meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Monday, March 25th 2019

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

Tech News, News, Technology

4.9696 Ratings

🗓️ 24 March 2019

⏱️ 6 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. Reversing Golang; Reading QR Codes; Pwn2Own; Java Card Vulnerabilities

Transcript

Click on a timestamp to play from that location

0:00.0

Hello, welcome to the Monday, March 25th, 2019 edition of the Sansonet Storm Center's Stormcast.

0:08.0

My name is Johannes Ulrich, and I'm recording from Madrid, Spain.

0:13.7

We got a couple of nice diaries this weekend.

0:17.4

Actually, my favorite was probably the one from Friday by Remko, where he talked about

0:23.4

reverse analyzing malware written in Go. Go is Google's programming language, and it has become

0:30.8

quite popular, mostly, I think, for network software, because it has quite nice networking capabilities,

0:38.3

but also has some fairly easy and lightweight threats,

0:42.3

which of course is always nice if you, for example, want to write a server

0:45.3

that's able to deal with multiple connections.

0:48.3

Remco is going through some of the initial steps in getting started with Go language. For example, because the

0:56.0

binaries are all statically linked, they tend to be quite large, so they're usually compressed

1:02.0

and going forward how to then decompile some of the Go code. And then we got two diaries by

1:10.2

D.D. One actually deals with some malware that uses the Velvet of the Go Code. And then we got two diaries by DD.

1:17.0

One actually deals with some malware that uses the Velvet Sweatshop password. If you remember, this was something we wrote about last year, that old Word documents

1:23.7

used that password as of a default encryption password.

1:39.3

So if you encrypt current Word documents with this password, they're automatically decrypted by Word, but still in some cases may sneak past antivirus. And the second diary by the DA gives you a quick Python script to read QR codes.

1:46.1

This is useful for some of the recent extortion emails that are using QR codes in order to communicate the Bitcoin address.

1:53.8

And then, of course, some filters that you set up to find Bitcoin addresses, well, they may not trigger.

2:01.4

And this weekend we had yet another edition of the Pone to Own Hacking Contest, and yet again,

2:08.0

pretty much all software being presented to the teams did fall.

2:13.5

They developed exploits against Firefox, Safari, Microsoft Edge, Windows 10, Virtual Box, and

2:22.0

VMware. First time this time, they also had a Tesla car available for hacking, and yes,

...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2025.