We learned over the weekend that there is an infected PDF file posing as the July OUCH! security awareness newsletter (thanks to @botherder for original notification). You can find the analysis of the PDF file at the Malwr website. While we have not found this in the wild yet, we wanted to warn the community. We recommend you always obtain OUCH! from the original OUCH! website - security-awareness.sans.org/ouch-newsletter. In addition starting with the July edition of OUCH!, all OUCH! newsletters (in all 20 languages) will be published with SHA1 hashes.