ISC StormCast for Monday, January 16th 2017
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 15 January 2017
⏱️ 7 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello, welcome to the Monday, January 16th, 2017 edition of the Sansonet Storm Center's Stormcast. My name is Johannes Ulrich, and the time recording from Brussels, Belgium. |
| 0:12.6 | Xavier wrote on Friday about backup files on web servers. Now, backup files, as he points out, are a good thing as long as they are outside your |
| 0:22.5 | document route. And the reason he wrote about it is that he's seeing recently a lot of scans |
| 0:29.0 | for common backup file names against his web applications. And yes, while this is not new and |
| 0:36.2 | cutting edge in any way, it's one of those |
| 0:38.5 | simple operational issues that's often overlooked. Now, while we're talking about simple operational |
| 0:44.7 | issues that aren't new but still being exploited in Apache, you often find the server status |
| 0:50.4 | page still enabled. That feature does list recent connections to the Apache server, |
| 0:57.9 | and with that, of course, you often leak confidential URLs. A new very simple tool illustrates |
| 1:04.6 | that hackers certainly are still looking for server status pages. This tool just keeps polling |
| 1:10.7 | the server status page, extract tool just keeps polling the server status page, |
| 1:12.6 | extracts all URLs, and then creates a SQLite database that, of course, can be used, |
| 1:18.1 | for example, as an input for a vulnerability scanner to further exploit any URLs that are being |
| 1:24.9 | found via that method. And last week there was a big article in The Guardian |
| 1:29.8 | about a possible weakness in the encryption of WhatsApp. Now, WhatsApp uses the same protocol as |
| 1:37.0 | Signal. And of course, both tools are heavily used by individuals who are trying to hide their conversations from governments. |
| 1:46.6 | Turns out that this particular weakness actually was discovered and discussed first back in |
| 1:53.6 | April 2016, so a little bit less than a year ago. And it's really more a design compromise in the application than |
| 2:02.8 | a back door. The problem, of course, with all of these crypto applications is how do you |
| 2:07.7 | initially verify that you're talking to the right person at first contact when you are receiving |
| 2:14.0 | whatever public key certificate or so is used to verify the sender. Now, SSL |
| 2:19.8 | user certificate authorities. We talked a lot about how that doesn't work. With WhatsApp, you |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.