Hello, welcome to the Monday, October 7th, 2019 edition of the Science and with Storm Center's

Stormcast. My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida.

Our handler Russ has been using the statistical computing language, a lot lately and has yet another article

with some tips and tricks about how to use it during forensics and incidents response.

In this latest installment, Russ is taking on the R package with Network, which displays network-related data in a link

diagram, making it easy to identify the topology of a network and how attacks, network

traffics, or whatever you're trying to map to it, is really sort of affecting the network

and interacting with the network.

It also includes some interesting features like the Louvain community detection feature.

That is a mathematical method that actually allows you to identify related systems, for example,

members of a botnet, parts of a certain organization or subnet.

So if you need to identify, for example, command control servers or such, he's showing how

this particular feature can be quite useful.

Next, we got a few Android related items.

Google made public details regarding a vulnerability in the Android kernel.

The use after free vulnerability in the Android binder driver had been patched, but apparently

resurfaced in the most recent Android Linux version, specific

phones like for example the Pixel 2 and some Samsung phones as well appear to be still

vulnerable running this latest kernel.

Now this is a purge escalation vulnerability, so an attacker to take advantage of it already

has to have code running on the phone.

This would be code for example that a user downloads from some app store and then installs.

...