meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Tuesday, July 3rd 2018

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

Tech News, News, Technology

4.9696 Ratings

🗓️ 2 July 2018

⏱️ 5 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. Odd PHP Exploit Attempt; Diameter Security; Attack Against Trezor

Transcript

Click on a timestamp to play from that location

0:00.0

Hello, welcome to the Tuesday, July 3, 2018 edition of the Sansonet Storm Center's Stormcast. My name is Johannes Ulrich, and I'm recording from New York City, New York.

0:11.4

Over the last few days, Guy noticed some interesting hits to his honeypot, and we have really no idea what vulnerability they're actually looking for here.

0:23.6

It looks like they're testing for a fairly simple to exploit code inclusion vulnerability.

0:30.6

They're trying to run a die command that will then output a string.

0:35.6

Probably they're looking for that string then in order to

0:39.7

identify systems that are vulnerable. The string they're using is Hello Pepper, followed

0:45.8

by an explanation mark, and then it should display nine times the number nine because they're

0:54.0

taking a string that is nine times the number one and

0:57.6

then multiply it by nine. So if you have any idea what they're trying to exploit here, take a look

1:04.2

at Gies' diary post for further details. And positive security came out with their diameter vulnerability's exposure report for 2018.

1:18.7

Now, diameter is a protocol that's heavily used in signaling for LTE, and it replaces the good old SS7 protocol, which of course has been the root cause

1:31.9

of many problems in 3G and earlier networks. As a quick summary in their report positive

1:40.0

technologies states that diameter does solve a lot of these problems, but the problem is that a lot

1:48.2

of the features, in particular encryption in diameter, isn't always enabled by providers, which

1:54.9

then again leads to much of the same issues that we had with SS7.

2:01.6

In some cases, also, diameter isn't actually used.

2:05.5

For example, when you're using voice over LTE, you're essentially doing voice over IP or using

2:12.6

protocols like SIP, and with that you inherit some of the problems that these signaling protocols like SIP

2:20.9

are exposed to. Also, if you're sending an SMS message, you're actually downgrading usually

2:27.6

to 3G and again SS7 is used as a protocol for signaling and you're exposing yourself to the good old SS7

2:37.7

vulnerabilities. So in short, if well configured then diameter can certainly solve many of the

2:44.7

problems that we are having with SS7, but in itself it's not of the end of all cell phone vulnerabilities.

...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2025.