ISC StormCast for Tuesday, May 16th 2017
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 16 May 2017
⏱️ 7 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello, welcome to the Tuesday, May 16th, 2017 edition of the Sandcent Storm Center's Stormcast. My name is Johannes Ulrich, and I am recording from San Diego, California. |
| 0:13.8 | Monday after noon, we lowered our Infocon status back to Green. There was no real significant additional news about the |
| 0:24.2 | Wanakry Ransomers. Things are pretty much back to normal. Now so far no significant new |
| 0:32.1 | variants were released. One of our readers noticed that Shodan's account of systems that expose SMB on Port 445 |
| 0:42.8 | actually went down from about 2 million to 1 million. So while it's still a large number, |
| 0:50.4 | it looks like the worm at least helped to significantly reduce the number of exposed systems to this and other exploits. |
| 0:59.0 | Note that even before One of Cry, these systems were at risk of exploitation and many of them likely had already been exploited. |
| 1:10.0 | There were a number of different scans of, for example, the double-exploits of them likely had already been exploited. |
| 1:11.0 | There were a number of different scans of, for example, the double pulsar backdoor that |
| 1:16.9 | showed that this particular backdoor, which was of the signature of this exploit being used |
| 1:23.0 | here, had been deployed to numerous systems even before Wanna Cry came out shortly after Shadow Broker |
| 1:31.0 | did release the details about the exploit. |
| 1:35.4 | Apple today released its usual unscheduled updates of everything. |
| 1:41.8 | The update affects OS 10L Capitan and Yosemite as well as Mac OS Sierra, |
| 1:50.0 | Safari, iOS, TVOS, and of course watchOS. |
| 1:55.0 | Since different operating systems share a lot of common code here with Apple. |
| 2:05.0 | The vulnerabilities being addressed are very similar to each other. |
| 2:09.2 | WebKit is being updated across all the operating systems and one of the major sources of the about 40 or so different CVEs that are being addressed addressed here and probably WebKit is also the most |
| 2:20.5 | critical component. |
| 2:22.3 | Many of the vulnerabilities addressed in WebKit expose users to arbitrary code execution |
| 2:28.5 | and of course all it takes is visiting a malicious webpage. |
| 2:33.5 | A couple of Ciglite vulnerabilities that are also being patched here are also exploitable. |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.