ISC StormCast for Friday, March 11th, 2022
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 11 March 2022
⏱️ 6 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello, welcome to the Friday, March 11, 2020 edition of the Sansonet Storm Center's Stormcast. My name is Johannes Ulrich, and I'm recording from London, England. Didn't I tell you not to upload documents to Virus Total that you don't mind essentially becoming public. Well, Xavier took a look at |
| 0:23.5 | VirusTotal and found a number of documents within VirusTotel's database that do contain credentials. |
| 0:33.6 | Others of little interesting outcome here is also some of the credentials that he found are obviously from Turkey, and with that your top 10 passwords are also somewhat different in what you see in other top 10 passwords lists. |
| 0:49.1 | For example, you see things like Turkish soccer teams in the top 10 and other specific vocabulary. |
| 0:57.8 | There's also something to keep in mind for pen testers that in particular, if you are testing |
| 1:02.9 | a site that's not English, the standard password lists that are often published, focus more |
| 1:09.6 | on English speakers, and may not work as well for |
| 1:13.2 | these other non-English sites. And Finnish authorities are reporting about issues with |
| 1:19.9 | GPS along the Finnish-Russian border. This has happened in the past during Russian military exercises in the area, but apparently |
| 1:31.6 | this time no respective notice was issued in order to alert aviation of these problems. |
| 1:39.3 | Now, planes for the most part can fly just fine without GPS, but apparently there is a smaller airport |
| 1:46.3 | in Savalina in Finland, close to the Russian border, that had to stop service because for |
| 1:53.4 | that airport, no alternative ways are possible for navigation. GPS issues, of course, can also affect IT, in particular if you are relying for GPS for |
| 2:07.5 | time synchronization. Typically, the differences that are caused by this kind of jamming are |
| 2:13.8 | not significant enough to really sort of cause any significant issues here, but if you're |
| 2:18.6 | concerned about this, you may need to consider using an internal time standard. |
| 2:25.5 | Now, given the sanctions against Russia, the Russian websites are having a hard time renewing |
| 2:31.8 | some of the TLS certificates that they obtained from commercial |
| 2:36.8 | certificate authorities because, well, they don't really have a good way to pay for these |
| 2:41.0 | certificates. In response, Russia now proposed setting up its own certificate authority and already |
| 2:48.5 | has a website set up and some websites have already started using |
| 2:53.6 | that internal certificate authority. |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.