SANS ISC Diary

SANS ISC Diary - A phishing with invisible characters in the subject line

📅 Oct 28, 2025 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at an unusual phishing message which contained “invisible” characters in its subject line…

SANS ISC Diary - A quick look at sextortion at scale: 1,900 messages and 205 Bitcoin addresses spanning four years

📅 Sep 2, 2025 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll discuss the analysis of approximately 1,900 sextortion e-mails spanning years 2021-2025, and look at interesting statistical data that resulted from this analysis…

SANS ISC Diary - Do sextortion scams still work in 2025?

📅 Aug 6, 2025 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll discuss whether sextortion scams are still effective in 2025…

SANS ISC Diary - How quickly do we patch? A quick look from the global viewpoint

📅 Jul 21, 2025 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at how quickly do we – as a global society – patch actively-exploited vulnerabilities when it comes to our internet-facing systems…

SANS ISC Diary - Phishing e-mail that hides malicious link from Outlook users

📅 Jun 4, 2025 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at an interesting phishing e-mail that hides the link to a malicious site from Oulook users…

SANS ISC Diary - Another day, another phishing campaign abusing google.com open redirects

📅 May 14, 2025 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at an actively exploited open redirect vulnerability in Google Travel service that enables threat actors to craft links pointing to www.google.com which cause redirection to an arbitrary URL…

SANS ISC Diary - It's 2025... so why are obviously malicious advertising URLs still going strong?

📅 Apr 21, 2025 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at a phishing campaign, in which Google Ad service was used for redirection of victims, and at security weaknesses of web-based ad services in general…

SANS ISC Diary - A Tale of Two Phishing Sites

📅 Mar 28, 2025 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at two phishing sites based on the same phishing kit, that differed significantly (not just) in the level of obfuscation…

SANS ISC Diary - SSL 2.0 turns 30 this Sunday... Perhaps the time has come to let it die?

📅 Feb 7, 2025 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at an upcoming 30-year anniversary of the publication of SSL 2.0, and on the number of internet-exposed systems that still support this protocol…

SANS ISC Diary - An unusual 'shy z-wasp' phishing

📅 Jan 27, 2025 · ☕ 1 min read

A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at an unusual phishing message, in which two different techniques for splitting text using unrendered characters were used with the intention of bypassing security scans…