ISC StormCast for Monday, November 6th 2017
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 6 November 2017
⏱️ 5 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello, welcome to the Monday, November 6th, 2017 edition of the Sansonet Storms and as Stormcast. My name is Johannes Ulrich and the name is Johnnard. I'm recording from Jacksonville, Florida. |
| 0:13.7 | Militious PDFs are certainly still quite common and it is important to be able to quickly triage these PDFs to figure out what they are about. |
| 0:25.5 | Now, DDA posted two diaries with updates to his PDF parser Python script. |
| 0:32.6 | The script now allows you to extract URLs that may be listed in the PDF. It also allows you to retrieve |
| 0:40.1 | the text part, which gives you an idea what the content of the PDF is if you would have |
| 0:46.1 | opened it in a PDF reader. And this weekend, we also had another edition of the Pohn to Own contest, |
| 0:53.9 | again at Paxack West. Now in the past |
| 0:57.8 | the name Pone to Own came from the attacker being allowed to essentially keep a device that |
| 1:04.0 | they're hacking. Since then some substantial bounties were added to the contest. The final result, well, all devices being offered for this contest have been compromised. |
| 1:17.6 | The Samsung Galaxy S8 was sort of the loan holdout for a while there, but eventually, yes, it was preached as well. |
| 1:27.5 | It took a total of 11 different bucks in six different applications to actually be able to execute code on the device, leak sensitive data, and also gain persistency after a reboot. |
| 1:43.5 | Apple was represented with an iPhone 7, which fell on the first day. |
| 1:48.6 | The iPhone 8 and 10 wasn't available early enough, I believe, in order to be part of this contest. |
| 1:58.0 | And OpenSSL released an update on Friday it fixes one moderate and one low severity vulnerability. |
| 2:06.8 | The moderate vulnerability essentially leads to a weakening of RSA and DSA private keys. |
| 2:15.3 | So it would essentially take less resources than it should to prudeforce these keys. So it would essentially take less resources than it should to prude for us |
| 2:20.7 | these keys, but according to the advisory, it still does take substantial resources that are |
| 2:27.9 | typically not readily available unless you're up against state-sponsored actors. |
| 2:35.1 | This vulnerability only affects a certain more recent Intel processor as well as AMD |
| 2:42.3 | Risen processors that are equipped with the BMI 1, BMI 2 and ADX extensions, which are |
| 2:50.3 | used by OpenSL to improve performance. |
| 2:54.5 | So moderate seems to be the right classification for these vulnerabilities and I don't think |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.