ISC StormCast for Monday, June 5th 2017
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 5 June 2017
⏱️ 8 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello, welcome to the Monday, June 5th, 2017 edition of the Sands and at Storm Center's Stormcast. |
| 0:07.4 | My name is Johannes Ulrich, and I'm recording from Jacksonville, Florida. |
| 0:12.6 | Fishing has long been used to capture a variety of different credentials and financial credentials, of course, like bank accounts accounts have always been at the top of |
| 0:23.7 | the list now with Bitcoin becoming more valuable fishing scams that are now going after |
| 0:29.6 | credentials for Bitcoin exchanges and Bitcoin wallets themselves of course are becoming more |
| 0:36.2 | popular. A Bitcoin wallet is really nothing more than a |
| 0:40.6 | key pair, the secret key that you keep on your own system. Sometimes you deposit it with a Bitcoin |
| 0:47.6 | exchange to make it easier to trade Bitcoins and then the public key, essentially the address |
| 0:53.3 | that people use to send you Bitcoin. |
| 0:56.4 | In the case of a Bitcoin exchange account, all that is often required in order to gain access |
| 1:02.0 | to this Bitcoin wallet is a username and a password. Xavier wrote up one recent incident. He documented |
| 1:10.5 | a phishing attempt against users of blockchain, |
| 1:13.6 | one of the larger and more established Bitcoin companies that hosts users' Bitcoin wallets. |
| 1:21.6 | Blockchain does offer two-factor and SMS-based authentication as an option, but apparently doesn't require it. |
| 1:31.3 | Now Xavier also found part of the code used by the attacker on the affected website was used as a fishing page. |
| 1:40.3 | As so often the website was compromised and the fishing site was then added to an existing website |
| 1:46.6 | in a sub-directory. The email address receiving harvested credentials was still present on the server, |
| 1:53.1 | but most of the remainder of that fishing kit had been removed by the time Xavier looked at it. One common technique to inspect a possibly |
| 2:05.7 | malicious link is to hover over it. Usually you'll see the actual URL the link refers to and you're |
| 2:13.6 | easier than able to figure out whether this link is actually malicious. |
| 2:18.8 | In PowerPoint, however, links may still trigger macro execution if a user just hovers over a link. |
| 2:27.6 | This has recently been exploited in some malicious PowerPoint files, according to several |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.