Hello, welcome to the Friday, September 20th, 2019 edition of the Santernut Storm Center's Stormcast.

My name is Johannes Ulrich.

And then I'm recording from Stockholm, Germany.

Xavier today looked at a recent sample of Agent Tesla.

That's a Trojan that typically then exfiltrates data from its victims.

What was sort of a little bit special about this particular sample was that it was

exfiltrating data via SMTP, but it used the submit port, Port 587.

Unlike Port 25, which is often blocked in corporate networks and also

by isps port 587 is specifically designed to connect to your own mail server and port 587

typically does require authentication so this is why this particular Trojan used Port 587 to send its emails instead of the Port 25.

That's usually sort of associated with SMTP.

And of course, one of the big non-security tech news items today is the release of iOS 13 from Apple.

Now, with these feature releases, we also get a number of security improvements and fixes.

As I'm recording, this Apple has not yet made available.

The security details for iOS 13, Safari 13, which was also released as well as WatchOS 6.

So don't have any real details here, but for Safari 13, we do have the release nodes and they do list some new

security and privacy features that were added to this latest version of the browser.

Part of the one that sticks out the most to me is Fido2 support.

So if you have a USB security key, it should be working now with Safari. Have to play with this a little bit myself. I don't think it's supporting the older U2F format, which is actually something we do support on the ISC website. We'll probably have to wait a couple days until I get to play with this.

And then we got a new release of Samba, the open source implementation of the SMB file sharing

protocol.

And yeah, it's particularly popular with Linux distributions.

...