ISC StormCast for Tuesday, August 25th 2020
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 25 August 2020
⏱️ 6 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello, welcome to the Tuesday, August 25th, 2020 edition of the Sands and its Storm Center's |
| 0:06.5 | Stormcast. My name is Johannes Ulrich. And then I'm recording from Jacksonville, Florida. |
| 0:14.0 | Today in Diaries, we got a quick walkthrough from Xavier on how to track Malware through Virus Total. One of the nice things, of course, |
| 0:23.3 | with a large database of Malware like Virus Total is that you can look for similar pieces of |
| 0:29.8 | malware than the one that you may have detected in your environment. Now, some of the features |
| 0:35.2 | discussed here do require a paid subscription to Virus total, but it can be quite valuable to actually figure out that, for example, a piece of malware has been detected by others as well, or that variations of this malware have already been seen in the past, which often allows you to |
| 0:56.6 | sort of combine different threat actors or threats to one particular threat actor. |
| 1:04.1 | And today, many school districts, at least in the United States, did start their academic |
| 1:10.0 | year again, and with that, of course, |
| 1:13.1 | much of this happened online and it put some strain on calmly used online services. Zoom, for |
| 1:21.7 | example, had some outages. There's also some talk about some issues with Microsoft Office 365. Not sure if that was related to the opening of the school year, but also some education-specific services like learning management systems and such, in part, had a hard time coping with the large number of users, |
| 1:47.0 | of course, working from home and starting school online. |
| 1:51.4 | By the afternoon Eastern time, most of this looked like it was resolved. |
| 1:55.7 | We'll have to see throughout the week if there are any repeat issues like that, probably best to be ready |
| 2:03.6 | and have a backup plan. And yesterday I mentioned how a Guy wrote a diary of RDP servers being |
| 2:12.1 | hunted even on off ports like Port 23. We have more and more evidence that really RDP servers |
| 2:21.1 | are the low-hanging fruit that all kinds of attackers |
| 2:25.8 | are going after a little bit late to the game maybe is apparently Iran. |
| 2:30.6 | At least group IB is fingering Iran as one group that's going after RDP servers. |
| 2:38.7 | The attack is pretty much always the same, no matter who does it. |
| 2:42.4 | And of course, attribution always take it with a large crane of salt. |
| 2:47.0 | But it comes down to password brute forcing, usually, credential stuffing, |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.