SANS
SANS ISC Diary - Broken phishing accidentally exploiting Outlook zero-day
SANS ISC Diary - Broken phishing accidentally exploiting Outlook zero-day
· β˜• 1 min read
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a phishing, which accidentally exploited a 0-day vulnerability in Outlook, which allows for creation or modification of links when an e-mail is forwarded by Outlook.
SANS ISC Diary - Frankenstein's phishing using Google Cloud Storage
SANS ISC Diary - Frankenstein's phishing using Google Cloud Storage
· β˜• 1 min read
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a strange phishing campaign, which was, due to combination of quite sophisticated and extremely amateurish components, reminiscent of the creation of Shelley’s Dr. Frankenstein.
SANS ISC Diary - Crashing explorer.exe with(out) a click
SANS ISC Diary - Crashing explorer.exe with(out) a click
· β˜• 1 min read
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a vulnerability in the way Windows handles self-referential links, which makes it possible to use specially crafted URL and LNK files to crash Explorer.
SANS ISC Diary - Desktop.ini as a post-exploitation tool
SANS ISC Diary - Desktop.ini as a post-exploitation tool
· β˜• 1 min read
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a vulnerability in the way Windows handles desktop.ini files, which makes it possible to use them as an interesting post-exploitation tool.