meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Thursday, November 10th 2016

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

Tech News, News, Technology

4.9696 Ratings

🗓️ 9 November 2016

⏱️ 5 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Daily 5 min infosec news summary. News, patches, vulnerabilities and trends in information security. DoS Turns of Heat to Finish Appartments; #DLink HNAP Vuln; 2 MSFT Bug PoCs

Transcript

Click on a timestamp to play from that location

0:00.0

Hello, welcome to the Thursday, November 10th, 2016 edition of the Sandsenet Storm Center's Stormcast. My name is Johannes Ulrich and the day I'm recording from Jacksonville, Florida.

0:12.2

Residents in an apartment building in Finland were apparently without heat for over a week due to a denial of service attack against the building's management systems.

0:24.2

The result of the denial of service attack was that the heat management system of the building

0:29.2

could no longer connect to a central server. Now, the connection to that central server is

0:35.3

important in order to alert maintenance personnel and such

0:39.3

about dangerous conditions like overpressure.

0:42.3

So the fail save was that the system rebooted in order to establish the connection again

0:49.3

and shut down until it was able to set up the connection.

0:55.0

So essentially it was sort of hung in this infinite reboot loop as a result of a simple denial of service attack.

1:02.0

Not sure why it took over a week to fix. Apparently all they had to do in the end was to set up a firewall to isolate the system from malicious traffic and only

1:12.6

allow connections to the management server and sticking with the end of thanks here

1:17.6

for another story we do have a new vulnerability in D-Link routers this one

1:22.6

affects the HNAP protocol the home network administration protocol, which has been the source of vulnerabilities in the past.

1:32.6

Here, yet again, if you have a problem with an XML parser that could be used to execute arbitrary code.

1:39.0

The problem here is the vulnerability can be triggered using the login function,

1:43.5

so you don't actually have to be authenticated to the device in order to trigger the vulnerability.

1:50.0

The link has not responded to the vulnerability report.

1:54.0

So there is a patch available at this point.

1:57.0

In general, do never ever expose the admin interface of any device like

2:03.4

that to the internet it's just asking for trouble I don't think there is a secure

2:08.5

implementation of any one of these admin interfaces out there right now the

2:13.7

advisory does include exploit code for arm and MIPs processors, so this should cover the range of

...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2025.