Hello and welcome to the Thursday, May 11, 2020,

edition of the Science and its Storms anders Stormcast.

My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida.

In Diaries today, we have the second part of Russ's exploratory data analysis with System Cyber Attacks database.

In the first part, he talked a little bit about how to use this open source database of

attack data and use it a couple different tools.

This second part now particular focuses on some models that you can build around it to

sort of forecast. So what's going to happen with data? That's of course always interesting if

you're looking for anomalies that are deviating from this forecast behavior. So some things like

exponential smoothing, Jupiter notebooks in order to

actually conduct some of this analysis. Lots of details here. If you're into data analysis,

that's of course nice to follow through with. And this system dataset certainly sounds like a nice resource

to have some realistic data to play with.

And remember back in March,

Microsoft fixed vulnerability in outlook

that actually had already been exploited at that point in time.

The big problem here was that that hacker could send an email with a custom sound URL.

There is a feature in outlook, no idea why, that allows you to embed sounds in your email.

And just by previewing the email, then the system would attempt to download this file

from a remote source, which if you're using SMB as your protocol here, could result

in leaking NTLM credentials.

So this was a problem, was a real problem in Outlook.

...