ISC StormCast for Monday, July 18th, 2022
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 18 July 2022
⏱️ 5 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello, welcome to the Monday, July 18, 2020 edition of the Sands and the Storm Center's |
| 0:06.8 | Stormcast. My name is Johannes Ulrich and I'm back here recording in Jacksonville, Florida. |
| 0:15.2 | Well, with a number of handers, of course, also traveling back home from Sands Fire. We didn't have a lot happening here at the |
| 0:23.6 | internet storm center, Diddy, who was stuck at home, did publish a quick diary? Just a little hint |
| 0:31.8 | if his zipdump.py tool doesn't open because it says that a file is being used by another process. |
| 0:39.4 | It may actually be the tool itself, and that's what happened to him here. |
| 0:45.9 | And Google in its Google Play Store has so far always listed any permissions that apps |
| 0:53.5 | required from the particular device they were installed |
| 0:57.4 | on. These lists were created automatically and often were criticized for really not being all |
| 1:04.2 | that telling and somewhat hard to read for at least non-security professionals. Well, Google kind of fixed some of that by adding a data |
| 1:15.3 | safety section. This data safety section is up to the developer. So the developer may indicate |
| 1:21.7 | how the data is being used in a particular application. But turns out that this appears to now replace the old permission list. |
| 1:31.5 | The problem here, of course, is that information that was automatically generated by Google |
| 1:36.7 | based on the code in the application is being replaced with data provided by the developer, |
| 1:43.3 | and there doesn't appear to be sort of any check really |
| 1:46.7 | in place to see if the developer's information here is truthful or even detailed enough. |
| 1:54.6 | Michael Raman, who did tweet about this change, suggests that a better option may have been instead of having the |
| 2:02.3 | fairly sort of cryptic and obscure titles for the various permissions replaced by something |
| 2:08.4 | that's more human readable and easier recognized by users. |
| 2:14.3 | Talking about the Google Play Store researcher, Maxime In Crowe, did find a number of malicious pieces of software in Google's Play Store that are a bit more stealthy than what has been done in the past. |
| 2:30.5 | In particular, this malware does not use a web view instead of just the business plane |
| 2:37.2 | HTTP requests in order to communicate with the command control server, just connects |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.