Hello and welcome to the Monday, October 27th, 2025 edition of the Sands Internet Storm Center's Stormcast.

My name is Johannes Ulrich, recording today from Jacksonville, Florida.

And this episode is brought you by the sands.edu graduate certificate program in Purple Team Operations.

Got two diaries this weekend, first one from Gieghiab. certificate program in Purple Team Operations.

Got two diaries this weekend.

First one from Guy, Ghee being French-Canadian, so his first language is French.

He's actually seeing quite a few fishing emails coming in in French and then identical emails pretty much coming in in English.

This is something that I've always

a little bit wondered about how much of the language of these phishing emails is targeted

to the recipients. Of course, in particular in Canada, it's a little bit hard to tell if a particular

person speaks French, doesn't speak French, but interesting that essentially

the same email is being used for French as well as English. And, well, I guess attackers

are trying to appeal them more to speakers of French because they are often more used.

I notice from Germany as well that the majority of phishing emails is in English.

So whenever there is one in a person's native language, if that's not English, that of course has a somewhat higher chance of success.

And then we have a second diary this weekend from DDA.DTA attended

recently the hack.LU conference.

And at the conference, he saw an interesting presentation from developers of Kaitai Struct.

This is a tool that is being used to analyze malware often.

It basically allows you to analyze various binary formats. Well, they now have a web IDE available that essentially implements everything

in JavaScript. It allows you without having to install any specific tool to simply just run

this cut-hhigh struct tool.

...