meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Wednesday, March 22nd, 2023

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

Tech News, News, Technology

4.9696 Ratings

🗓️ 22 March 2023

⏱️ 6 minutes

🧾️ Download transcript

Summary

Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. Character Pair Reversal; Windows Snipping Tool Bug; Malicious .Net; Spring Vuln; Snappy PHP Vuln;

Transcript

Click on a timestamp to play from that location

0:00.0

Hello and welcome to the Wednesday, March 22nd, 2023 edition of the Sands and its Stormsters Stormcast.

0:09.0

My name is Johannes Ulrich and today I'm recording from Augusta, Georgia.

0:14.7

In diaries today, we got a quick reverse engineering and Python lesson from DDA.

0:20.3

DDA found a sort of interesting, link file on Malware Bazaar.

0:26.8

This file used a slightly unusual obfuscation technique in that it was reversing the URLs.

0:34.8

It was accessing but two characters at a time, instead the more common one character

0:40.4

at a time. So D.D.A. is going through a quick Python way of reversing this obfuscation

0:47.5

and extracting relevant URLs.

0:51.7

Well, and after having a fairly embarrassing and dangerous flaw in the Google Snipping tool for Android,

1:00.0

well, we have now pretty much the exact same flaw also in the Windows 11 sniping tool.

1:08.0

And just a few days now after we had this big vulnerability in the Google

1:14.5

sniping tool for Android, it now turns out that the Windows 11 sniping tool, a very

1:21.1

similar tool that allows you to, basically, crop images, has pretty much the exact same vulnerability.

1:28.6

And the problem appears to be very similar.

1:30.9

If you're cropping an image and then save the cropped image,

1:34.3

it doesn't create a brand new file instead it overrides the old file.

1:39.8

And since the cropped image is now smaller,

1:43.1

it only overrides part of the file and leaves

1:46.3

the remainder of the file intact, which is still the original data before it had been cropped.

1:54.1

There is a marker at the end of PNG images called I-N that basically tells the image

2:00.8

display software to ignore any data after

2:03.8

this marker.

...

Please login to see the full transcript.

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2025.