Hello and welcome to the Monday, July 10, 2020,

edition of the Sansonet Storm Center's Stormcast.

My name is Johannes Ulrich,

and today I'm recording from Washington, D.C.

arrived earlier today here for Sands Fire, of course.

I frequently talk on this podcast about DDA's malware analysis tools.

They're famously effective, for example, if you are attempting to analyze malicious office

documents, but also a number of hand utilities that are part of DDA's tool suite.

Well, it can be a little bit tricky to get them all installed and such, so Xavier did publish

a Docker container with all of DDA's tools pre-installed, and just this weekend announced that he updated it with the

very latest version, also fixing some issues that the Docker container had. So this is probably

your simplest way to get started with all of these tools if you have not yet installed them

directly on your system. And in addition, if you are analyzing yet installed them directly on your system.

And in addition, if you are analyzing Malware,

having the analysis happening in a container, of course,

gives you a neat additional level of isolation.

And I told you to keep watching out for new Movit vulnerabilities.

Well, progress software, the company behind Moved,

released a service pack fixing yet another critical sequel injection vulnerability.

Exploiting of the vulnerability does not require authentication,

and with that, the attacker could modify the data

or retrieve data from the database. It doesn't mention anything here about remote code execution.

...