SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS Stormcast Tuesday April 15th: xorsearch Update; Short Lived Certificates; New USB Malware
Apr 15, 2025
Explore the exciting update to a powerful searching tool, now enabling complex queries with regular expressions and Yara signatures. Discover significant changes in TLS certificate lifetimes that enhance security over the next few years. Dive into the alarming new malware that attacks USB drives, replacing files with malicious versions to harvest sensitive data. This intriguing mix of technical advancements and emerging threats highlights the evolving landscape of cybersecurity.
05:35
AI Summary
AI Chapters
Episode notes
Podcast summary created with Snipd AI
Quick takeaways
- The updated xorsearch tool now supports Yara signatures and regular expressions, enhancing its search capabilities for data analysts.
- The reduction of TLS certificate lifetimes aims to improve security, although users may still depend on outdated software that lacks support.
Deep dives
Enhancements to XOR Search Tool
The XOR Search tool has received significant updates, now allowing users to search using regular expressions and Yara rules. Originally a compiled executable, the tool has transitioned to a Python script, enhancing its functionality for users. This update enables a broader range of searches within result files, offering the flexibility to apply Yara rules for string identification. The announcement encourages feedback from users in the data analysis community, highlighting various usage examples and output formats for better understanding.
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
