Hello and welcome to the Friday, January 20th,

2000, 23 edition of the Sands and at Storm Center's Stormcast.

My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida.

Jan today took another look at SPF and DMARC records and this time

Jan focused on the top 100,000

domains to see how well

DMR SPF and these other technologies

are implemented. Well it turns out

not a big surprise here but the popular domain

the more likely it does have useful records

installed here, but still even for the top 1,000 of these domains, there are still a lot of

gaps left. One problem that you may be seeing here with these very popular domains is that they are often associated with very large organizations.

And the larger organization, the more difficult it tends to be to limit what mail servers are allowed to send email.

And that, of course, is what these SPF and DMark records are typically

all about. And remember December patch Tuesday long, long time ago, but Microsoft announced

a vulnerability in Sysmon, and this was certainly an interesting vulnerability, as Sysmon is often used sort of to instrument the network to detect Sysmon and this was certainly an interesting vulnerability as Sysmon is often used sort of to instrument

the network to detect security issues, but in this case due to this vulnerability, Sysmone could

be sort of turned against you. Now thanks to Jay for pointing out that exploit has been

released for this vulnerability.

The exploit comes courtesy of the individual who actually found this particular vulnerability,

reported it to Microsoft back in June last year.

And with this exploit being available now,

...