Hello, welcome to the Tuesday, March 14th, 2017 edition of the Sansanet Storm Center's Stormcast. My name is Johannes Ulrich, and I'm recording from Jacksonville, Florida. Remember, it's a double patch Tuesday. Today, we should expect the February and the March patches being released today by Microsoft in addition to the usual updates

from Adobe and likely others. Jim today re-released his 6.P.Y tool. It's a tool that pretty simply

just calculates hashes for binary, but now he added support for Shaw 3.

Now, SHA3 support isn't typically included in standard libraries, so you have to make sure

that you are installing the SHA-3 Python library, which I believe is only available for more recent versions of

Python, like 3.6 and larger. And just as a reminder, because I don't really hear a lot of talk

about it is the Apache Struts 2 vulnerability. It's still out there, and it's very aggressively being probed. I saw a couple

of Pearl Bots that were attempted to be installed in our Honeypot earlier today. Also, the

Canada Revenue Agency had to shut down its website over attacks using this particular vulnerability. They should have it patched.

Now, if you do have any kind of web application firewall, it shouldn't be too difficult to block

these attacks. Please consult with your vendor to make sure that you get this right.

At this point, if you find an unpatched

and unprotected site, you probably have to assume that it is already compromised. I mentioned last

week about the Nintendo Switch using a web kit-based browser in order to allow the user to interact with

captive Wi-Fi portals. Well, we got the first exploit now, taking advantage of it.

Turns out that the particular version of WebKit being used by the Nintendo Switch is

quite old. It corresponds to iOS 9.3.

And there are exploits available

that just have to be adapted for the Nintendo Switch.

First step is explained in an interesting video

if you're into writing exploits

and really wanna understand how they work.

...