Hello, welcome to the Wednesday, July 29th, 2020 edition of the Sandrine Storm Center's Stormcast.

My name is Johannes Ulrich.

And today I'm recording from Jacksonville, Florida.

Starting out today with a couple quick updates regarding some of the data feeds that we offer on our website. Two new data

feeds here. First one that lists cloud IPs, IP addresses being used by various cloud providers.

Now, right now we sort of have the top five cloud providers or so, but working on adding more to the list. So if you have any

that I missed that I should add, please let me know. Secondly, a feat that I call the Intel

feed. Now, that's really just sort of a list of around the top 50,000, you know, the top

significant IP addresses that we have and a couple

attributes for them, like, for example, which ports they scan, if they're scanning ports,

as H-scanners, but also things like, for example, name servers for top-level domains.

So certainly things that you don't want to block or if you see some misbehavior,

you probably do want to know about. Take a look at a diary for more details or just see

ISC.sance.edu slash API for details. And Emotette is adding some new tricks to its arsenal.

In addition to just using a user's email box to come up with contacts and email bodies

to sort of inject itself into existing conversations,

Emotet will now also look for existing attachments that are sitting in the victim's inbox and then

reuse them in order to spread itself.

So this is supposed to make Imotet more plausible and make it more likely that a victim will

actually activate it.

And Adobe released another update for its e-commerce software suite Magento.

And unlike the updates last week, this is one that you certainly have to take quite serious.

...