ISC StormCast for Monday, December 7th 2020
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 7 December 2020
⏱️ 6 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello, welcome to the Monday, December 7th, 2020 edition of the Sandcent Storm Center's Stormcast. My name is Johannes Ulrich, |
| 0:09.9 | and I'm recording from Jacksonville, Florida. And I'm done teaching in Europe, at least virtually, next class. |
| 0:19.0 | Well, a week from today again virtually online and well the sort |
| 0:25.3 | of virtual location will be Washington DC I'll be teaching the defending web |
| 0:31.3 | education security class at a CDI nothing terribly exciting in Diaries today. |
| 0:40.0 | One scanner for proxy servers by GE, seeing a ton of these scans, usually going actually |
| 0:47.9 | for a more common domain, something like Google or Yahoo or such, to see if they can connect to that site. |
| 0:58.1 | In this case, they looked for a very specific custom host name, which may indicate that they even |
| 1:05.3 | encode the IP address or such as part of the host name. |
| 1:11.4 | Of course the goal here is for the attacker to then use the proxy if available in order |
| 1:17.8 | to launch additional attacks. |
| 1:22.0 | And you may have done it before or maybe you saw others doing it and that's where you pixelate certain parts of a document |
| 1:30.9 | as you publish it in order to protect, for example, a password. |
| 1:38.3 | And typically, a human is not able to read that hidden word, but turns out that there is still enough information |
| 1:47.9 | left to properly recover whatever was typed. There is a new little script now written |
| 1:56.4 | by Sipke Milama, and Sipke here came up with a Python script that essentially uses the fact the algorithm that all these tools use in order to pixelate text. |
| 2:10.4 | First of all, they're not really creating black and white pixels. |
| 2:14.0 | They're creating various shades of gray, which of course then holds some information about the original text. |
| 2:24.3 | And while the recovered image isn't perfect, it's usually close enough where you at least have a pretty good idea what the original text was. |
| 2:35.0 | The script has been published on GitHub, so you can experiment with this and see if maybe any |
| 2:41.0 | documents that you published with pixelated content can be reversed. |
| 2:47.0 | And then we got a very brief but potentially interesting vulnerability announcement from the Apache Tomcat project. |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.