Hello, welcome to the Friday, July 22nd, 2022 edition of the Sandtonet Storm Center's Stormcast.

My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida.

The user of non-asky characters in programming languages is becoming more common.

For example, Apple's Swift language supports

full Unicode and some vulnerabilities around the use of Unicode and editors have already been

reported in recent months. But DDA's diary from today is about a bit a different issue.

DDA took a look at Visual Basic for Application, VBA code, using non-asky variables.

Well, first of all, surprise for an older language like this, it actually works.

Now, there's still one-bite characters.

They're not a Unicode per se.

Just the first bit of the bite is set, making them sort of non-standard asky characters.

By default, DDA's Oli Dumb script is creating somewhat unreadable output in these cases,

and this may be one of the goals here, making

reverse analysis more difficult. But of course, DDA came up with a decoder plugin and

options to help. The decoder plugin will at least find statements that make it easier

to find important features like URLs that are being used to

download additional malware, which of course we often have in these macros. Plus, with the new

option added by the data, the code will also be easier to read. And Cisco yesterday published

seven new security bulletins.

Out of these seven, the bulletin disclosing three vulnerabilities in Cisco's Nexus dashboard

was the only bulletin rated critical.

It is a bulletin that you should pay attention to if you are running this software.

...