ISC StormCast for Tuesday, February 21st 2017
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 21 February 2017
⏱️ 6 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello, welcome to the Tuesday, February 21st, 2017 edition of the Sanctored Storm Center's Stormcast. My name is Johannes Ulrich, and today I'm recording from Scottsdale, Arizona. At the end of yesterday's podcast, I talked about an XML external entity attack and how it can be used to send email via FTP. I also stated that PostFix doesn't |
| 0:25.0 | usually accept this connection. Well, not quite right. PostFix actually by default only |
| 0:30.7 | blocks connections via HTTP release, so it does block some of the standard HTTP verbs like get and post and connect |
| 0:39.9 | it doesn't do anything for these FDB paste attacks so today I published a little |
| 0:46.3 | diary that does show you how to extend post fix it's pretty easy there is an |
| 0:52.7 | SMTPD forbidden commands setting that you can use |
| 0:57.0 | to essentially just list whatever commands you would like to block, and if you add user and |
| 1:02.5 | pass to that, then you will block these FTP relay attacks as well as HDP relay attacks. |
| 1:14.6 | User and pass is not used as far as I know as part of standard SMTP in order to authenticate with SMTP you would use the auth command |
| 1:20.4 | which of course is still available in this configuration. And then we got two car hacking |
| 1:25.6 | related stories. The first one comes from Kasperski. |
| 1:28.7 | Kasperski looked at various apps that car makers are offering their users to remote control cars. |
| 1:35.9 | Typically you're able to lock and unlock the car, sometimes even start the car, or use geolocation features in order to figure out where your car is currently at. |
| 1:46.4 | Now, all of the apps that Kaspersky looked at had some very basic security shortcomings. |
| 1:53.7 | For example, they didn't protect the app window from overlay, so a malicious application |
| 1:57.9 | could pretend to be part of the car application. |
| 2:01.6 | They also don't check if the phone is rooted, and they don't check the integrity of the app, |
| 2:08.6 | so malicious software could alter the app after it's being downloaded. |
| 2:14.6 | Overall, what it comes down to is that these apps are only as secure as the |
| 2:19.3 | phone that you run them on. If your phone is compromised, then of course this app is |
| 2:24.6 | compromised as well. In addition, some of these apps, but not all of them, are storing |
| 2:29.6 | credentials in clear text on the phone. The second story comes from IBM's X-Force and deals again with apps that you're using |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.