SANS Stormcast Thursday Apr 3rd: Juniper Password Scans; Hacking Call Records; End to End Encrypted GMail Surge in Scans for Juniper “t128” Default User Lasst week, we dedtect a significant surge in ssh scans for the username “t128”. This user is used by Juniper’s Session Smart Routing, a product they acquired from “128 Technologies” which is the reason for the somewhat unusual username. https://isc.sans.edu/diary/Surge%20in%20Scans%20for%20Juniper%20%22t128%22%20Default%20User/31824 Vulnerable Verizon API Allowed for Access to Call Logs An API Verizon offered to users of its call filtering application suffered from an authentication bypass vulnerability allowing users to access any Verizon user’s call history. While using a JWT to authenticate the user, the phone number used to retrieve the call history logs was passed in a not-authenticated header. https://evanconnelly.github.io/post/hacking-call-records/ Google Offering End-to-End Encryption to G-Mail Business Users Google will add an end-to-end encryption feature to commercial GMail users. However, for non GMail users to read the emails they first must click on a link and log in to Google. https://workspace.google.com/blog/identity-and-security/gmail-easy-end-to-end-encryption-all-businesses keywords: gmail; google; verizon; t128; juniper