Episode
57: MS08-067
1:01:33
Published: Tue Jan 21 2020
Description
Hear what goes on internally when Microsoft discovers a major vulnerability within Windows. Guest Thanks to John Lambert for sharing this story with us. Sponsors Support for this episode comes from ProCircular. Use the team at ProCircular to conduct security assessments, penetration testing, SIEM monitoring, help with patches, or do incident response. Visit www.procircular.com/ to learn more. This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25. Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up. Sources https://blogs.technet.microsoft.com/johnla/2015/09/26/the-inside-story-behind-ms08-067/ https://www.justice.gov/opa/pr/payment-processor-scareware-cybercrime-ring-sentenced-48-months-prison https://www.nytimes.com/2019/06/29/opinion/sunday/conficker-worm-ukraine.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601 https://www.wired.com/story/nsa-windows-10-vulnerability-disclosure/ Book: Worm Attribution Darknet Diaries is created by Jack Rhysider. Episode artwork by odibagas. Theme music created by Breakmaster Cylinder. Theme song available for listen and download at bandcamp. Or listen to it on Spotify. Learn more about your ad choices. Visit podcastchoices.com/adchoices
Chapters
The responsibility of safety in driving lies not only on drivers but also on car manufacturers, civil engineers, software makers, and law enforcement agencies.
00:00 - 01:22 (01:22)
Summary
The responsibility of safety in driving lies not only on drivers but also on car manufacturers, civil engineers, software makers, and law enforcement agencies. All stakeholders need to work together to ensure safety on the roads.
Episode57: MS08-067
PodcastDarknet Diaries
Michael Howard, former security program manager at Microsoft, talks about the initiative to improve customer trust in Microsoft products by fortifying them from a security, privacy, and reliability perspective.
01:22 - 05:58 (04:35)
Summary
Michael Howard, former security program manager at Microsoft, talks about the initiative to improve customer trust in Microsoft products by fortifying them from a security, privacy, and reliability perspective.
Episode57: MS08-067
PodcastDarknet Diaries
The ability to collect and analyze crash reports on a large scale has been instrumental in identifying bugs and vulnerabilities in Microsoft's products.
05:58 - 11:43 (05:44)
Summary
The ability to collect and analyze crash reports on a large scale has been instrumental in identifying bugs and vulnerabilities in Microsoft's products. By automatically analyzing these reports, Microsoft can quickly root cause and identify if an issue is new or a recurring one, without waiting for customers to report it.
Episode57: MS08-067
PodcastDarknet Diaries
The process of analyzing millions of crash reports a day to determine which ones to prioritize and fix first is a difficult task.
11:43 - 19:49 (08:06)
Summary
The process of analyzing millions of crash reports a day to determine which ones to prioritize and fix first is a difficult task. However, it is also important to look for signs of potential hacker activity in these reports.
Episode57: MS08-067
PodcastDarknet Diaries
John talks about how attackers use the egg hunt technique to exploit zero-day bugs in Windows by throwing their attack tools over the wall and then searching memory to find it.
19:54 - 28:16 (08:21)
Summary
John talks about how attackers use the egg hunt technique to exploit zero-day bugs in Windows by throwing their attack tools over the wall and then searching memory to find it.
Episode57: MS08-067
PodcastDarknet Diaries
Attackers are exploiting a wormable vulnerability that can propagate rapidly across the internet.
28:16 - 37:09 (08:52)
Summary
Attackers are exploiting a wormable vulnerability that can propagate rapidly across the internet. Meanwhile, Drada offers cloud compliance software to provide continuous monitoring and visibility of risk, security controls, and audit readiness.
Episode57: MS08-067
PodcastDarknet Diaries
The Conficker worm, which affected about 1 billion Windows computers, used a vulnerability as a spreading mechanism, which could have been prevented if companies had patched their systems.
37:09 - 47:05 (09:55)
Summary
The Conficker worm, which affected about 1 billion Windows computers, used a vulnerability as a spreading mechanism, which could have been prevented if companies had patched their systems. The ideal time to release a patch is on Patch Tuesday, a well-known date for IT teams to organize their system maintenance.
Episode57: MS08-067
PodcastDarknet Diaries
The NSA discovered a devastating exploit in Windows and alerted Microsoft, who then patched the vulnerability.
47:05 - 52:43 (05:38)
Summary
The NSA discovered a devastating exploit in Windows and alerted Microsoft, who then patched the vulnerability. However, the exploit was later leaked to the Shadow Brokers and resulted in the WannaCry worm, which wreaked havoc across the globe, highlighting the importance of software updates and cybersecurity measures.
Episode57: MS08-067
PodcastDarknet Diaries
The infamous Conficker worm, which was patched in 2008, still remains on around 400,000 computers due to old systems that have not been updated.
52:43 - 59:45 (07:01)
Summary
The infamous Conficker worm, which was patched in 2008, still remains on around 400,000 computers due to old systems that have not been updated. The worm allows hackers to take control of an infected computer, including enabling the camera and mic, and running keyloggers.
Episode57: MS08-067
PodcastDarknet Diaries
In critical networks such as hospitals or power plants, it is unacceptable if software stops working due to system updates.
59:45 - 1:01:43 (01:57)
Summary
In critical networks such as hospitals or power plants, it is unacceptable if software stops working due to system updates. This highlights the importance of network security and the roles people play in maintaining it.