meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Tuesday, July 27th, 2021

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

Tech News, News, Technology

4.9696 Ratings

🗓️ 27 July 2021

⏱️ 6 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. Recovering Malspam Password; Apple Patches 0-day; Multi OS Malware; GitHub Love for Go

Transcript

Click on a timestamp to play from that location

0:00.0

Hello, welcome to the Tuesday, July 27, 2021 edition of the Sansonet Storm Center's Stormcast. My name is Johannes Ulrich.

0:09.9

And today I'm recording from Jacksonville, Florida. Did he took a look today at a piece of a matter that actually Jan covered in a diary a couple days ago. And one of the problems

0:23.7

there was that the malware was encrypted and the password that was included in the email did not

0:30.6

work. Jan wasn't able to decrypt the malware, but well, theDA did take up the challenge and was able to find the password,

0:42.2

so he'll walk you through how he did this with good old John Dripper.

0:47.8

In a bit less than a week after Apple updated iOS, MacOS, and iPad OS, we are getting yet another update for MacOS,

0:57.7

iOS, iOS, and iPadOS. This brings us up to MacOS Pixar 11.5.1 and iOS 14.7.1. Both or all three iOS, iPod, iPadOS, and MacOS are receiving a patch for one particular vulnerability.

1:18.0

CVE 2021, 3087.

1:21.6

This vulnerability can be used to execute arbitrary code with kernel privileges.

1:29.1

And yes, there apparently are reports of this vulnerability already being exploited in

1:36.2

the wild, which is why Apple pushed out this fix so quickly.

1:41.4

So don't be too surprised if you are getting that pop-up. Now if you haven't

1:46.6

updated yet to 14.7, you'll be then asked to go straight to 14.7.1. Apple actually no longer

1:55.6

offers 14.7 for download. And the report by Blackberry points out that the attackers are tending to use some of the more exotic programming languages.

2:09.1

Now, they're mentioning here, Go the NIM and Rust.

2:13.4

We had examples of this in prior diaries.

2:17.4

Go and Rust, I definitely wouldn't really call them exotic, but certainly not that widely common.

2:22.9

Now, what is really in common among these languages is that there are not a lot of reverse analysis tools available.

2:31.2

A lot of the commercial tools, for example, still have a hard time with Go

2:35.6

or just adopted Go in more recent versions. And that, of course, makes analysis of Malware

2:43.0

more difficult, giving attackers a fairly straightforward obfuscation technique by just using

2:49.7

a less understood programming language.

...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2025.