Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Diary Blog Archive InfoSec Diary Blog Archive


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Search Diaries:


Archive Matrix

2003JanFebMarApr MayJunJulAugSepOctNovDec
2004JanFebMarAprMayJunJulAugSepOctNovDec
2005JanFebMarAprMayJunJulAugSepOctNovDec
2006JanFebMarAprMayJunJulAugSepOctNovDec
2007JanFebMarAprMayJunJulAugSepOctNovDec
2008JanFebMarAprMayJunJulAugSepOctNovDec
2009JanFebMarAprMayJunJulAugSepOctNovDec
2010JanFebMarAprMayJunJulAugSepOctNovDec
2011JanFebMarAprMayJunJulAugSepOctNovDec
2012JanFebMarAprMayJunJulAugSepOctNovDec
2013JanFebMarAprMayJunJulAugSepOctNovDec
2014JanFebMarAprMayJunJulAugSepOctNovDec
2015JanFebMarAprMayJunJulAugSepOctNovDec
2016JanFebMarAprMayJunJulAugSepOctNovDec
2017JanFebMarAprMayJunJulAugSepOctNovDec
2018JanFebMarAprMayJunJulAugSepOctNovDec
2019JanFebMarAprMayJunJulAugSepOctNovDec
2020JanFebMarAprMayJunJulAugSepOctNovDec
2021JanFebMarApr
Top of page

Archive Diary List

2020-4-01

DateAuthorTitle
2020-04-30Johannes UllrichISC Stormcast For Thursday, April 30th 2020 (oneliner) (0 Comments)
2020-04-30Xavier MertensCollecting IOCs from IMAP Folder (0 Comments)
2020-04-29Johannes UllrichPrivacy Preserving Protocols to Trace Covid19 Exposure (4 Comments)
2020-04-29Johannes UllrichISC Stormcast For Wednesday, April 29th 2020 (oneliner) (0 Comments)
2020-04-28Jan KoprivaAgent Tesla delivered by the same phishing campaign for over a year (0 Comments)
2020-04-28Johannes UllrichISC Stormcast For Tuesday, April 28th 2020 (oneliner) (0 Comments)
2020-04-27Xavier MertensPowershell Payload Stored in a PSCredential Object (0 Comments)
2020-04-27Johannes UllrichISC Stormcast For Monday, April 27th 2020 (oneliner) (0 Comments)
2020-04-26Didier StevensVideo: Malformed .docm File (0 Comments)
2020-04-25Didier StevensMALWARE Bazaar (3 Comments)
2020-04-24Johannes UllrichISC Stormcast For Friday, April 24th 2020 (oneliner) (0 Comments)
2020-04-24Xavier MertensMalicious Excel With a Strong Obfuscation and Sandbox Evasion (0 Comments)
2020-04-23Johannes UllrichISC Stormcast For Thursday, April 23rd 2020 (oneliner) (0 Comments)
2020-04-22Johannes UllrichISC Stormcast For Wednesday, April 22nd 2020 (oneliner) (0 Comments)
2020-04-21Johannes UllrichISC Stormcast For Tuesday, April 21st 2020 (oneliner) (0 Comments)
2020-04-21Russ McReeSpectX: Log Parser for DFIR (0 Comments)
2020-04-20Johannes UllrichISC Stormcast For Monday, April 20th 2020 (oneliner) (0 Comments)
2020-04-20Didier StevensKPOT AutoIt Script: Analysis (0 Comments)
2020-04-19Didier StevensKPOT Analysis: Obtaining the Decrypted KPOT EXE (0 Comments)
2020-04-18Guy BruneauMaldoc Falsely Represented as DOCX Invoice Redirecting to Fake Apple Store (0 Comments)
2020-04-17Johannes UllrichISC Stormcast For Friday, April 17th 2020 (oneliner) (0 Comments)
2020-04-17Xavier MertensWeaponized RTF Document Generator & Mailer in PowerShell (0 Comments)
2020-04-16Johannes UllrichUsing AppLocker to Prevent Living off the Land Attacks (0 Comments)
2020-04-16Johannes UllrichISC Stormcast For Thursday, April 16th 2020 (oneliner) (0 Comments)
2020-04-15Rob VandenBrinkNo IOCs? No Problem! Getting a Start Hunting for Malicious Office Files (10 Comments)
2020-04-15Johannes UllrichISC Stormcast For Wednesday, April 15th 2020 (oneliner) (0 Comments)
2020-04-14Renato MarinhoMicrosoft April 2020 Patch Tuesday (1 Comments)
2020-04-14Johannes UllrichISC Stormcast For Tuesday, April 14th 2020 (oneliner) (0 Comments)
2020-04-13Jan KoprivaLook at the same phishing campaign 3 months apart (0 Comments)
2020-04-13Johannes UllrichISC Stormcast For Monday, April 13th 2020 (oneliner) (0 Comments)
2020-04-12Didier StevensReader Analysis: "Dynamic analysis technique to get decrypted KPOT Malware." (0 Comments)
2020-04-11Didier StevensWireshark 3.2.3 Released: Mac Users Pay Attention Please (0 Comments)
2020-04-10Scott FendleyCritical Vuln in vCenter vmdir (CVE-2020-3952) (0 Comments)
2020-04-10Xavier MertensPowerShell Sample Extracting Payload From SSL (0 Comments)
2020-04-10Johannes UllrichISC Stormcast For Friday, April 10th 2020 (oneliner) (0 Comments)
2020-04-09Johannes UllrichISC Stormcast For Thursday, April 9th 2020 (oneliner) (0 Comments)
2020-04-08Johannes UllrichISC Stormcast For Wednesday, April 8th 2020 (oneliner) (0 Comments)
2020-04-08Brad DuncanGerman malspam pushes ZLoader malware (0 Comments)
2020-04-07Johannes UllrichIncrease in RDP Scanning (0 Comments)
2020-04-07Johannes UllrichISC Stormcast For Tuesday, April 7th 2020 (oneliner) (0 Comments)
2020-04-06Didier StevensPassword Protected Malicious Excel Files (0 Comments)
2020-04-06Johannes UllrichISC Stormcast For Monday, April 6th 2020 (oneliner) (0 Comments)
2020-04-05Guy BruneauMaldoc XLS Invoice with Excel 4 Macros (1 Comments)
2020-04-04Didier StevensNew Bypass Technique or Corrupt Word Document? (0 Comments)
2020-04-03Xavier MertensObfuscated with a Simple 0x0A (3 Comments)
2020-04-03Johannes UllrichISC Stormcast For Friday, April 3rd 2020 (oneliner) (0 Comments)
2020-04-02Johannes UllrichISC Stormcast For Thursday, April 2nd 2020 (oneliner) (0 Comments)
2020-04-02Tom WebbTPOT's Cowrie to ISC Logs (1 Comments)
2020-04-01Johannes UllrichISC Stormcast For Wednesday, April 1st 2020 (oneliner) (0 Comments)
2020-04-01Brad DuncanQakbot malspam sent from an infected Windows host (0 Comments)
Top of page