Hello, welcome to the Tuesday, February 18th, 2020 edition of the Sandson and Storms,

on us Stormcast. My name is Johannes Ulrich. And the day I'm recording from Jacksonville, Florida.

All this weekend's diaries about W. Get and Curl on Windows caused quite a few comments and really some good ones.

For example, one thing I forgot to mention yesterday is that as of Windows 10,

curl can actually be found as a standard component within Windows.

Another question that came up is how to deal with W get and curl with

proxies that actually require authentication. And turns out, well, a curl in particular

a curl that comes with Windows 10 can deal with that quite nicely. It does support SSPI, the security support provider interface.

That's a Windows API that allows you to tie into the Windows authentication system. So even

in TLM authentication and such, no problem for the version of Curl that comes with Windows 10.

Now, not all versions of W-Get and Curl support this, so if you download it from a third party,

you may have to double check to see if it's available.

Also, an interesting kind of comment here I thought to the initial blog post about, well, in the one Malera sample that was discussed there,

curl was actually first downloaded via HTTP using one of the standard APIs for HTTP requests.

So it's a little bit of catch-22 here.

How do you get curl if you don't really have a HTTP request tool that you like?

But like I mentioned yesterday, there are a number of these tools already on Windows.

And sometimes people just prefer the user interface, the options they have available with

the specific Unix tools.

Now of course we remain interested in various scams around the coronavirus outbreak.

Now at this point I just see an awful lot of spam, but today the World Health

Organization, WHO, did notice that they're seeing a lot of fishing attempts trying to impersonate

...