Hello, welcome to the Monday, August 12, 2019 edition of the Sands and the Storms,

and the Starms, Stormcast. My name is Johannes Ulrich. And then I'm recording from Jacksonville,

Florida. Xavier wrote up an interesting all-Javascript fishing page. Now, unlike the

fishing page that I talked about like about a week ago,

where we actually were able to recover the Fishing Kit based on a misconfigured server. In this case,

well, you don't need that because the entire Fishing Page is self-contained in JavaScript,

including the submission of any collected credentials.

This, of course, enables an attacker to use any web server where they're able to upload a page to.

They don't necessarily rely on running any code on the compromised server.

And if you're owning a modern Canon DSLR camera, you probably need to apply a firmware update.

Researchers at Checkpoint identified multiple vulnerabilities in the picture transfer protocol.

This is a protocol that many of these new cameras support in order

to transfer images over Wi-Fi. These protocols replace the more traditional USB-based

picture transfer to a host computer. And since they're over Wi-Fi, of course, they may also

be used unprotected in particular

as a photographer if you are using public hotspots. To launch the attacks an attacker

has to know a unique identifier for the camera which can typically be sniffed off the network.

The attack including code execution was demonstrated at Black Hat and of course they're

sort of putting out a little bit the prospect that someone may be able to install ransomware

on the camera to then encrypt pictures.

Updated firmware from Canon has been available for about a week now and I will link

to Canon's advisory in the show notes.

...