Hello and welcome to the Tuesday, November 12, 2024 edition of the Sansonet Storm Center's Stormcast.

My name is Johannes Ulrich, and I'm recording from Jacksonville, Florida.

DDI continues to entertain us with nice write-ups of how to use his tools, PDF ID and PDF dump to analyze Malver.

In the latest example, it's actually, well, strictly maybe not Malver.

It's a PDF with phishing links.

And just with a couple lines of code on the command line, you're able to, first of all,

identify that this

particular PDF does contain URLs, and then next you're able to extract it. Really easy then to,

of course, double check what this particular URL points to, which in this case turns out to be

your standard fishing site. So if this is

something that you're doing regularly, if this is something you're struggling with to do at scale

and to automate, well, these are exactly the tools you need in order to automatically analyze

PDFs, extract URLs, and then verify if they point to fishing sites or not.

Let me got a few vulnerabilities to talk about today ahead, of course, of Microsoft's

Patch Tuesday tomorrow.

The first one I want to mention is six different vulnerabilities in the Mazda infotainment

system.

These car hacking vulnerabilities, of course, always attract a lot of attention.

The mitigating factor here is that in order to exploit them, an attacker already has to be

inside the vehicle and connect a USB device to the vehicle.

But the vulnerabilities themselves are rather straightforward

and basic in the sense that data, for example,

...