ISC StormCast for Tuesday, August 17th, 2021
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 17 August 2021
⏱️ 5 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello, welcome to the Tuesday, August 17, 2021 edition of the Sands and its Storm Center's Stormcast. My name is Johannes Ulrich, and I'm recording from Stockheim, Germany. |
| 0:14.1 | I talked before about Malware Bazaar. That's the website that allows you to download Malva that other people contributed to |
| 0:22.5 | their repository, including in daily badges. And now the problem of course with these daily |
| 0:28.4 | badges is you get a ton of files and the day today has some tips on how to easier filter these batches with some simple YARA rules and sip dump. |
| 0:44.0 | So a great way to look at individual samples and filter them out, and of course, the DA is also |
| 0:49.3 | providing some sample YARA rules to get you started. An IOT Inspector company that's dealing with firmware analysis and looking for vulnerabilities in |
| 1:01.0 | firmware has taken a closer look at the RTL 8,000 series of systems on a chip. |
| 1:09.0 | You probably have heard of these systems before. They're very |
| 1:12.8 | commonly used to implement Wi-Fi functionality in particular in lighterweight devices like |
| 1:19.3 | home-based routers and such. And of course, IoT Inspector being a company looking for |
| 1:26.0 | vulnerabilities. Yes, they wrote a blog because they found |
| 1:29.2 | some in this particular type of chip set. The vulnerabilities were found in their software |
| 1:36.0 | development kit that is commonly used by vendors to implement their own custom software |
| 1:42.8 | for these chips. |
| 1:46.0 | And while, IOT Inspector identified about 65 different vendors that used this particular |
| 1:53.6 | chip set and as a result are now vulnerable to have their devices taking over remotely. IOT Inspector released plenty of details |
| 2:04.3 | about these vulnerabilities, so it shouldn't be all too difficult to develop exploits for it. |
| 2:11.2 | As an end user, of course, you need to wait for the vendor of the particular piece of equipment that you're using to release |
| 2:19.6 | and update. The IOT Inspector blog has a list of possibly vulnerable devices attached to it. |
| 2:28.3 | I doubt that the list is complete. It's mostly based on some scanning via Shodan and such that IOT inspector did. |
| 2:39.5 | Start TLS has always been sort of a little bit of an ugly workaround if you're trying to negotiate a |
| 2:45.7 | TLS connection on the fly, not necessarily knowing ahead of time whether or not a particular service supports TLS. |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.