Hello, welcome to the Thursday, December 1st, 2016 edition of the Sansonet Storm Center's Stormcast.

My name is Johannes Ulrich, and I'm recording from Jacksonville, Florida.

Mozilla today released a new version of Firefox, 50.0.2, just a couple days after it released 50.0.1. The reason for this quick update cycle was a vulnerability

that's actually already being exploited in the wild and has been made public. So the exploit code

is out there and for everybody open to inspect and copy.

The reason this was uncovered was that users of the Tor browser were attacked using

this particular exploit.

Now Tor browser is based on Firefox, so there's also a new version of Tor browser that was released today in

response to this vulnerability. So the latest version for the Tor browser is 607 and Firefox 502. If you

haven't updated today, then you're vulnerable. A little side note here, the vulnerabilities being exploited here is apparently very similar

to a vulnerability.

It was exploited a couple years ago by law enforcement in order to unmask tour users that

visited child porn sites. It's not really clear who is behind

this particular exploit. However, it's very possible that someone used that old exploit from a

couple of years ago sort of as a template to develop this new one. And then we got a couple of reports from readers that they observed in the network a significant

increase in traffic trying to exploit the sequel Slammer vulnerability for the young kids around

here.

This was back in 2003, a big thing.

Costs Nautage in parts of the internet just because of the immense amount

of traffic that the forum caused back then.

Well, in our data, it never really sort of went away over the last couple of years.

There's sort of each day about 50 or so different hosts that are scanning for this vulnerability.

...