4.9 • 696 Ratings
🗓️ 19 January 2023
⏱️ 6 minutes
🧾️ Download transcript
Click on a timestamp to play from that location
0:00.0 | Hello and welcome to the Thursday, January 19th, |
0:04.2 | 2003 edition of the Sands and at Storm Center's Stormcast. |
0:09.8 | My name is Johannes Ulrich. |
0:11.7 | And today I'm recording from Jacksonville, Florida. |
0:15.9 | And thanks again for Google to make it really easy to find interesting new malware samples by basically just |
0:22.8 | searching for legitimate software. Brad has written up in his usual, very informative style, |
0:31.2 | a recent infection that used a fake ad for Notepad plus plus. |
0:41.4 | The attacker here misspelled the domain a little bit, |
0:43.5 | Notopod Bloss Bluss. |
0:47.2 | So instead of a U here, an O, |
0:51.5 | to probably pass some of the detections that people may have set up for look-alike domains, but in the end, |
0:56.3 | the victim ends up downloading a malicious application from a look-alike website that will then, |
1:04.8 | if installed, provide the Aurora Steeler malware. |
1:09.9 | The malware itself that the user downloaded from the website does trigger a generic warning |
1:15.3 | by Microsoft Defender Smart Screen. |
1:18.2 | But really all it says is that it's an unrecognized app, so an unknown publisher, |
1:24.3 | which someone who's pretty convinced that they just downloaded Notepad++ from a |
1:29.9 | legitimate site will probably ignore just putting it off that, well, a smart screen didn't |
1:36.6 | recognize that particular application. |
1:41.3 | And Oracle did release its quality critical patch update or CPU as Oracle calls it and it fixes as typical for this quality patch update about 300 plus vulnerabilities. Quite a number of critical vulnerabilities here in, sort of a lot of 9.8 vulnerabilities. |
2:02.6 | Many of these vulnerabilities are really just based on a couple different open source packages that are being used across the Oracle products. |
2:15.6 | For example, Spring Security, |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2025.