Hello and welcome to the Friday, April 18th, 2020-5 edition of the Sands Inunders Stormcast.

My name is Johannes Ulrich, and today I'm recording from Orlando, Florida.

Today we got another guest diary by one of our undercredit interns.

Jacob Clay Camp did write about how to get started in Malvern

Analysis. Of course, we have plenty of diaries always about Malar analysis, Dillet and Xavier,

most notably are heavily contributing to this. This is more the beginner's view of malware analysis and

sort of how to get started with malware analysis using a cloud-based system. A couple

interesting parts here. First of all, Jacob is using AWS, a free instance, and then uses KASM workspace in order to essentially get a remote

desktop into a container, which then runs Remnux. This is Lenny Seltzer's reverse analysis environment.

All of this is Linux-based, and since it is set up in a container,

it's also easy to reset and the cloud deployment of course makes it nice and isolated from

anything that you may have going on in your home network. Overall, interesting setup and

then Jacob is going over a quick analysis of a

redtail sample and how to apply this particular environment to the analysis of this particular

matter. Interesting write-up and nice step-by-step guide to help you get started.

Then we have a critical vulnerability affecting the Erlang OTP SSH library.

This affects any SSH servers written in this language.

The vulnerability was found by researchers at the Rural University in Bohum. Now, the OTP here in Erlang,

OTP, does not stand for one-term, one-time password. Instead, it does stand for the open

telecom platform. This particular version of Erlang was created and maintained initially by Erickson and is often used in telecom-related devices, routers, and the like.

So certainly there is quite a number of affected devices out there.

The CVSS score of the vulnerability is a perfect 10.0 because it does allow for arbitrary code

...