Hello, welcome to the Tuesday, June 21st, 2016 edition of the Santernut Storm Center's Stormcast.

My name is Johannes Ulrich, and the day I'm recording from Jackson, Florida.

Lately Swift, the international money transfer system, of course, was in the news quite a bit because some banks got compromised and the system was used for illicit

money transfers. Well, of course, with any news like that, we typically do see Malever tag on to

that news. In this latest case, we saw quite a number of email messages today that claimed

to be a swift payment notice with an attachment. The attachment itself looked like a PDF.

You couldn't really read it, so you were enticed to click on the link instead to actually see

what's happening, which

would then download a straight executable.

And as usual, the executable itself was hosted on a compromised word press instance.

That one instance, of course, has been shut down now, but there are likely others still going around.

Virus totals score on this particular attachment wasn't great.

It was six out of 55 when we originally saw this particular matter.

But of course, an executable like this should never make it to an end user as a simple email attachment.

Any kind of mail filter should quarantine executables that are attached to emails.

And OpenSL fixed a number of integer overflow vulnerabilities that have been reported by Redhead.

Now at this point the fix is only available via the GitHub repository for OpenSSL and via some

of the Linux distributions I don't see right now an actual fix on the open Zell side.

The latest version they have up there is still the update from May, but this may change soon.

It's not clear how many of these issues were actually exploitable.

Inager overflows are tricky, but the basic problem here is that if you do pointer arithmetic

and add integers together and you exceed the maximum amount of memory attressible, it may

...