Hello and welcome to the Thursday, July 6, 2020,

edition of the Sansonet Storm Center's Stormcast.

My name is Johannes Ulrich, and the time I'm recording from Jacksonville, Florida.

For the PFCense users out here, you probably noted that there is a new version of a PF 2.7 if you're using the Community Edition or 2301 if you're using PFSense Plus.

We have an update for the client, for the D-Shield client if you're using PFSense.

So please update it.

That way you'll continue to submit logs to our database.

And thanks to Yishin, who has taken over the update of the client, so he'll be able to make

any additional changes as they may be necessary.

And Manuel took a look at industrial control systems exposed to the Internet in particular.

Manuel focused on HMI's.

These are these human management interface.

Essentially computers being used to control, industrial control systems.

He found about 500 exposed systems.

I'm actually surprised the number so low.

I would have expected more of them,

but then realized that each one of those systems

probably has many, many different actual systems,

actual industrial systems connected to them.

VNC is one of the big culprits here that is being used to expose these systems, almost half of them, and that without authentication. A couple more details in

Manuel's diary. And then DDA again shows how to use his Python scripts in order to some malware analysis.

The latest problem that DDA is trying to tackle is how to deal with custom encoding.

...