Podcast Detail

Port 81; CVE-2017-0199 HTA Exploit Analysis; NVidia installs Node.js

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://chrt.fm/track/2748D7/https://traffic.libsyn.com/securitypodcast/5470.mp3

Podcast Logo
SANS Daily Network Security Podcast (Stormcast) for Monday, April 24th 2017
00:00

Interested in Internet Storm Center stickers? Check here if there are still some available for today.

Increase in Port 81 Traffic
https://isc.sans.edu/forums/diary/WTF+tcp+port+81/22332/

Analyzing a Document and Malware Trying to Exploit CVE-2017-0199 (HTA)
https://isc.sans.edu/forums/diary/Malicious+Documents+A+Bit+Of+News/22334/

DOUBLEPULSAR Detected on Tens of Thousands of Systems
http://www.theregister.co.uk/2017/04/21/windows_hacked_nsa_shadow_brokers/

NVidia Includes Node.js Server With Drivers
http://blog.sec-consult.com/2017/04/application-whitelisting-application.html

Android SMSVova Spyware Survives in Google Play Store for 3 Years
https://www.zscaler.com/blogs/research/android-spyware-smsvova-posing-system-update-play-store