ISC StormCast for Friday, December 1st 2017
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 1 December 2017
⏱️ 15 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello, welcome to the Friday, December 1st, 2017 edition of the Santernut Storm Center's Stormcast. My name is Johannes Ulrich, and I'm recording from Augusta, Georgia. |
| 0:12.2 | Brad today has a nice write-up telling you what the Emotette Malver has been up to recently. This particular malware family has been a more or less |
| 0:22.0 | consistent presence over the last few months. Anti-malver, like Windows Defender, for example, |
| 0:28.9 | as Pratt points out, is doing a pretty good job in identifying it now. Also, according to Pratt, |
| 0:36.7 | recent samples haven't really been able to fully infect |
| 0:40.3 | Windows 10. However, if you're still using Windows 7, you may be more susceptible to this type |
| 0:47.8 | of malware. So, short lesson here, keep your system up to date, keep some reasonable anti-malry enabled, and these |
| 0:56.0 | sort of everyday threats should pretty much be dealt with. Brad currently finds emotech |
| 1:03.1 | mostly in these invoice spam emails, which many users now are able to correctly identify, |
| 1:15.8 | but then again, remember, the holiday season is coming up, |
| 1:18.5 | and with that, a lot of users, for example, |
| 1:24.0 | tend to be more susceptible to things like fake shipping notifications or notifications about shipping delays. |
| 1:28.1 | So I would look out for Malvert taking advantage of these type of lures. |
| 1:34.6 | And starting July next year, Google Chrome may limit how third-party software is allowed to interact with Chrome. |
| 1:44.6 | Up to now, third-party software was able to inject its own code into Chrome |
| 1:49.3 | in order to, for example, manipulate how web pages are being displayed. |
| 1:54.9 | There are two important groups of software that legitimately use this feature. |
| 2:00.1 | First of all, accessibility software, but then also anti-malware software. |
| 2:06.8 | Turns out that users of such software experienced significantly more crashes of Google Chrome. |
| 2:14.5 | So what Google is going to do is that they're going to push these particular |
| 2:21.5 | pieces of software to alternative ways to interact with Chrome. It's no longer really necessary |
| 2:28.5 | for this software to do, to inject its own code, which appears to be the part that really causes most of these problems. |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.