meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Thursday, April 30th 2020

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

Tech News, News, Technology

4.9696 Ratings

🗓️ 30 April 2020

⏱️ 6 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. Covid19 Tracing Protocols; Chrome Update; Sysmon Update; Shade; Honeysploit @CurtBraz

Transcript

Click on a timestamp to play from that location

0:00.0

Hello, welcome to the Thursday, April 30th, 2020 edition of the Santernet Storm Center's Stormcast.

0:07.5

My name is Johannes Ulrich, and I'm recording from Jacksonville, Florida.

0:13.3

Last week, I already mentioned some of the privacy concerns and how some of these COVID-19 tracing applications are addressing them.

0:22.0

I summarized some of this in a post today with links to all of the different standards,

0:27.8

proposed standards to be used for COVID-19 tracing.

0:32.1

So if you're interested in some of a deep dive on it,

0:34.7

you can refer to the documentation for these individual standards.

0:40.2

Also, Apple today made available a new beta of its iOS operating system. They call it now 13.5,

0:48.5

and this beta does include an early implementation of the COVID-19 tracing API.

0:56.7

Again, the iOS and the Android, they'll only include an API to facilitate the tracing.

1:03.6

The actual application that takes advantage of the API will then be provided by various health authorities around the world.

1:12.2

And Google released a security patch for Google Chrome fixes to use after free vulnerabilities

1:19.7

that, of course, could potentially be used for code execution.

1:24.1

However, the notes that Google has published so far are very sparse, so no real rating of it in the notes, other than that at least the first one of the flaws received a $10,000 buck bounty.

1:38.9

This, of course, now also affects Microsoft Edge, which is based on Chrome. Microsoft released a corresponding

1:47.8

patch earlier today. And Microsoft released updates to several SIS internal tools, in particular

1:58.0

Sysmon. Sysmon is now version 11, and one interesting new feature

2:03.3

they added is something they're calling delete monitoring, a file delete monitoring. Now, what this

2:09.5

does is it not only logs if a file is being deleted, it also may automatically save a copy of that file. The idea behind this is that attackers

2:21.5

often will delete the tools they're using to attack a system after they're done using a particular

2:27.6

tool and using this feature, it may be possible to capture some of these attack tools that the attacker intended to delete.

2:37.8

And yes, you may say that it may be possible to recover deleted files, but, well, there's a may

...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2025.