

SANS Stormcast Tuesday April 15th: xorsearch Update; Short Lived Certificates; New USB Malware
9 snips Apr 15, 2025
Explore the exciting update to a powerful searching tool, now enabling complex queries with regular expressions and Yara signatures. Discover significant changes in TLS certificate lifetimes that enhance security over the next few years. Dive into the alarming new malware that attacks USB drives, replacing files with malicious versions to harvest sensitive data. This intriguing mix of technical advancements and emerging threats highlights the evolving landscape of cybersecurity.
AI Snips
Chapters
Transcript
Episode notes
xorsearch Update
- Didier Stevens's xorsearch tool is now a Python script supporting Yara rules.
- This update enables searching with regular expressions within result files.
Certificate Lifetime Reduction
- The CA/Browser Forum will reduce TLS certificate lifetimes over four years.
- Starting March 15, 2026, lifetimes will decrease to 39 months, then to 27 months, and finally to 47 days.
Shorter Certificates with Certbot
- Certbot 4.0 supports shorter certificate lifetimes using profiles.
- Choose between standard 90-day or shorter 6-day certificates after installation.