Hello, welcome to the Friday, November 4th, 2016 edition of the Sands and its Storms,

on a stormcast. My name is Johannes Ulrich and it I'm recording from Jacksonville, Florida.

All right today, I published a little tool that I'm using to extract binaries that were transmitted

via telnet using the echo command. have seen this over the last couple of years

in many of these internet of things style attacks like most recently with the miri botnet

really just a little script that you may find helpful if you ever have to investigate a packet capture that uses this particular

trick to transfer files. Dom-based cross-sides scripting vulnerabilities are really a big deal in that

many sites, many security professionals still don't quite understand what it's all about so they're

often ignored well wigs.com which is a large website that allows small business

such to create their own pages had one of those DOM-based cross-sad

scripting vulnerabilities that could be used to essentially take over anybody's account. And with that,

the exploit script could actually be added to anybody's page and essentially create a worm.

The researcher met Austin, who originally discovered the flaw, did try to get Wix.com's

attention to have it fixed and never really heard back from

them and then went forward and published all the gory details about how to exploit this publicly

in his blog. That of course got the attention of Wix.com and within a couple hours they then fixed the flaw.

It isn't clear if anybody exploited the vulnerability or if they fixed it so quickly just

because they already had a fixed stage just didn't bother to move it live yet.

NIST published a new special publication for public

review. The title of the publication is Domainame Systems-based electronic mail security. Now,

when I read the title, I expected more about DMRQ and Decim and features like that. That's actually not what it's about.

Instead, it's a very detailed, like down to compiler options and the like,

...