ISC StormCast for Friday, December 22nd, 2023
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 22 December 2023
⏱️ 5 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello and welcome to the Friday, December 22nd, 2023 edition of the Sands and its Storm Center's Stormcast. |
| 0:08.9 | My name is Johannes Ulrich and I'm recording from Jacksonville, Florida. |
| 0:14.7 | The reason we are running honeypots at the United Storm Center is to figure out what vulnerabilities attackers are exploiting. |
| 0:23.5 | And again, our interns with the Sands.edu Undergraduate program are helping us to sift through |
| 0:31.7 | the logs and figure out, you know, what is new and interesting. Now, often we are sort of focusing a little bit more |
| 0:38.1 | on cutting edge recent vulnerabilities, even though the vast majority of these hit hacks is |
| 0:44.1 | looking for well-known problems. That's something pointed out by David Thompson here in |
| 0:51.1 | his diary. This diary looks at essentially some of these sort of enumeration, brute forcing attacks for different file names, seeing a ton of them. |
| 1:02.9 | And really a good reminder to, first of all, clear up any files that you no longer need on your system and properly access controlling files |
| 1:13.9 | that still need to be present. And David is going over some tricks here to show you how to do this |
| 1:20.5 | properly in Apache. And then before you go into your well-deserved holiday, probably a long weekend, you may want to quickly make sure that Google Chrome is up to date. |
| 1:34.9 | We do have a new Saturday vulnerability that was patched in Google Chrome. |
| 1:41.5 | And talking about the holidays, just a quick note here, not related to a specific |
| 1:47.2 | news story or such, but a couple of things that you probably want to look for if you are |
| 1:53.3 | in the unlucky place to be stuck at work over the weekend, sort of monitoring your systems. |
| 2:04.6 | Probably the best thing you can do during this time, if you have to be stuck at work over the weekend sort of monitoring your systems. Probably the best thing you can do during this time if you have the extra time is to carefully watch your remote access systems. And this includes |
| 2:11.4 | things like VPNs, of course systems like Citrix and such. We had a lot of attacks against that recently. Make sure that access you're seeing is legitimate. And of course, sometimes you may have in particular enabled some of these systems to allow for people who are working remotely over the holidays to be able to assist you with things like network |
| 2:36.2 | administrating tasks. Don't forget the serial consoles if you still have things like this. |
| 2:42.5 | And again, if you have some extra time, maybe a good thing to just poke around a little bit, |
| 2:47.1 | check your logs, make sure everything is up to date and look for any kind of odd |
| 2:52.7 | access patterns when it comes to these remote access systems. |
| 2:57.9 | Now for those of you spending the holidays at home with family, just a couple of reminders |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.