Hello, welcome to the Tuesday, January 2nd, 2018 edition of the Sansonet Storms and a Stormcast. My name is Johannes Ulrich,

and I am recording from Jacksonville, Florida. Well, I'm back in a new year after about a week of

downtime. Luckily, no major issues throughout this week, so hopefully you didn't have to rush

into the office to deal with any emergencies. A couple of our handlers were quite busy during the

week and we have a number of neat diaries that you probably want to catch up on if you didn't have a chance to read them last week.

For example, DDA talked about how to deal with obfuscated RTF files. RTF files are still often used in order to smuggle various office exploits into environments.

And in a second diary that he is talking about analyzing TNF files.

That's the transport neutral encapsulation format

that's used by Outlook and Exchange.

And Xavier looked back at last year

and the huge number of CVE numbers that were

published. We had about 14,700 CVE numbers published. That's more than double what we had

before 2016. We had about 6,400. The record so far was 2014, which was 7,900. Now, realize that last year,

the CVE numbering changed actually allowing for more than four digits in the CVE number. And in

addition, I think also a little bit the philosophy of MIDER that runs the CVE number and in addition I think also a little bit the philosophy of

mitre that runs the CVE system changed there was a lot of criticism that it was too difficult to

obtain a CVE number for some vulnerabilities and I think they changed it and are now a little bit

more open and easier in handing out CVEs.

Buck Bounties and such may also have helped here as Xavier points out and Xavier also notes that

we now have a number of CVEs for sort of non-traditional sources, like, for example, cars.

There's one for Tesla.

There's another one for BMW.

...