Hello, welcome to the Wednesday, November 25th, 2020 edition of the San Santernet Storm Center's Stormcast.

My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida.

Quick diary today with a couple just quick notes about TCP resets.

For example, why you may see TCP resets without sequence number,

a sequence number of zero, or YMAC TCP resets with payload.

So for the packet nerds here, something to read up on.

And VMware this week did release a bulletin announcing a critical vulnerability with a CVSS score of 9.1, affecting a number of their products.

VMware Workspace 1 Access, Access Connector, Identity Manager and Identity Manager connector.

The problem is there is no patch available.

Instead, VMware did publish some workarounds that essentially involve moving configuration file.

So if you're running these products, take a look at the bulletin.

At this point, no exploits have been cited in the wild.

The vulnerability was reported privately.

An attacker also needs to have access to the administrative console on port 8443,

and they do need to have some credentials to actually

execute the commands. Okay, well, we have a long weekend here ahead of us and I'm a strict believer

and not starting Christmas stuff till after Thanksgiving, but a little exception here for

special guest at Scotus to talk about his latest encounters with Mr. Kringle.

Hey, Johannes, thank you. I do appreciate you're making that exception. It's great to talk with you again.

Yeah, so Kregelcon coming up again and the Holiday Hack Challenge. Can you tell us a little bit about what we should expect this year?

Oh, sure. So remember, this is something that Sands does for the community every year. It's completely free. And it'll launch the second

week of December, but people can register for it now. But the idea is it's super high quality

...