Hello and welcome to the Tuesday, June 17th,

2000, 25 edition of the Sands and then at Storm Center's Stormcast.

My name is Johannes Ulrich,

and this episode brought you by the Sands.edu credit certificate program in Incent

Response is recorded in Jacksonville, Florida.

Well, and today we have a diary by DDA following up on yesterday's diary by

Xavier.

Of course, Xavier talked about extracting data from JPEX.

So, well, DDA, of course, has a better tool for it, JPEC dump that makes it pretty

straightforward to extract data blocks

like the one that Xabier found with the encoded DLL yesterday.

And it even then allows you to push the data to various other tools like head-tail, for example,

or to the byte stats tool,

which gives you more detail about the composition of particular parts of the file

and also how to better than extract the related malware.

A while ago after Microsoft announced its new recall feature in Windows 11,

there was a lot of feedback from privacy advocates.

Windows recall, again, takes snapshots, screenshots, screenshots and such of your system periodically,

and then using Microsoft's AI tools allows you to then

radically search these screenshots for any items of interest. This, of course, meant to be sort of a

usability feature for Windows, but of course all that data must be stored.

It's stored on your local device and based on some of the feedback that Microsoft

...