meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Monday, December 3rd 2018

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

Tech News, News, Technology

4.9696 Ratings

🗓️ 3 December 2018

⏱️ 7 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. KingMiner; Siglent Osciloscope Vuln; Autocad Malware;

Transcript

Click on a timestamp to play from that location

0:00.0

Hello, welcome to the Monday, December 3, 2018 edition of the Sandcent Storm Center's Stormcast. My name is Johannes Ulrich, and today I'm quoting from Jacksonville, Florida.

0:13.2

Checkpoint is writing about a recent crypto coin miner that they came across, they're calling King Miner. Now, King Miner has been

0:21.4

around for a while, but it's one of those CryptoCoin Miners that keeps evolving in this

0:28.5

latest version. They cleaned, modified, somewhat the configuration file for it. This latest

0:35.0

version will also add a number of register keys with the value test in it.

0:39.1

Based on the write-up by checkpoint, you're not really clear what this is about, but it could be

0:43.8

sort of a check whether or not it's already running here. And of course, one countermeasure that

0:50.0

people sometimes take is that they pre-create these register keys, sometimes cause of immunizing

0:56.7

the system to infection, and of course, malware as a result is then going to change these names

1:04.0

and values from time to time in order to evade these inoculations.

1:08.8

But in general, I think what we're seeing here is that these

1:11.3

crypto coin miners they keep evolving. Yes, cryptocurrencies are decreasing in value,

1:16.5

but they're not cheap enough where there's no point in mining them as long as

1:22.1

you don't pay for the power and hardware. Now the next story isn't really about a product that you probably have in your network.

1:31.3

It's a fairly high-end oscilloscope made by Sikland that does suffer from vulnerabilities.

1:39.3

Now, the reason I mention this here is this is sort of a story that's close to my heart from way back over a decade ago

1:46.7

in my physics days or so when I started to observe how some high-end oscilloscopes back then

1:52.2

like tectronics and such really ran windows and usually a server version of windows on the

1:59.6

back end and obscured the fact with sort of your usual

2:03.6

buttons and dials that you're used to from an oscilloscope.

2:07.7

The reason these vulnerabilities in measurement equipment like this are so critical is that

2:13.9

this high-end equipment you most often find in your most secretive research labs,

...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2025.