Hello, welcome to the Monday, May 11th, 2020 edition of the Sansonet Storm Center's Stormcast.

My name is Johannes Ulrich.

And I'm recording from Jacksonville, Florida.

Well, we got a new version of Yara, Yara version 4.

Now, Yara is the language that's developed by virus total order to essentially

sort of write simple signatures to find files, kind of like an open source anti-virus language.

And in version 4, we now have the ability to match base 64 strings.

The main result here is that it's easier to write rules that contain BAS-D-4 encoded strings.

Of course, in the prior version of Yara, you could just do the encoding yourself and then

essentially match the resulting ASCII string.

And in case you wonder, the acronym, Yara just stands for yet another ridiculous acronym or Yara

another recursive acronym.

And one thing I have talked about in the last couple of weeks is the vulnerability in Saltstack.

Well, we now got a patch from VMware in there.

We realized product that apparently does integrate with Saltstack,

so they had to fix this vulnerability as well.

Two actual vulnerabilities.

One is the critical authentication bypass vulnerability, and then

a directory traversal vulnerability that affect this V-realized product.

And if you are using a Samsung Android phone, you probably want to pay attention to the

May update for Android that was released

by Samsung.

...