A

Hello and welcome to the Monday, March 30, 2026 edition of the SANS Internet Storm Center's Stormcast. My name is Johannes Ulrich. We're recording today from Orlando, Florida and this episode is brought to you by the SANS Edu Graduate Certificate Program in incident response. Yes, and Team PCP is still keeping us busy. The latest update here from Ken that they have now a number of additional libraries being compromised, one of them being Telnix. Telnix is a voice over IP platform, so basically it allows you to automate phone calls and various chatbots and such. Of course this is a prime target to be then integrated with respective AI tools, AI chatbots and the like. And well, that's exactly sort of where the compromise is. They did compromise Python library that is actually then used to interface these tools with Telenux's REST API. Now in this case the actor wasn't able to compromise the GitHub repository. Instead they compromised the PYPI account for Telnix and as a result were able to publish a new version. So in this particular case version pinning should have protected you. And yes, only if you download the new compromised version then you have a problem. Slightly different payloads for Windows and Linux or macOS in this case. And another sort of interesting add on is that some of the malicious code is being transported as a WAV file, so that way it makes it a little bit more difficult to attack. Also there are now more and more links between the team, PCP crew and various ransomware actors. Looks like they're either kind of selling credentials, kind of working as an access broker here, or that they're in general communicating and collaborating with tools like for example breachforum to then turn what they have now into additional ransomware attacks. And last week I mentioned Citrix netscaler memory overreach vulnerability that was patched by Citrix and well, we now have exploit code for this vulnerability in additional details thanks to Watchtower. Watchtower actually published a two part blog post about this. One of the things they point out, it's actually two vulnerabilities, even though there was only one CVE assigned. Both vulnerabilities are similar. They are also similar to the prior Citrix Bleed vulnerability under certain circumstances. And one of the simpler to exploit ones here is where you just have question mark WTX at the end of the specific vulnerable endpoint. So no equal sign. That's kind of critical, no value. In that case, memory is being leaked and returned as a base64 encoded cookie. So very convenient. And also to parse and extract the data. And yes, this memory content does contain data from prior requests and that of course may contain additional sensitive data. Very easy to exploit, as Watchtower points out, and it's already being exploited and being probed for. So definitely assume compromise if you find any unpatched Citrix netscalers. In order to be exploitable, this netscaler has to be configured as a SAML endpoint, otherwise this is not vulnerable. So yes, definitely something that you must address this week. And like I said, assume compromise. And then we got an interesting new feature in the latest update of macOS that I haven't covered yet and it is security related and that's a protection for users from click Fix attack where the user is being tricked into copy pasting a shell command into a terminal macOS is using a little bit of tricky logic here to warn the user. So if the warning is triggered there is a pop up box basically telling the user that what they're about to do may possibly harm the computer and you may overwrite the warning and basically just go ahead with the paste anyway. But this warning is only displayed under fairly specific circumstances. First of all, the copy has to happen in a browser or a messaging app and then the user is only warned if they are not regularly using term terminal and if they haven't like copy pasted recently a string into terminal. So the idea here is to really only catch copy pastes from users that really usually don't use terminal, don't copy paste stuff into terminal, and if the source of the text they're pasting is basically an untrusted source from the Internet. So browsers and messengers. Interesting logic. Probably meant to avoid false positives and flooding people with alerts, which of course often leads to alert fatigue and has sort of counterproductive effects if you have experienced it or if you have sort of a good actually Apple write up, which I haven't seen yet. I've really only seen sort of reverse engineering that users have done by experimenting with that feature. And a little bit related and thanks for Caleb for alerting me of this blog post is a blog post by Eric Law that explains a little bit more detail how the Windows Smart install works. Not a new feature, but I don't really see it implemented quite quite often enough. And it's essentially intended to protect Windows users from downloading malicious software. Now typically on Windows you're by default allowed to just download software and run it. You'll get a warning that it's downloaded from the Internet. That's that famous mark of the web. But you can be more restrictive where you in the most restrictive case only allow software to be downloaded from the Microsoft Store. Or in sort of the intermediate cases, it'll tell you that there is a similar application in the Microsoft Store or just basically give you a warning that this particular application is not downloaded from the Microsoft Store. There are a couple interesting sort of facets to this. For example, if you do enable downloads only from the Microsoft Store, you will not receive any warnings. It will just silently fail if you try to run another application. Also, it may affect some other file types, not just just applications that are labeled as dangerous file types and for example things like some document types and such that are often being abused can be labeled as dangerous. And then you also won't be able to open those documents. So real good thorough blog post here to better understand how Windows Smart Install works and some of the little quirks and maybe unexpected side effects. Well, and this is it for today. So thanks for listening. Thanks for subscribing. Thanks to the listeners who actually looked me up today and picked up their sticker. So thanks and talk to you again tomorrow. Bye.