Hello and welcome to the Monday, May 19th,

2000, 25 edition of the Sands and its Storm Center's Stormcast.

My name is Johannes Ulrich,

and this episode brought you by the Sands EDU Graduate Certificate Program

in Industrial Control System Security is recorded today in Jacksonville, Florida.

Well, and as the last few weekends, D.D.A. has a new version of XOR search for us.

I guess that's how D.D.A. is spending his weekends, making XOR search better.

Fundamentally, XR. Search is meant to extract strings from files.

That's sort of where the search part comes from.

Of course, we have no regular expressions and all kinds of good things that were added these last few weeks.

But what we got now is to manipulate the output further, you may now define a Python function as, for example,

just simply is printable. You're using a dash capital P for that, that will then filter

out all printable characters, making output potentially more readable.

And last week, the Serity initiative by Trent Micro did conduct another

Pondone context. They're always attached to larger security conferences and are promising

substantial money for new vulnerabilities and that are actually being demonstrated as

exploitable as part of the context.

The big theme here in my opinion was Perlidge Escalation and Virtual Machine Escape.

There were a number of different vulnerabilities in, for example, Redhead, Windows 11 being

demonstrated also on the Virtual Machine escape front, virtual box and VMware

were exploited. Interesting contest, they are reporting all these vulnerabilities to respective

manufacturers. And I think I actually heard some browser vulnerabilities, like in Firefox,

...