meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Friday, August 26th 2016

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

Tech News, News, Technology

4.9696 Ratings

🗓️ 25 August 2016

⏱️ 6 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Daily 5 min infosec news summary. News, patches, vulnerabilities and trends in information security. Apple Patches #iOS 0-day; Proxy Attack Against #santander Customers;

Transcript

Click on a timestamp to play from that location

0:00.0

Hello, welcome to the Friday, August 26, 2016 edition of the Sands and its Storm Center's Stormcast.

0:07.5

My name is Johannes Ulrich, and the time recording from Jacksonville, Florida.

0:12.0

Apple today released an update for iOS in response to a vulnerability that has already been exploited in targeted attacks.

0:22.6

This particular exploit became known after an individual that was targeted by the exploit.

0:28.6

Notice that something was probably wrong with the link that he received via an SMS message.

0:34.6

So instead of clicking on the link, he forwarded the link to Citizen Lab that shared it with

0:41.8

Mobile Security Company Lookout.

0:44.0

And they discovered three different vulnerabilities that could have been used to obtain full

0:52.2

execution privileges on a vulnerable iPhone. The first vulnerability

0:57.5

is vulnerability in Safari WebKit and it does allow for remote code execution. But of

1:03.6

course at this point you're still limited by the Safari Sandbox. The second exploit then is a kernel information leak that then releases information about the kernel layout, which randomized in iOS, that then can be used in order to launch a third exploit, which leads to a jailbreak and a full compromise of the affected phone.

1:28.4

All versions of iOS were vulnerable going back to iOS version 7.

1:34.8

So the latest version of iOS 934, which was released about a month ago, was also vulnerable.

1:43.0

Today, Apple did release iOS 935, which does fix these three vulnerabilities.

1:51.0

Now, Apple usually doesn't announce updates and so far, it's a little bit hard to talk about this as an out-of-band update,

1:59.0

but usually Apple does publish updates for all of its platforms,

2:04.1

not just for iOS, and also this is relatively quick after the last update that was released

2:12.0

for iOS. It is, however, certainly possible that some of these exploits do apply to other platforms as well.

2:20.3

My suspicion is in particular the Safari WebKit exploit may actually work also on OS10 and maybe Apple TV and other devices like that,

2:32.3

given that WebKit is used across numerous platforms.

2:38.0

So update iOS as you get to it, again, this was only used in a target exploit.

2:44.0

Apparently the NSO Group, Israeli company that does offer exploits like that for sale is thought to be behind this particular

...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2025.