meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Thursday, August 6th 2020

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

Tech News, News

4.9754 Ratings

🗓️ 6 August 2020

⏱️ 6 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. Malware Analysis Quiz; MacOS PoC Exploit; iOS OAuth2 Vuln; NSA Location Privacy Guide

Transcript

Click on a timestamp to play from that location

0:00.0

Hello, welcome to the Thursday, August 6th, 2020 edition of the Sandcent Storms, and Stormcast. My name is Johannes Ulrich.

0:08.6

And the time I'm recording from Jacksonville, Florida.

0:12.6

I've mentioned a few times how educational brats' diaries are. Whenever he writes about malware,

0:18.6

he usually includes all the evidence and then walks you

0:22.6

through how to analyze this particular malware, usually with sort of a very traffic-centric

0:28.6

lens. Now, he's upping his game here a little bit and varied the format, and the latest one that he

0:36.9

published today is actually written as a challenge

0:41.0

where you get to solve part of the malware and actually try to extract the malware. Now plenty of

0:48.6

hints here and yes he also gives you the answer at least as part of the files that you can download.

0:57.5

So again, a great learning opportunity and here even with sort of a little bit of a challenge to solve.

1:04.7

And then we got an interesting proof of concept exploit and more details regarding a vulnerability that was patched by Apple

1:12.8

in its July update. This update was released for macOS on July 24th. It's now MacOS 10156. If you're

1:24.5

running an older version, you're vulnerable to this set of vulnerabilities.

1:29.4

And it's really a set of vulnerabilities in that it's three distinct vulnerabilities that together can be used to actually execute arbitrary code as root.

1:41.9

Essentially gives you full privilege escalation. These vulnerabilities also bypass

1:46.8

system integrity protection or SIP, which is the feature that even restricts what root can do

1:53.0

so an attacker could not only become root but also install malicious software into any of these specially protected location. So again, there are three

2:05.0

different vulnerabilities that are sort of being abused here. All of them have been fixed. And if you

2:11.0

are looking for the details, you can find them at the Objective C blog. Now, that blog is usually run by Patrick Wardle,

2:18.8

but this vulnerability was found by Ilius Morad,

2:23.2

a security researcher from Germany.

2:26.6

Let me have a second vulnerability actually affecting Apple devices.

...

Please login to see the full transcript.

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2026.