ISC StormCast for Friday, December 4th 2020
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 4 December 2020
⏱️ 17 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello, welcome to the Friday, December 4th, 2020 edition of the Sandsenet Storms anders Stormcast. |
| 0:07.9 | My name is Johannes Ulrich, and today, well, I'm in Jacksonville, Florida, but actually teaching at Sands Frankfurt. |
| 0:16.6 | And with that, let's take a look at what we have in Diaries. |
| 0:25.8 | Today, we have another traffic analysis quiz by Brad. |
| 0:36.4 | So if you are into analyzing P-Caps, and well, this week I'm actually teaching the intrusion detection class, so fits really well. You can take a look at what Brad has put together here for you |
| 0:41.4 | as a challenge. And you don't just get the P-Caps, you also get links to tutorials he has put |
| 0:47.4 | together in order to teach you about Viarshark and help you analyze this particular packet capture. |
| 0:55.7 | An item I probably should have covered yesterday is an article by Google Project |
| 1:00.0 | Zero's researcher Ian Beer. |
| 1:03.4 | He discovered back in, well, actually sort of a year ago, November 2019, vulnerability in iOS that Apple later fixed with iOS 1331 |
| 1:19.1 | and macOS 10153 at the end of January of this year. What makes this vulnerability so notable is that it may be exploited |
| 1:32.1 | wirelessly. It does not require any user interaction and essentially leads to a full system |
| 1:39.8 | compromise. The bug was part of Apple's wireless direct link protocol or AWDL. This is the protocol |
| 1:48.7 | that iOS and macOS devices use, for example, for Airtrop. While fundamentally, it's basically |
| 1:56.2 | 8.11, it is sort of Apple's own take on it to set up these ad hoc peer-to-peer networks. |
| 2:05.9 | And the attacker in this case would have to be able to essentially hit a particular |
| 2:10.9 | vulnerable device with a specially crafted AWL packet. |
| 2:16.4 | And what's really neat about this entire story is, first of all, |
| 2:21.0 | that Ian wrote this amazingly detailed blog post about it, but also that he went way beyond |
| 2:28.9 | actually just finding the flaw. We do have a lot of sort of wireless vulnerabilities like this, where researchers intentionally find the flaw. We do have a lot of wireless vulnerabilities like this where researchers |
| 2:36.2 | intentionally find the flaw, they are able to cause some software, maybe a system crash, |
| 2:42.0 | but that's where they stop. And if you're reading that blog post, you kind of understand why, |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.