Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Diaries by Keyword - SANS Internet Storm Center Diaries by Keyword


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title
2018-12-05Brad DuncanCampaign evolution: Hancitor changes its Word macros
2018-12-04Brad DuncanMalspam pushing Lokibot malware
2018-11-29Brad DuncanRussian language malspam pushing Shade (Troldesh) ransomware
2018-11-15Brad DuncanEmotet infection with IcedID banking Trojan
2018-11-14Brad DuncanDay in the life of a researcher: Finding a wave of Trickbot malspam
2018-10-31Brad DuncanMore malspam using password-protected Word docs
2018-10-30Brad DuncanCampaign evolution: Hancitor malspam starts pushing Ursnif this week
2018-09-26Brad DuncanOne Emotet infection leads to three follow-up malware infections
2018-08-15Brad DuncanMore malspam pushing password-protected Word docs for AZORult and Hermes Ransomware
2018-08-02Brad DuncanDHL-themed malspam reveals embedded malware in animated gif
2018-07-27Brad DuncanMalspam with password-protected Word docs pushes Hermes ransomware
2018-07-24Brad DuncanRecent Emotet activity
2018-04-12Brad DuncanGlitch in malspam campaign temporarily reduces spread of GandCrab
2017-11-30Brad DuncanMore Malspam pushing Emotet malware
2017-10-19Brad DuncanHSBC-themed malspam uses ISO attachments to push Loki Bot malware
2017-10-17Brad DuncanHancitor malspam uses DDE attack
2017-09-18Xavier MertensGetting some intelligence from malspam
2017-09-01Brad DuncanMalspam pushing Locky ransomware tries HoeflerText notifications for Chrome and FireFox
2017-07-26Brad DuncanMalspam pushing Emotet malware
2017-07-14Brad DuncanNemucodAES and the malspam that distributes it
2017-06-28Brad DuncanCatching up with Blank Slate: a malspam campaign still going strong
2017-05-24Brad DuncanJaff ransomware gets a makeover
2017-04-11Brad DuncanDridex malspam seen on Monday 2017-04-10
2017-02-10Brad DuncanHancitor/Pony malspam