Hello, welcome to the Wednesday, December 30th, 2020 edition of the Sandstone Storm Center's Stormcast.

My name is Johannes Ulrich.

And today I'm recording from Jacksonville, Florida.

Well, this is the last podcast of the year and, well, no real big news today.

So I'll keep it short and let's get started

with what we have here at the Internet Storm Center Diary. Jan took another look at the ability

of users on a system to get directory listings of folders to which they don't have access to.

And well, the tool he turned to here are antivirus engines.

So Jan took a look at 25 different antivirus tools.

Now, eight of those tools did not allow a user to initiate a scan for a directory that the user didn't have

access to, but the others did allow access to those folders and then released file names.

Again, no content of the files, just the file names themselves, but it's actually a common problem. We have talked about this

here many times the past antivirus engines have to run with elevated privileges, so any

kind of vulnerability in an antivirus engine then quickly becomes a privilege escalation,

and this is probably the most minor one of the ones that could

potentially happen. Jan did notify anavirus vendors, and all but two actually considered

that intentional behavior, and the two remaining ones did actually fix this problem or scheduled a fix for a future update.

And one of the things that we have sort of seen often on this year is Malware written in Go.

Now, the Go language, of course, is sort of one of the up-and-coming languages that developers are using,

and yes, Malware writers are, of course, catching up with this trend.

Least example, a security company in Teaser, found some Malver that does install crypto coin miners.

And of course, with anti-malver engines being a little bit behind in the Golang trend,

...