meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Wednesday, September 28th 2016

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

Tech News, News, Technology

4.9696 Ratings

🗓️ 28 September 2016

⏱️ 5 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Daily 5 min infosec news summary. News, patches, vulnerabilities and trends in information security. Memory #Forensics Tricks; #IoT #DDoS; Google #CSP Tools; #Microsoft Cloud Fuzzer

Transcript

Click on a timestamp to play from that location

0:00.0

Hello, welcome to the Wednesday, September 28, 2016 edition of the Sans and Storms and a Stormcast.

0:08.0

My name is Johannes Ulrich and I'm recording from Jacksonville, Florida.

0:13.0

Great diary today from Basile about the intersection of disk forensics and memory forensics essentially, well, Windows and other operating

0:23.8

systems as well, do save memory to disk as part of the hibernation process. So what you can do

0:31.6

is you can take that file and then investigate it and essentially get the state off the system last time it went into

0:40.5

hibernate which of course sort of gives you a snapshot back in time as basil puts it and he's

0:46.2

talking about how volatility can be used here in order to examine that copy of memory and in

0:54.1

recent weeks there have been a number of large-scale denial of service attacks, for

0:59.4

example, one against Brian Grebs, but now others as well, that reached sort of in the

1:05.4

terabit per second range.

1:07.3

And apparently, these denial of service attacks were caused by web-connected cameras.

1:13.6

We have of course been observing these in and of things being compromised with the last few years,

1:19.6

including these cameras and now apparently the problem has to reach the dimension where

1:26.6

these cameras can easily be used to

1:29.3

overpower even very powerful networks. In the last case they had about 145,000 of these

1:38.3

cameras being used and each one of these cameras produced from 1 to 30 megabits per second.

1:46.0

Of course at this scale it also becomes a little bit difficult to measure the exact size of denial of service attack

1:53.0

as sometimes networks leading to the target are already being saturated so the full firepower off that attack doesn't actually reach the intended

2:04.6

victim. From a defensive point of view, there isn't really much you can do other than trying

2:09.6

to sign up for anti-denial of service services which do appear to cope at this point with these attacks, but then again, those services can be

2:22.0

pricey in particular if you are the target of very large attacks like this.

2:28.6

Cross-site scripting vulnerabilities are, of course, still a big problem, and at this point,

...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2025.