hackers steal $1.9 million in KLAYswap attack. Matt Keyser, Brian Rexroad and Manish Jain of the AT&T Chief Security Office discuss the week's top cybersecurity news, and share news on the current trends of malware, spam, and internet anomalies observed on the AT&T Network.
Originally recorded on February 17, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Spambots are rampant in social media. How do they work? How can you stop them? Matt Keyser, Brian Rexroad and Manish Jain of the AT&T Chief Security Office discuss the week's top cybersecurity news, and share news on the current trends of malware, spam, and internet anomalies observed on the AT&T Network.
Originally recorded on February 17, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Originally recorded on February 8, 2022. AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com.
Meris Botnet SOCKS Proxy
Stan Nurilov, Tony Tortorici and George Graziano of the AT&T Chief Security Office discuss the week's top cybersecurity news, and share news on the current trends of malware, spam, and internet anomalies observed on the AT&T Network.
Originally recorded on February 8, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Originally recorded on February 8, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Microsoft announced they will make it difficult to enable VBA macros. Stan Nurilov, Tony Tortorici and George Graziano of the AT&T Chief Security Office discuss the week's top cybersecurity news, and share news on the current trends of malware, spam, and internet anomalies observed on the AT&T Network.
Originally recorded on February 8, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
IRS will transition away from using facial recognition to help authenticate people creating new online accounts. Stan Nurilov, Tony Tortorici and George Graziano of the AT&T Chief Security Office discuss the week's top cybersecurity news, and share news on the current trends of malware, spam, and internet anomalies observed on the AT&T Network.
Originally recorded on February 8, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
thehackernews.com/2022/01/north-korean-hackers-using-windows.html
North Korean hackers are using a Windows update to infect PCs with malware. Ganesh Kasina, Andy Benavides and Chris deRocco of the AT&T Chief Security Office discuss the week's top cybersecurity news, and share news on the current trends of malware, spam, and internet anomalies observed on the AT&T Network.
Originally recorded on February 1, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Port 389/udp
Port 18888/tcp
Ganesh Kasina, Andy Benavides and Chris deRocco of the AT&T Chief Security Office discuss the week's top cybersecurity news, and share news on the current trends of malware, spam, and internet anomalies observed on the AT&T Network.
Originally recorded on February 1, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Originally recorded on February 1, 2022. AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com.
LockBit Ransomware evolves to target Linux Systems. Ganesh Kasina, Andy Benavides and Chris deRocco of the AT&T Chief Security Office discuss the week's top cybersecurity news, and share news on the current trends of malware, spam, and internet anomalies observed on the AT&T Network.
Originally recorded on February 1, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
More than 45,000 devices have been compromised in a widely distributed UPnP NAT injection campaign. Ganesh Kasina, Andy Benavides and Chris deRocco of the AT&T Chief Security Office discuss the week's top cybersecurity news, and share news on the current trends of malware, spam, and internet anomalies observed on the AT&T Network.
Originally recorded on February 1, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
How to assess and prioritize vulnerabilities. John Hogoboom and Manny Ortiz of the AT&T Chief Security Office discuss the week's top cybersecurity news, and share news on the current trends of malware, spam, and internet anomalies observed on the AT&T Network.
Originally recorded on January 26, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Originally recorded on January 26, 2022. AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com.
Protocol 47 (GRE)
Ports 2375/tcp and 2376/tcp (Docker)
Port 8883/tcp (alternate http)
John Hogoboom and Manny Ortiz of the AT&T Chief Security Office discuss the week's top cybersecurity news, and share news on the current trends of malware, spam, and internet anomalies observed on the AT&T Network.
Originally recorded on January 26, 2022
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
A memory corruption vulnerability found in polkit’s pkexec allows any unprivileged user to gain full root privileges on a vulnerable host. John Hogoboom and Manny Ortiz of the AT&T Chief Security Office discuss the week's top cybersecurity news, and share news on the current trends of malware, spam, and internet anomalies observed on the AT&T Network.
Originally recorded on January 26, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Port 5555/TCP (Android Remote Debug Bridge)
Port 389/UDP (LDAP)
Matt Keyser and Jim Clausing of the AT&T Chief Security Office discuss the week's top cybersecurity news, and share news on the current trends of malware, spam, and internet anomalies observed on the AT&T Network.
Originally recorded on January 18, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Originally recorded on January 18, 2022. AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com.
Researchers outline vulnerabilities that commonly occur in kernel drivers. Matt Keyser and Jim Clausing of the AT&T Chief Security Office discuss the week's top cybersecurity news, and share news on the current trends of malware, spam, and internet anomalies observed on the AT&T Network.
Originally recorded on January 18, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Hospital stops ransomware within hours of the attack by quick thinking and good planning. Matt Keyser and Jim Clausing of the AT&T Chief Security Office discuss the week's top cybersecurity news, and share news on the current trends of malware, spam, and internet anomalies observed on the AT&T Network.
Originally recorded on January 18, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Originally recorded on January 18, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Originally recorded on January 11, 2022. AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com.
Port 389/udp
Port 20005/tcp
Port 8291/tcp and 8728/tcp
Stan Nurilov, John Markley and Michael Klepper of the AT&T Chief Security Office discuss the week's top cybersecurity news, and share news on the current trends of malware, spam, and internet anomalies observed on the AT&T Network.
Originally recorded on January 11, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Norton 360 now ships with a program which lets customers make money mining virtual currency. Stan Nurilov, John Markley and Michael Klepper of the AT&T Chief Security Office discuss the week's top cybersecurity news, and share news on the current trends of malware, spam, and internet anomalies observed on the AT&T Network.
Originally recorded on January 11, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Originally recorded on January 11, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
A vulnerability found in smart home iOS app that can exploited to crash iOS devices. Stan Nurilov, John Markley and Michael Klepper of the AT&T Chief Security Office discuss the week's top cybersecurity news, and share news on the current trends of malware, spam, and internet anomalies observed on the AT&T Network.
Originally recorded on January 11, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Attackers could remotely exploit a high severity flaw in KCodes NetUSB to execute code in the kernel. Stan Nurilov, John Markley and Michael Klepper of the AT&T Chief Security Office discuss the week's top cybersecurity news, and share news on the current trends of malware, spam, and internet anomalies observed on the AT&T Network.
Originally recorded on January 11, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com
Originally recorded on January 4, 2022. AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com.