meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Friday, October 12th 2018

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

Tech News, News, Technology

4.9696 Ratings

🗓️ 11 October 2018

⏱️ 6 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. Equation Editor is Back;

Transcript

Click on a timestamp to play from that location

0:00.0

Hello, welcome to the Friday, October 12, 2018 edition of the Sansanet Storm Center's Stormcast. My name is Johannes Ulrich and the I'm recording from Honolulu, Hawaii.

0:13.4

You may remember last year's equation editor vulnerability. The equation editor was a component of Microsoft Office. Microsoft Office has

0:24.0

since removed this component because, well, it was sort of one of those legacy components

0:28.5

that was apparently quite buggy. And Microsoft really didn't want to bother with maintaining

0:35.3

it anymore. But nevertheless, exploits still exist that try

0:40.3

to take advantage of these old vulnerabilities. Xavier just ran into some malicious spam that

0:48.8

exploited just this equation editor vulnerability. It actually didn't run it first in his sandbox because the

0:55.9

equation editor was no longer installed in it but once installed it would happily

1:01.6

download a Trojan and run it. And if you do own a Sony Pravia Smart TV, well

1:09.8

it's a time to update Sony released an update for these TVs,

1:14.4

fixing three vulnerabilities. The most critical of them is a command injection vulnerability.

1:20.7

When a user uploads an media file, the file name is mishandled and as a result arbitrary code can be executed.

1:30.3

The two other vulnerabilities are first of all a directory to reversal vulnerability that allows you to access files that you're not supposed to access

1:38.3

and the third and last vulnerability is a stack-based buffer overflow. The last vulnerability can be exploited via

1:45.8

an HTTP request, so this is potentially remotely executable. Now, you should never expose

1:53.9

these TVs to the open internet, so make sure your firewall blocks any access from outside

2:00.7

your network.

2:02.6

Now, while a lot of home networks rely on NAT to provide some basic isolation here,

2:09.5

remember that you may be running IPV6 on your home network.

2:13.4

Most ISPs supported now for home users, and while it may be very difficult for an attacker

2:19.8

to guess the TV's IP address, they certainly may be able to figure it out if you, for

2:25.5

example, use a web browser on the TV and use it to visit a malicious website.

...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2025.