A Diary of mine was published today on the SANS Internet Storm Center. In this one we take a look at a multi-stage downloader for Agent Tesla.

A Diary of mine was published today on the SANS Internet Storm Center. In this one we take a look at a macro-based dropper sent to the Internet Storm Center by one of our readers.

A Diary of mine was published today on the SANS Internet Storm Center. In this one we take a look at baiting phishing attackers and at some of the lessons we may learn from it.

A Diary of mine was published today on the SANS Internet Storm Center. If you wondered whether the recent 'BlueKeep worm scare' had any impact when it comes to the number of vulnerable systems out there, then this one is for you.

A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at the absence of filtering of EML attachments in O365 and what it can lead to.

A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at SPF and when even SPF-enabled domains may be spoofed.

A Guest Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at analyzing a malicious LNK file which leads us to a sample of Trickbot.

A Guest Diary of mine was published today on the SANS Internet Storm Center. In this one, I discuss open redirect vulnerabilities and how to find them. If you’ve never heard of open redirects, this might be a useful introductory text.

A Guest Diary of mine was published today on the SANS Internet Storm Center. If you’ve wondered how do the less usual cyber attacks look, it might be worth a read…