ISC StormCast for Monday, November 9th 2020
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 9 November 2020
⏱️ 5 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello, welcome to the Monday, November 9th, 2020 edition of the Sansonet Storm Center's Stormcast. My name is Johannes Ulrich. And today I'm recording from Jacksonville, Florida. |
| 0:12.7 | Well, we got a couple of interesting diaries from this weekend. First of all, one from Guy about WebLogic. He took a look at his honeypot and found that the older WebLogic |
| 0:24.5 | vulnerability from January is still being exploited or attempted to be exploited. In this particular |
| 0:32.2 | case, it was a crypto coin mining script that the attacker attempted to install. |
| 0:39.1 | That's of course something we have seen for a while now. |
| 0:43.4 | And since this question came up last week, actually in an internal discussion, |
| 0:49.2 | DDA did publish a quick tip in how to use his OLLI Dump tool to extract a visual basic code |
| 0:58.0 | from malicious documents. Of course, OLLI Dump is meant to analyze these complex office documents. |
| 1:06.9 | And one of the things that it can do is point out that there are macros, |
| 1:16.9 | but you can also use it to then pretty much automatically extract the respective macro. |
| 1:24.7 | And just a follow-up to the iOS and macOS updates from last week, there was an iOS update for iOS 14 as well as one for iOS 12. |
| 1:31.6 | There was no iOS update for iOS 13. |
| 1:36.0 | The idea here is that anybody that's running 13 should be able to upgrade to 14, but you are vulnerable if you are running iOS 13. |
| 1:49.5 | Now, older versions for macOS, like macOS 1014 and 1013, we didn't see an update for those yet. |
| 1:58.7 | These are still supported, so if they're vulnerable, we should see an update for those yet. These are still supported. So if they're vulnerable, we should see an update |
| 2:04.0 | for these older versions of macOS. And let's encrypt this warning that starting September |
| 2:12.2 | next year, older versions of Android, and that's before Android version 711, will no longer recognize |
| 2:20.8 | Let's Encrypt certificates as valid. |
| 2:24.0 | The problem here is when Let's Encrypt first started out, they didn't have their own trusted |
| 2:29.7 | certificate authority, so they actually used someone else's certificate authority in order to sign their |
| 2:35.5 | certificates and ever since have cross-signed their certificates. So they're actually signed |
| 2:41.6 | with both of these root certificates, the old one, and now Let's Incript's Own Certificate. |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.