SANS ISC Diary

SANS ISC Diary - From a small BAT file to Mass Logger infostealer

📅 Jan 4, 2021 · ☕ 1 min read

A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at an interesting BAT file from 2020, which turned out to be a downloader for the Mass Logger infostealer.

SANS ISC Diary - TLS 1.3 is now supported by about 1 in every 5 HTTPS servers

📅 Dec 30, 2020 · ☕ 1 min read

A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at the increse in support of TLS 1.3 by HTTPS servers and the decrease in support of SSL 2.0.

SANS ISC Diary - Want to know what's in a folder you don't have a permission to access? Try asking your AV solution...

📅 Dec 29, 2020 · ☕ 1 min read

A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look a small issue present in many anti-malware tools, which may be used to bypass file system level folder listing permissions.

SANS ISC Diary - A slightly optimistic tale of how patching went for CVE-2019-19781

📅 Dec 18, 2020 · ☕ 1 min read

A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at how many publicly accessible systems are still vulnerable to CVE-2019-19781, AKA Shitrix.

SANS ISC Diary - Vulnerabilities don’t disappear just because we don’t talk about them anymore

📅 Nov 16, 2020 · ☕ 1 min read

A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at couple of pre-2020 high-impact vulnerabilities, which still affect surprising number of publicly accessible systems.

SANS ISC Diary - SMBGhost - the critical vulnerability many seem to have forgotten to patch

📅 Oct 28, 2020 · ☕ 1 min read

A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at the concerning number of machines connected to the internet, that are still not patched for the critical SMBGhost vulnerability.

SANS ISC Diary - BazarLoader phishing lures: plan a Halloween party, get a bonus and be fired in the same afternoon

📅 Oct 22, 2020 · ☕ 1 min read

A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at phishing campaigns spreading BazarLoader malware and the lures which they use.

SANS ISC Diary - Phishing kits as far as the eye can see

📅 Oct 9, 2020 · ☕ 1 min read

A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at phishing kits, which are offered on the indexed part of the web.

SANS ISC Diary - Slightly broken overlay phishing

📅 Sep 21, 2020 · ☕ 1 min read

A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at an interesting (and slightly broken) phishing campaign, which overlays legitimate pages with fake login prompts.

SANS ISC Diary - A blast from the past - XXEncoded VB6.0 Trojan

📅 Sep 4, 2020 · ☕ 1 min read

A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a campaign in which the malicious actors decided to go reall “old school” when it comes to file formats they would use.