Hello and welcome to the Friday, January 13th, 2003 edition of the Sansonet Stormsanders Stormcast.

My name is Johannes Ulrich and I'm recording from Jacksonville, Florida.

In Diaries today, well, Russ is back and Russ likes to talk about tools.

This time it's Praweller version 3. Praweller is a tool to

essentially audit and assess your cloud configuration security. What's sort of unique about

it is that it does AWS and Asia. A lot of the tools that are similar are only sort of focusing on one particular cloud provider.

And apparently there are also plans to include Google and Oracle's cloud.

And version 3 is now rewritten in Python.

So all you need for installation is PIP.

And now Russ is walking through through the basics of getting going with Browler in his diary.

Also has some sample output to basically tell you if this is something that you would like to look into more closely.

Daniel Milledjik did post an interesting write-up about their experience with a pre-compromised Android TV.

Now, in our data, we do see a lot of scans for port 5,55555.

This is the Android debug port, and people are often asking, well, you know,

why people are still looking for it? Normal Android phones are not listening on this port. But

actually, it turns out that Android TV sticks and such often still do. And, well, this was only

one of the problems with Daniel's device here.

It came with not just one but apparently multiple pieces of malware pre-installed that were

happily communicating with their command control server.

And in this case it didn't just happen to be sort of the usual

spyware and such that you find on these devices in order to basically monitor your browsing

habits and things like this, but pretty much simple outright malware that was also a kind

...