ISC StormCast for Tuesday, December 6th 2016
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 6 December 2016
⏱️ 6 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello, welcome to the Tuesday, December 6, 2016 edition of the Sansonet Storm Center's Stormcast. My name is Johannes Ulrich, and if I'm recording from Jacksonville, Florida. |
| 0:12.4 | For those of you into reverse engineering, Malver, Did he put together some videos for you that describe the recent Hank Hattor Malver that he wrote about. In his video, |
| 0:23.7 | he gives you a walkthrough through the analysis of this particular Malveh. It was sort of interesting |
| 0:28.6 | because it did actually actively bypass some whitelisting techniques. Now, anybody dealing |
| 0:36.3 | with credit card numbers probably realized that |
| 0:39.8 | prude-forcing credit card numbers is certainly a possibility. However, apparently |
| 0:44.7 | it's a lot easier than it was thought to be based on missing rate limiting in some |
| 0:52.2 | payment systems. The attack was demonstrated using some of the |
| 0:58.0 | largest e-commerce websites based on the Alexa Top 400 list. And apparently some of them do |
| 1:05.6 | actually allow an unlimited number of attempts to enter the credit card number. Some of them also do not |
| 1:12.7 | require a CV2 number, so those sites can then be used to prudeforth the credit card number, |
| 1:18.2 | and then another set of sites that ask for the CV2 number is then used to guess the CV2 |
| 1:25.3 | number after the credit card number was found using the first set of sites. |
| 1:31.5 | Effected sites were notified by these researchers. Now they didn't list explicitly which sites |
| 1:37.9 | they found to allow an unlimited number of attempts, but of course it would be pretty easy for someone to figure this out |
| 1:46.3 | themselves. And of course, the actual payment processor like Visa doesn't have enough information |
| 1:52.0 | to realize that these requests that are coming in from different websites are actually |
| 1:58.2 | originating from the same source. And of course, a lot of people |
| 2:03.1 | wrote about a possibility of large denial of service attacks around Thanksgiving for Black Friday |
| 2:08.9 | or Cyber Monday, as it's sometimes called the Monday after Thanksgiving, which is sort of a peak |
| 2:14.9 | online shopping date. Well, it turns out that some large denial of service |
| 2:20.1 | attacks did indeed happen. Cloudflare has a nice write-up of what they have seen in the last |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.