meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Wednesday, July 28th, 2021

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

Tech News, News, Technology

4.9696 Ratings

🗓️ 28 July 2021

⏱️ 7 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. Details for CVE-2021-30807 (macOS/iOS); Zimbra XSS/SSRF; Ransomware via GPOs; Safe Links for MSFT Teams

Transcript

Click on a timestamp to play from that location

0:00.0

Hello, welcome to the Wednesday, July 28, 2021 edition of the Sansanet Storm Center's Stormcast. My name is Johannes Ulrich. And I'm recording from Jacksonville, Florida. Yesterday, I talked about Apple releasing a patch for CVE 2021-887. that particular vulnerability affected iOS as well as a Mac OS.

0:26.7

Now, whenever Apple releases patches, the description is very brief. It's usually literally a sentence,

0:35.4

but it also mentioned that the vulnerability had already been exploited

0:40.5

in the wild. So today we got a blog post by a security researcher, Sarr Amar, with great detail

0:48.2

about this particular vulnerability. Now if you wonder how Sarr was able so quickly to figure all of this out, apparently

0:56.8

Sarr already had it figured out back in March.

1:00.9

And as proof that this is something that Sarr was working on back then, Sarr actually

1:07.7

tweeted a hash of a file that they now posted on the blog post, and it has

1:15.2

sort of a quick outline of what happened with this vulnerability.

1:20.5

So while SAR was able to find a vulnerability, at the time, SAR didn't have time to actually develop a proof of concept exploit.

1:30.1

I was going to that later. And now, of course, they saw that this vulnerability had been patched.

1:36.4

And that's why Sarr published a blog post with quite a bit of detail, proof of concept code and such,

1:43.2

how to exploit this vulnerability.

1:46.0

Part of the most dangerous way how this could be exploited is as an attack against the web browser.

1:55.0

So something posted on a website could essentially trigger this vulnerability in unpatched versions of iOS and

2:05.2

macOS. And now with all of this detail out there, of course, an exploit will likely be public

2:13.2

and more accessible soon. So this has now really become a patch now vulnerability. Apply this iOS

2:21.2

and macOS patch that was released on Monday. And then we got two interesting vulnerabilities

2:29.3

in Cimbra. If you're not familiar with Cimbra, it's an open source webmail client. So if you aren't

2:37.4

into cloud and you would like to run things on premise, then Simpra is a fairly good option

2:45.3

for you. But if you do you Simra, then please patch. The first vulnerability here is a DOM-based cross-site scripting vulnerability.

2:55.1

Now, one of the hardest web applications to write when it comes to cross-site scripting is a

...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2025.