Hello, welcome to the Tuesday, October 25th, 2016 edition of the Sandcent Storm Center's Stormcast. My name is Johannes Ulrich.

And the day I'm recording from Jacksonville, Florida. Just a very quick update on the Mirai Botnet, no new denial of service attacks that I have heard of.

But still, the botnet overall is very active scanning

for new victims.

We have seen a slight drop in the scanning, but really nothing to be too excited about,

but probably some of the countermeasures are taking effect.

Like for example, I don't see any of the command control domain

names that are still resolving for this botnet. And also as a reminder, while the DVR servers

of the big news item here, this botnet certainly has the capability to infect other systems as well.

There is a site from the ARM 7 payload.

There's also a MIPS and a power PC payload.

Particularly the power PC payload is sort of targeting than Cisco devices.

And for example, for Cisco device, it's trying sort of a default enable password of enable. However, it's probably

less likely to succeed here. The big problem with these DVRs remains that you can't change

the default password. And then we got updates from Apple for iOS and Mac OS Sierra. It fixes a number of security vulnerabilities.

The more interesting ones here are first of all,

a vulnerability in core graphics.

A malicious JPEC could be used to execute arbitrary code.

Of course, this could, for example, be exploited

via more or less any software that displays

JPEX. Now, another vulnerability I think was already patched in the past. I remember something

very similar with FaceTime. The problem here is that a man in the middle on a FaceTime call

...