SANS – Untrusted Network

SANS ISC Diary - Quick look at a couple of current online scam campaigns

📅 Feb 25, 2020 · ☕ 1 min read

A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at couple of online scam campaigns I came accross in the last weeks.

SANS ISC Diary - Discovering contents of folders in Windows without permissions

📅 Feb 18, 2020 · ☕ 1 min read

A Diary of mine was published today on the SANS Internet Storm Center. This one deals with a strange side effect of the way in which Windows deals with file permissions, which enables any user, regardless of permissions, to brute-force contents of any local folder.

SANS ISC Diary - Current PayPal phishing campaign or 'give me all your personal information'

📅 Feb 10, 2020 · ☕ 1 min read

A Diary of mine was published today on the SANS Internet Storm Center. In this one we take a look at a current phishing campaign which shows quite well the current “let’s get all the users' data” mentality of the attackers.

SANS ISC Diary - Analysis of a triple-encrypted AZORult downloader

📅 Feb 3, 2020 · ☕ 1 min read

A Diary of mine was published today on the SANS Internet Storm Center. In this one we take a look at analysis of an interesting malicious document which turned out to be AZORult downloader. What made it stand out - among its other aspects - were 3 layers of home-grown encryption...

SANS ISC Diary - Picks of 2019 malware - the large, the small and the one full of null bytes

📅 Jan 16, 2020 · ☕ 1 min read

A Diary of mine was published today on the SANS Internet Storm Center. In this one we take a look at what last year brought us, when it comes to malware delivered by e-mail, specifically at the smallest and largest malicious files I found in my e-mail quarantine.

SANS ISC Diary - Internet banking sites and their use of TLS... and SSLv3... and SSLv2?!

📅 Dec 13, 2019 · ☕ 1 min read

A Diary of mine was published today on the SANS Internet Storm Center. In this one we take a look at the use of TLS (and SSL) on banking sites all over the world.

SANS ISC Diary - Phishing with a self-contained credential-stealing webpage

📅 Dec 6, 2019 · ☕ 1 min read

A Diary of mine was published today on the SANS Internet Storm Center. In this one we take a look at an interesting phishing message, which carried a complete phishing web page as its attachment.

SANS ISC Diary - E-mail from Agent Tesla

📅 Dec 5, 2019 · ☕ 1 min read

A Diary of mine was published today on the SANS Internet Storm Center. In this one we take a look at a multi-stage downloader for Agent Tesla.

SANS ISC Diary - Analysis of a strangely poetic malware

📅 Dec 4, 2019 · ☕ 1 min read

A Diary of mine was published today on the SANS Internet Storm Center. In this one we take a look at a macro-based dropper sent to the Internet Storm Center by one of our readers.

SANS ISC Diary - Lessons learned from playing a willing phish

📅 Nov 26, 2019 · ☕ 1 min read

A Diary of mine was published today on the SANS Internet Storm Center. In this one we take a look at baiting phishing attackers and at some of the lessons we may learn from it.