Hello, welcome to the Friday, January 11th, 2019 edition of the Sand Center Storm Center's Stormcast.

My name is Johannes Ulrich, and I'm recording from Jacksonville, Florida.

It was just when I sort of got started in security around May 2000 that the I Love You Warm went around spreading emails with the subject

line of I Love You.

Well, old tricks never die.

We have a diary today from Brad talking about how actually pretty much sort of identical

almost emails are being used today to spread

the latest crypto coin miners and ransomware. The subject lines are sort of love letter related.

The extensions actually just like the old extensions back then in May of 2000s are using sort of double extensions like

dot Txt or dash txt dot SIP in this case back in the old days it was more straightforward

dot VBS well and the SIP file then of course includes a script just like what the old I Love

You virus back in 2000 included and

that then will install additional malware.

So really almost the only difference between the 2000 version and this version is that the

attachment is compressed and well it's now installing different malware.

In talking about old vulnerabilities that are not going away, Juniper today released two sets of patches.

The first one affects June OS and fixes eight different vulnerabilities. Two of these vulnerabilities have a CVSS

score of 9.8. Both affect lip XML 2. And the first one is again sort of a classic. It's a

format string vulnerability. Second one is somewhat more modern in that it is a remote entity insertion.

Now, the second set fixes 13 vulnerabilities in Juniper's advanced threat protection,

and it's so advanced, it includes two hard-coded credential vulnerabilities,

both with a CVSS score of 10 that allow the attacker to fully control

...