meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Monday, April 24th, 2023

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

Tech News, News, Technology

4.9696 Ratings

🗓️ 24 April 2023

⏱️ 6 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. DMARC in .co; X_Trader Fallout; Car Hacking; DNS Decoy Dog

Transcript

Click on a timestamp to play from that location

0:00.0

Hello and welcome to the Monday, April 24, 2020, 3 edition of the Sansonet Storm Center's

0:07.3

Stormcast. My name is Johannes Ulrich and the name I'm recording from Jacksonville, Florida.

0:14.3

Manuel this weekend published a quick summary of demarc policies within the Columbian top-level domain.

0:22.6

The overall frequencies here are probably somewhat below what we have seen in other

0:28.9

top-level domains.

0:30.4

What surprised me is that the com.com.co domain, so basically the commercial businesses, is sort of what I would expect, like 8.75%,

0:41.3

but government domains are significantly less coming in at a little bit less than 1%. If anything,

0:50.8

you would think that government domains are more likely going to implement DMARC,

0:55.6

but this may also be part of the different sort of regulatory environment in Colombia.

1:02.1

This particular diary is also published in English as well as Spanish.

1:07.8

And one of the big revelations that I talked about on Friday about the 3CX compromise was

1:13.4

that Mandjand found out that the actual compromise started with a 3CX user installing

1:21.8

X-trader trading application on a home PC. This X-Trader application apparently was compromise, and then

1:31.5

the access provided by X-Trader was leveraged to further compromise 3CX. Not a big surprise, but

1:41.1

Symantec now came forward stating that, well, X-Trader has been an issue beyond

1:47.7

3CX. There are other companies that are likely compromised here. One interesting issue

1:53.5

that Symantec points out is that X-trader is in particular useful for futures trading, in particular energy futures, and they suspect that

2:05.9

it may have been used to breach some critical infrastructure companies. I just want to say again

2:12.1

thanks to 3CX and Mannion for being so forthcoming and making these things public, because as you can see, it helps others directly protect themselves.

2:23.2

And car hacking via the Canbus appears to become more and more mainstream, with now a number of YouTube videos, and so giving at least demonstrations in some cases more tutorials about

2:36.7

how to perform these hacks. What they all have in common is that the attacker will connect

2:42.2

a device directly to the Canbus. This is essentially the network that's being used within

...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2025.