ISC StormCast for Wednesday, September 16th 2020
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 16 September 2020
⏱️ 6 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello and welcome to the Wednesday, September 16th, 2020 edition of the Sandsenet Storm Center's |
| 0:06.9 | Stormcast. My name is Johannes Ulrich, and then I'm recording from Jackstable, Florida. |
| 0:14.0 | Brad today posted another one of his Malware analysis quizzes in this case. He's asking what type of malware is being downloaded in the |
| 0:25.2 | PCAP that he offers for analysis. Now, he does recommend that you are not using a Windows |
| 0:31.9 | system to analyze this file because the malware is Windows malware. So if you aren't careful enough, it's possible |
| 0:39.8 | that you could infect yourself if you are extracting the malware. I won't give away the solution |
| 0:47.2 | yet, and please don't read the comments if you are in for the challenge. Other interesting |
| 0:53.8 | comment that Brad makes about this malware, |
| 0:57.5 | it only takes two clicks in a default configured Windows 10 system, |
| 1:02.9 | and Windows 10 in its default configuration will not alert you of this particular malware, |
| 1:10.2 | which, well, that's sort of a good part, |
| 1:12.8 | has become somewhat uncommon. Most common malware is now being detected by Windows 10 in its |
| 1:21.3 | default configuration, so you don't necessarily need any specific antivirus or any heartening of the system. |
| 1:31.6 | And I've mentioned Adobe's Magento a couple times in the past because it has been repeatedly |
| 1:38.1 | a target of attacks. One particular problem is Magento 1. Now Magento 1 has been end of life for I think a couple |
| 1:49.7 | years now but still isn't heavy use and of course being end of life. There are no more |
| 1:56.7 | patches being released for it and as such of course it's pretty easy pickings for attacker. |
| 2:04.4 | Security company Sandsk has an update on an attack that they detected last weekend. |
| 2:11.5 | Apparently around 2,000 different online shops were the victim of these attacks, and as a result, a keystroke |
| 2:21.7 | logger was installed. So of one of those typical JavaScript keystroke loggers that we see a lot |
| 2:29.5 | these days. Now, part of the reason of this apparent flare-up in attacks against Magento 1 appears to be a hacking kit being sold by some individuals. For $5,000, you'll get a remote code execution exploit, including an instruction video. And apparently, it does not require any prior Magento admin experience. |
| 2:55.6 | And talking about Adobe, Adobe today released an update for Media Encoder. |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.