SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS Stormcast Friday Mar 7th: Chrome vs Extensions; Kibana Update; PrePw0n3d Android TV Sticks; Identifying APTs (@sans_edu, Eric LeBlanc)

Mar 7, 2025

Eric LeBlanc, a Senior cybersecurity engineer at the U.S. Strategic Petroleum Reserve, shares insights into the ever-evolving world of cybersecurity. He discusses the controversial Chrome update that disrupts ad blockers and the critical Kibana vulnerability posing security risks. LeBlanc also delves into the alarming discovery of pre-infected Android TV sticks filled with adware. His innovative meta detection strategies highlight the complexities of identifying Advanced Persistent Threats and managing log data effectively in federal environments.

13:53

Creator website

Episode guests

Eric LeBlanc

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

The recent Google Chrome update has provoked user backlash by disabling the uBlock Origin extension, raising privacy concerns amidst advertising interests.

A new meta detection technique enhances identification of Advanced Persistent Threats by analyzing historical patterns and correlating tactics from the MITRE ATT&CK framework.

Deep dives

Challenges with Browser Extensions

Recent updates to Google Chrome have led to the deactivation of some older extensions, including uBlock Origin, which has raised concerns among users. These older extensions had broader permissions, allowing them to interact more effectively with the browser, but Google is now limiting their capabilities, potentially to protect its advertisement revenue. Users may be misled into uninstalling uBlock Origin despite the option to reactivate it, reflecting an ongoing struggle between extension developers and Google's policies. The situation highlights the tension between maintaining user privacy and the financial interests of advertising companies.

Intro

4min

Innovative Techniques in Detecting Advanced Persistent Threats

2min

Analyzing APT29: Historical Techniques and Detection Challenges

2min

Managing Log Data in Federal Environments

3min

Scalability and Efficiency in Monitoring Digital Environments

3min

Latest Google Chrome Update Encourages UBlock Origin Removal
The latest update to Google Chrome not only disabled the UBlock Origin ad blocker, but also guides users to uninstall the extension instead of re-enabling it.
https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html
https://www.reddit.com/r/youtube/comments/1j2ec76/ublock_origin_is_gone/
Critical Kibana Update
Elastic published a critical Kibana update patching a prototype polution vulnerability that would allow arbitrary code execution for users with the "Viewer" role.
https://discuss.elastic.co/t/kibana-8-17-3-security-update-esa-2025-06/375441
Certified PrePw0n3d Android TV Sticks
Wired is reporting of over a million Android TV sticks that were found to be pre-infected with adware
https://www.wired.com/story/android-tv-streaming-boxes-china-backdoor/
SANS.edu Research Paper
Advanced Persistent Threats (APTs) are among the most challenging to detect in enterprise environments, often mimicking authorized privileged access prior to their actions on objectives.
https://www.sans.edu/cyber-research/identifying-advanced-persistent-threat-activity-through-threat-informed-detection-engineering-enhancing-alert-visibility-enterprises/

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS Stormcast Friday Mar 7th: Chrome vs Extensions; Kibana Update; PrePw0n3d Android TV Sticks; Identifying APTs (@sans_edu, Eric LeBlanc)

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Challenges with Browser Extensions

Kibana Vulnerability and Security Updates

Advanced Detection Techniques for Cybersecurity

Remember Everything You Learn from Podcasts