meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Friday, July 31st 2020

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

News, Tech News

4.9754 Ratings

🗓️ 31 July 2020

⏱️ 6 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. SQLi and Python; Google Allowing Office 365 Phishing; Netgear/Zoom Vulns; OPNsense Update

Transcript

Click on a timestamp to play from that location

0:00.0

Hello, welcome to the Friday, July 31st, 2020 edition of the Sandcent, and at Storm Center's

0:06.6

Stormcast. My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida.

0:13.4

For the last year or so, most of the code I've written has been in Python, and well, one of the issues that I sort of noticed is that in

0:23.7

Python it's relatively easy to get SQL queries wrong meaning not to properly prepare them and

0:32.1

essentially end up with code that's vulnerable to a SQL injection. So little blog post today about this problem and, well, how to be a better coder and actually

0:44.9

do proper prepared statements in Python.

0:48.9

And CoFens, a company that's making anti-fishing email security solutions, has an interesting

0:55.7

write-up about a phishing attack that they have been observing that takes advantage of

1:01.8

Google Adservices.com. That's the legitimate domain that's being used by a lot of Google Ads.

1:09.6

So Co-Fent's presumption is that a lot of email gateways

1:14.4

will actually whitelist this domain and not flag it as suspicious. Now, once a user clicks on

1:23.5

that link, the Google Ad Services Code will redirect them just to the fishing page, and

1:30.3

as a result, the user will have no indication from their typical email security software

1:37.3

that they just clicked on anything malicious.

1:40.3

Of course, the assumption here is that Google AdServices.com, because it's often used for legitimate ads, is allowed in email gateways.

1:51.2

Personally, I would actually go to the opposite route.

1:53.7

Google AdServices.com is pretty much only used for advertisements, for user tracking, and as such, in particular, in emails, probably has

2:03.4

little value. I would just block it and remove any links that go to Google AdService.com,

2:09.0

in particular, since Google has a fairly spotty record lately with dealing with fishing and

2:16.9

the like, I personally reported some fishing links that

2:21.2

are hosted within various Google services in the last months. And the response has been

2:27.9

pretty slow in any of these cases. Maybe something to document a little bit better and write about, but that's

...

Please login to see the full transcript.

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2026.