meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Tuesday, August 1st 2017

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

Tech News, News, Technology

4.9696 Ratings

🗓️ 1 August 2017

⏱️ 6 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. Outlook Patches; Social Media Recon; ShieldFS Protecting Files

Transcript

Click on a timestamp to play from that location

0:00.0

Hello, welcome to the Tuesday, August 1st, 2017 edition of the Sandsenet Storm Center's Stormcast. My name is Johannes Ulrich, and today I'm reporting from Nashville, Tennessee.

0:12.3

Just a quick update on the SMB denial of service attack that I talked about yesterday, also known as SMB Loris.

0:20.8

One of the questions that came up is if this again just affects SMB version 1.

0:26.9

It does appear to affect all versions of SMB.

0:31.6

And actually one user on Twitter is reporting that on Windows 10, he tried to disable all versions of SMB and the system was still vulnerable.

0:43.6

Now, once he disable all versions of SMB, of course, there may still be a demon listening on 445.

0:50.8

It will just reject any request. But then again, this particular request is initial as the

0:59.3

connection is being set up. So it may still be accepted. So that's why I don't discount this

1:06.2

particular report. And remember standard best practice like disabling port 445 on your perimeter will prevent

1:17.2

this attack and it's only a denial of service even though a nasty one in that it does require

1:24.2

the system to be rebooted manually.

1:33.0

And Microsoft on Friday released a security update for Outlook. This particular update fixes three different vulnerabilities, the versed of which can be used

1:39.6

to execute arbitrary code.

1:42.2

In order to trigger the vulnerability, the user has to first open an

1:47.4

attachment. Now, this also supersedes an update was released in June. The June update had a number of

1:55.4

problems. These problems have also been addressed with this latest patch.

2:02.1

So don't be too surprised if you do see the pop-up for an update for Microsoft Outlook.

2:09.2

And this does not appear to be just a re-release of the June update because the CVE numbers

2:15.9

for these three vulnerabilities are different from the ones being

2:19.4

addressed in June. So this is June's update plus fixes for bucks introduced by the June update

2:27.1

plus fixes for new vulnerabilities. And SecureWorks last week reported at Blackhead that they believed to have

2:36.7

uncovered a fake social media profile that was used by Iranian hackers in order to make

...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2025.