Phishing
SANS ISC Diary - Broken phishing accidentally exploiting Outlook zero-day
· β˜• 1 min read
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a phishing, which accidentally exploited a 0-day vulnerability in Outlook, which allows for creation or modification of links when an e-mail is forwarded by Outlook.

SANS ISC Diary - Frankenstein's phishing using Google Cloud Storage
· β˜• 1 min read
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a strange phishing campaign, which was, due to combination of quite sophisticated and extremely amateurish components, reminiscent of the creation of Shelley’s Dr. Frankenstein.

SANS ISC Diary - Analysis of a triple-encrypted AZORult downloader
· β˜• 1 min read
A Diary of mine was published today on the SANS Internet Storm Center. In this one we take a look at analysis of an interesting malicious document which turned out to be AZORult downloader. What made it stand out - among its other aspects - were 3 layers of home-grown encryption...

SANS ISC Diary - E-mail from Agent Tesla
· β˜• 1 min read
A Diary of mine was published today on the SANS Internet Storm Center. In this one we take a look at a multi-stage downloader for Agent Tesla.

SANS ISC Diary - Analysis of a strangely poetic malware
· β˜• 1 min read
A Diary of mine was published today on the SANS Internet Storm Center. In this one we take a look at a macro-based dropper sent to the Internet Storm Center by one of our readers.