meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Wednesday, June 27th 2018

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

Tech News, News, Technology

4.9696 Ratings

🗓️ 27 June 2018

⏱️ 7 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. Analyzing XPS Files; WPA3 Finalized

Transcript

Click on a timestamp to play from that location

0:00.0

Hello and welcome to the Wednesday, June 27th, 2018 edition of the Sansonet Storm Center's Stormcast. My name is Johannes Ulrich.

0:08.9

And I'm recording from Jacksonville, Florida. We got a little post script from DDA today about the XPS file that Lorna analyzed in last week's diary. Didier goes over how to use his sipdump.

0:24.5

p.y utility in order to gain more insight more quickly into this file type.

0:31.6

The reason this works is that XPS files just like so many documents are sip containers and well once you

0:40.9

unzip them then you can look at the components look at their file types and

0:46.2

gain more insight into what's going on with this document and the Wi-Fi

0:52.1

Alliance today published the final WPA-3 standard. This standard

0:57.9

will start to become in effect next year, which means that any new devices that would like to

1:04.5

have the Wi-Fi Alliance's logo will have to support WPA-3, just like now they have to support WPA2.

1:13.6

Now for the foreseeable future, of course, WPA2 will remain to be supported, so you don't

1:20.6

have to throw out all of your equipment at once, but starting next year, any new equipment

1:27.3

that you purchase hopefully will have WPA3

1:30.6

support build in. At this point, it's not clear if a software update can be offered to update

1:37.8

devices to WPA3, but I would expect for some of the more beefy, more powerful access points and such to be able to be software upgradable.

1:48.0

Among all the improvements, there are really sort of two things that stick out when it comes to WPA3.

1:54.0

First of all, they're trying to make it more difficult to launch password brute force attacks.

2:00.0

Because weak passwords will probably

2:02.7

remain to be a problem so there are more lockout algorithms in place also the key exchange got

2:10.5

modified so it's more difficult or impossible to actually brute force passwords offline. Another interesting improvement is the use

2:20.4

of opportunistic encryption. What this really means is where you currently connect to an open

2:26.4

access point without any encryption. If you are connecting to an open access point that supports

2:32.6

WPA3, there will be encryption established on

...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2025.