SANS
SANS ISC Diary - Couple of interesting Covid-19 related stats
· β˜• 1 min read
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at how regional travel restrictions impact (or don’t) the number of IP addresses which expose remote access protocols to the internet.

SANS@MIC - Catch and Release: Phishing Techniques for the Good Guys
· β˜• 1 min read
I did a SANS@MIC talk yesterday, in which I discussed interesting phishing techniques (mainly) from the point of view of red teamers. Since the recording was published today, if you didn’t get the chance to join us live, you may take a look at how it went on YouTube.

SANS ISC Diary - Broken phishing accidentally exploiting Outlook zero-day
· β˜• 1 min read
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a phishing, which accidentally exploited a 0-day vulnerability in Outlook, which allows for creation or modification of links when an e-mail is forwarded by Outlook.

SANS ISC Diary - Frankenstein's phishing using Google Cloud Storage
· β˜• 1 min read
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a strange phishing campaign, which was, due to combination of quite sophisticated and extremely amateurish components, reminiscent of the creation of Shelley’s Dr. Frankenstein.

SANS ISC Diary - Crashing explorer.exe with(out) a click
· β˜• 1 min read
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a vulnerability in the way Windows handles self-referential links, which makes it possible to use specially crafted URL and LNK files to crash Explorer.

SANS ISC Diary - Desktop.ini as a post-exploitation tool
· β˜• 1 min read
A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at a vulnerability in the way Windows handles desktop.ini files, which makes it possible to use them as an interesting post-exploitation tool.