Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Symantec Sloppy Key Verification; Gnome Thumbnailer RCE; - SANS Internet Storm Center Symantec Sloppy Key Verification; Gnome Thumbnailer RCE;


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
podcast logo

ISC StormCast for Friday, July 21st 2017

A daily summary of cyber security news from the SANS Internet Storm Center
Author:Johannes B. Ullrich, Ph.D.
See below for a schedule of classes I teach.
Created: Friday, July 21st 2017
Length: 11:00 minutes
Today's Headline: Symantec Sloppy Key Verification; Gnome Thumbnailer RCE;

If you like this podcast, then please consider telling others about it. Use this button to Tweet about this episode: click here. Errors? Corrections? Complaints? Player Problems? Please let us know here: https://isc.sans.edu/contact.html

Plain HTML5 Player
Fancy Player (with skip back/forward)

Show Notes

Symantec Sloppy Key Verification Leads To Revocation of Certificates
https://blog.hboeck.de/archives/888-How-I-tricked-Symantec-with-a-Fake-Private-Key.html

Gnome Thumbnailer Executes Code
http://news.dieweltistgarnichtso.net/posts/gnome-thumbnailer-msi-fail.html


Discussion

Login here to join the discussion.

Interested in attending one of my classes? See below for my current schedule.

IPv6 EssentialsWashingtonJul 22nd - Jul 23rd 2017
Intrusion Detection In-DepthVirginia BeachAug 21st - Aug 26th 2017
Defending Web Applications Security EssentialsLas VegasSep 10th - Sep 15th 2017
IPv6 EssentialsLas VegasSep 16th - Sep 17th 2017
Intrusion Detection In-DepthBaltimoreSep 25th - Sep 30th 2017
Intrusion Detection In-DepthSingaporeOct 16th - Oct 21st 2017
Intrusion Detection In-DepthBerlinOct 23rd - Oct 28th 2017
IPv6 EssentialsWashingtonDec 12th - Dec 13th 2017
Defending Web Applications Security EssentialsWashingtonDec 14th - Dec 19th 2017