meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Monday, March 18th 2019

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

Tech News, News, Technology

4.9696 Ratings

🗓️ 18 March 2019

⏱️ 6 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. Putty Updates; Fijitsu Keyboards; Signed Malware; Ubuntu 14.04 Support Ends; Mirai News

Transcript

Click on a timestamp to play from that location

0:00.0

Hello, welcome to the Tuesday, March 19th, 2019 edition of the Sansand-Storm Center's Stormcast. My name is Johannes Ulrich. And today I'm recording well still from a yet-to-be-disclosed location at one submission so far that got actually pretty close.

0:19.4

Well, to start out with, today we got a new version of Patti, the favorite Windows

0:25.6

ZH client.

0:26.6

This update fixes four vulnerabilities, two of which actually could trigger buffer overflows

0:34.6

if you're connecting to a malicious server.

0:38.1

There's another kind of interesting vulnerability where if you are running Puddy from a directory

0:43.2

that also contains a malicious Windows help, so one of those CHM files, that could also lead

0:50.5

to code execution. And as the update points out, this is, for example, very possible

0:56.3

if you are running Puddy directly from the download folder from your browser. Also interesting

1:03.8

about this, the vulnerabilities were disclosed via Hacker 1. The European Union actually started a bug bounty program a while ago I think I

1:14.3

mentioned it and funds essentially the hacker one part of this disclosure so even though

1:21.4

putty is free in open source software you can still get a bug bounty if you're finding vulnerabilities in it.

1:30.3

Well, the second vulnerability we have is actually initially sounded like nothing all that special

1:36.5

vulnerabilities in wireless keyboards. We have seen them a lot where essentially there's no

1:41.2

encryption being used or if the encryption is just a simple XOR.

1:46.0

So it was a little bit surprising to find a vulnerability in the Fujitsu keyboard that actually uses AS to encrypt keystrokes.

1:56.0

The problem here is not the usual sort of eavesdropping attack, but instead a key injection attack.

2:03.6

The problem is not with the keyboard, but with the USB receiver that comes with the keyboard.

2:09.6

This receiver will not just accept encrypted keystrokes from the authentic keyboard,

2:16.6

but if someone manages to create an unencrypted keystrokes from the authentic keyboard but if someone manages to create an

2:20.0

unencrypted keystroke signal that's accepted as well so really the encryption

2:26.5

is only optional and while the keyboard seems to implement it correctly anybody

...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2025.