Hello, welcome to the Wednesday, December 16th, 2020 edition of the Sandcent Storms, Stormcast.

My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida while teaching at the Cyber Defense Initiative in Washington, D.C.

A lot of news still about solar winds, nothing really fundamentally different from what

we already talked about.

Solar Winds has sent emails to affected and non-affected customers.

So if you are a customer, you should have received an email that should state if you downloaded

or didn't download an affected version of solar winds. There's also a lot of speculations

around this event, of course, like with any big event. And be a little bit careful here.

If you read some interesting, exciting news, that you double check it, try to find original sources, and try to verify it with other independent sort of news outlets to figure out if this is something to really worry about.

And a little bit related to this, well, Did he Stevens, he went to Virus Total to look for

some of Fire Ice stolen tools, given that they published the signatures, and he found some

malicious documents that apparently were used in the past in some penetration tests,

and he shows you how to analyze these particular tools, of course, taking advantage of his

favorite tool, Olli Dump.

The document he found is actually reasonably straightforward, so real nice sample if you want to hone your

reverse analysis skills.

And talking about DDA, DDA was also awarded one of the 2020 Difference Makers Awards by Sands.

This is something that Sands Awards always at this

Cyber Defense Initiative conference. It's happening right now, which of course is typically

also the last conference of the year. This year, of course, no big awards ceremony. Instead,

we'll have a webcast on Thursday where the different

winners of the award this year are introduced. And if I've fixed three vulnerabilities in

...