Hello, welcome to the Monday, May 23rd, 2016 edition of the Santernet Storm Center's Stormcast.

My name is Johannes Ulrich, and I am recording from Seattle, Washington.

If you are doing forensics on a system, one question that often needs to be answered is if a particular file, let's say some malware on the system, was opened by the user.

Pascal ran into an interesting issue here if this file is part of a SIP file.

Turns out that WINSIP, when you open the file directly, without first unsipping the

particular archive, does not record that a file was opened and so in an investigation

you may easily miss this particular artifact.

However, depending on the application that's then being used to open the file, for example,

Office or Adobe Agrabat, this application may very well record that the file has been opened,

but that apparently depends somewhat on the application that was used to open the file.

And OVASP is planning to overhaul and update its top 10 vulnerability list.

This is of course a big project, very visible, and they're now asking for input from the community

as to what vulnerabilities you're seeing in your environment.

The deadline for any submissions is July 20th and they tweeted a URL to a survey that you

can use to participate in this project.

The last version of the OVASp Top 10 was released in 2013.

This update may be released this year, but as the call for input points out, may have

to wait until next year.

And Google released version 4 of its safe browsing API.

This is in particular important for developers that integrate these

APIs into their own product. Now the main change here is that it is now possible to get

distinct lists for various device types. So for example, specifically for mobile devices.

...