ISC StormCast for Thursday, March 14th, 2024
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 14 March 2024
⏱️ 5 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello and welcome to the Thursday, March 14th, 2020, 4 edition of the Sands. |
| 0:06.7 | And it's Stormstarst, Stormcast. My name is Johannes Ulrich. And today I'm recording from |
| 0:11.4 | Jackstville, Florida. Large language models like chat GPT are making so many tasks easier. |
| 0:19.6 | Now, a lot of people talk about the offensive side of it, |
| 0:22.6 | how chat GPT can be tricked into writing malware, writing exploit. Xavier today took a more |
| 0:29.8 | defensive look at chat GPT and explored if it's at all useful, helping the obfuscate malicious Python scripts. |
| 0:39.5 | And while it actually worked pretty well, this particular script had two obfuscated lines. |
| 0:47.1 | One was a byte sequence that was first decompressed and then base 64 decoded. |
| 0:56.2 | Chad GPT did a great job in not only the obvious skating the code, |
| 1:00.5 | but also kind of explaining what it does, basically check whether or not there is network connectivity. |
| 1:07.2 | Xavier is promising more diaries like it, in particular. |
| 1:20.6 | He says he's working currently on integrating chat GPT with JITRA, everybody's favorite open source reverse analysis tool. And while we are not done with patches yet as often after patch Tuesday, we sort of have cleanup Wednesday, where we cover |
| 1:29.8 | some additional patches. Let me start with probably the more serious ones here. I would actually |
| 1:35.2 | rate this particular set of vulnerabilities worse than the vulnerabilities patched by Microsoft, |
| 1:42.4 | and they are released by 40Net and are part of 40 OS and 40 proxy. |
| 1:50.3 | The vulnerabilities that are being addressed here do have a CSS rating of 9.8 and 8.1 respectively |
| 1:58.3 | and could allow an attacker to seize complete control of vulnerable systems. |
| 2:04.9 | Now, one thing that Fortinet here suggests as a workaround is to not rely on form-based |
| 2:14.0 | authentication instead to use something like basic HTTP authentication or NTLM. |
| 2:22.6 | Nina, one of them is actually that great, but the one big thing that these authentication mechanisms |
| 2:28.8 | do, and I think actually I mentioned this sort of as one kind of workaround yesterday is that they |
| 2:36.5 | prevent any custom code from being executed before authentication happens, substantially |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.