SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS Stormcast Tuesday April 15th: xorsearch Update; Short Lived Certificates; New USB Malware

9 snips
Apr 15, 2025
Explore the exciting update to a powerful searching tool, now enabling complex queries with regular expressions and Yara signatures. Discover significant changes in TLS certificate lifetimes that enhance security over the next few years. Dive into the alarming new malware that attacks USB drives, replacing files with malicious versions to harvest sensitive data. This intriguing mix of technical advancements and emerging threats highlights the evolving landscape of cybersecurity.
Ask episode
AI Snips
Chapters
Transcript
Episode notes
INSIGHT

xorsearch Update

  • Didier Stevens's xorsearch tool is now a Python script supporting Yara rules.
  • This update enables searching with regular expressions within result files.
ADVICE

Certificate Lifetime Reduction

  • The CA/Browser Forum will reduce TLS certificate lifetimes over four years.
  • Starting March 15, 2026, lifetimes will decrease to 39 months, then to 27 months, and finally to 47 days.
ADVICE

Shorter Certificates with Certbot

  • Certbot 4.0 supports shorter certificate lifetimes using profiles.
  • Choose between standard 90-day or shorter 6-day certificates after installation.
Get the Snipd Podcast app to discover more snips from this episode
Get the app