Podcast Detail

SANS Stormcast Monday, March 30th, 2026: More TeamPCP: telnyx; Netscaler Exploit; macOS ClickFix Fix; Windows Smart Install

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9870.mp3

previous
Podcast Logo
More TeamPCP: telnyx; Netscaler Exploit; macOS ClickFix Fix; Windows Smart Install
00:00

My Next Class

Click HERE to learn more about classes Johannes is teaching for SANS
Network Monitoring and Threat Detection In-DepthAmsterdamApr 20th - Apr 25th 2026
Application Security: Securing Web Apps, APIs, and MicroservicesSan DiegoMay 11th - May 16th 2026
Network Monitoring and Threat Detection In-DepthOnline | Arabian Standard TimeJun 20th - Jun 25th 2026
Network Monitoring and Threat Detection In-DepthRiyadhJun 20th - Jun 25th 2026
Application Security: Securing Web Apps, APIs, and MicroservicesWashingtonJul 13th - Jul 18th 2026
Application Security: Securing Web Apps, APIs, and MicroservicesOnline | British Summer TimeJul 27th - Aug 1st 2026
Application Security: Securing Web Apps, APIs, and MicroservicesLas VegasSep 21st - Sep 26th 2026

Podcast Transcript

 Hello and welcome to the Monday, March 30th, 2026
 edition of the SANS Internet Storm Center's Stormcast. My
 name is Johannes Ullrich, recording today from Orlando,
 Florida. And this episode is brought to you by the SANS.edu
 graduate certificate program in incident response. Yes, and
 TeamPCP is still keeping us busy. The latest update here
 from Ken is that they have now a number of additional
 libraries being compromised, one of them being Telnyx.
 Telnyx is a voice over IP platform. So basically it
 allows you to automate phone calls and various chatbots and
 such. Of course, this is a prime target to be then
 integrated with respective AI tools, AI chatbots and the
 like. And well, that's exactly sort of where the compromise
 hits. They did compromise a Python library that is
 actually used to interface these tools with Telnyx's REST
 API. Now, in this case, the actor wasn't able to
 compromise the GitHub repository. Instead, they
 compromised the PyPy account for Telnyx and as a result,
 were able to publish a new version. So in this particular
 case, version pinning should have protected you. And yes,
 only if you download the new compromised version, then you
 have a problem. Slightly different payloads for Windows
 and Linux or macOS in this case. And another sort of
 interesting add-on is that some of the malicious code is
 being transported as a WAV file. So that way it makes it
 a little bit more difficult to attack. Also, there are now
 more and more links between the TeamPCP crew and various
 ransomware actors. Looks like they're either kind of selling
 credentials, kind of working as an access broker here, or
 that they're in general communicating and
 collaborating with tools like, for example, Breach Forum to
 then turn what they have now into additional ransomware
 attacks. And last week, I mentioned Citrix Netscaler
 Memory Overread Vulnerability that was patched by Citrix.
 And well, we now have exploit code for this vulnerability
 and additional details thanks to watchtowr. watchTowr
 actually published a two-part blog post about this. One of
 the things they point out, it's actually two
 vulnerabilities, even though there was only one CVE
 assigned. Both vulnerabilities are similar. They are also
 similar to the prior Citrix bleed vulnerability. Under
 certain circumstances, and one of the simpler to exploit ones
 here is where you just have question mark WTX at the end
 of the specific vulnerable endpoint. So no equal sign,
 that's kind of critical, no value. In that case, memory is
 being leaked and returned as a base64 encoded cookie. So very
 convenient and also to parse and extract the data. And yes,
 this memory content does contain data from prior
 requests. And that, of course, may contain additional
 sensitive data. Very easy to exploit, as watchTowr points
 out. And it's already being exploited and being probed
 for. So definitely assume compromise. If you find any
 unpatched Citrix Netscalers in order to be exploitable, this
 Netscaler has to be configured as a SAML endpoint. Otherwise,
 this is not a vulnerable. So yes, definitely something that
 you must address this week. And like I said, assume
 compromise.
 And then we've got an interesting new feature in the
 latest update of macOS that I haven't covered yet. And it is
 security related. And that's a protection for users from
 click fix attack, where the user is being tricked into
 copy pasting a shell command into a terminal. MacOS is
 using a little bit of tricky logic here to warn the user.
 So if the warning is triggered, there is a pop up
 box basically telling the user that what they're about to do
 may possibly harm the computer. And you may
 overwrite the warning and basically just go ahead with
 the paste anyway. But this warning is only displayed
 under fairly specific circumstances. First of all,
 the copy has to happen in a browser or a messaging app.
 And then the user is only warned if they are not
 regularly using Terminal. And if they haven't like copy
 pasted recently a string into Terminal. So the idea here is
 to really only catch copy pastes from users that really
 usually don't use Terminal, don't copy paste stuff into
 Terminal. And if the source of the text they're pasting is
 basically an untrusted source from the Internet. So browsers
 and messengers. Interesting logic probably meant to avoid
 false positives and flooding people with alerts, which of
 course often leads to alert fatigue and has sort of
 counterproductive effects. If you have experienced it or if
 you have sort of a good Apple write up, which I haven't seen
 yet, I've really only seen sort of reverse engineering
 that users have done by experimenting with that
 feature. And a little bit related and thanks for Caleb
 for learning me of this blog post is a blog post by Eric
 Law that explains a little bit more detail how the Windows
 Smart Install works. Not a new feature, but I don't really
 see it implemented quite often enough. And it's essentially
 intended to protect Windows users from downloading
 malicious software. Now, typically on Windows, you're
 by default allowed to just download software and run it.
 You'll get a warning that it's downloaded from the Internet.
 That's that famous mark of the Web. But you can be more
 restrictive where you in the most restrictive case only
 allow software to be downloaded from the Microsoft
 Store or in sort of the immediate cases. It will tell
 you that there is a similar application in the Microsoft
 Store or just basically give you a warning that this
 particular application is not downloaded from the Microsoft
 Store. There are a couple of interesting sort of facets to
 this. For example, if you do enable downloads only from the
 Microsoft Store, you will not receive any warnings. It will
 just silently fail if you try to run another application.
 Also, it may affect some other file types, not just
 applications that are labeled as dangerous file types. And
 for example, things like some document types and such that
 are often being abused can be labeled as dangerous. And then
 you also won't be able to open those documents. So, real good
 thorough blog post here to better understand how Windows
 Smart Install works and some of the little quirks and maybe
 unexpected side effects. Well, and this is it for today. So,
 thanks for listening. Thanks for subscribing. Thanks to the
 listeners who actually looked me up today and picked up
 their sticker. So, thanks and talk to you again tomorrow.
 Bye.