Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Diaries by Keyword Diaries by Keyword

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title

RAR SYMANTEC DECOMPOSER BYPASS

2008-04-22donald smithSymantec decomposer rar bypass allowed malicious content.

RAR

2021-06-11/a>Xavier MertensKeeping an Eye on Dangerous Python Modules
2019-04-22/a>Didier Stevens.rar Files and ACE Exploit CVE-2018-20250
2018-11-19/a>Xavier MertensThe Challenge of Managing Your Digital Library
2017-10-15/a>Didier StevensPeeking into .msg files
2017-08-25/a>Xavier MertensMalicious AutoIT script delivered in a self-extracting RAR file
2016-11-22/a>Didier StevensUpdate:ZIP With Comment
2016-01-20/a>Xavier Mertens/tmp, %TEMP%, ~/Desktop, T:\, ... A goldmine for pentesters!
2015-12-23/a>Rob VandenBrinkLibraries and Dependencies - It Really is Turtles All The Way Down!
2015-02-03/a>Johannes UllrichWhat is using this library?
2014-11-04/a>Daniel WesemannWhois someone else?
2013-07-10/a>Johannes Ullrich.NL Registrar Compromisse
2008-04-22/a>donald smithSymantec decomposer rar bypass allowed malicious content.

SYMANTEC

2014-08-06/a>Johannes UllrichExploit Available for Symantec End Point Protection
2014-07-30/a>Rick WannerSymantec Endpoint Protection Privilege Escalation Zero Day
2014-03-02/a>Stephen HallSymantec goes yellow
2014-02-14/a>Chris MohanSYM14-004 Symantec Endpoint Protection Management Vulnerabilities - http://www.symantec.com/business/support/index?page=content&id=TECH214866
2013-12-28/a>Russ McReeWeekend Reading List 27 DEC
2012-01-25/a>Bojan ZdrnjapcAnywhere users – patch now!
2010-05-16/a>Rick WannerSymantec triggers on World of Warcraft update
2009-12-29/a>Rick WannerWhat's up with port 12174? Possible Symantec server compromise?
2009-03-10/a>Swa Frantzenconspiracy fodder: pifts.exe
2008-04-22/a>donald smithSymantec decomposer rar bypass allowed malicious content.

DECOMPOSER

2008-04-22/a>donald smithSymantec decomposer rar bypass allowed malicious content.

BYPASS

2020-12-29/a>Jan KoprivaWant to know what's in a folder you don't have a permission to access? Try asking your AV solution...
2020-11-25/a>Xavier MertensLive Patching Windows API Calls Using PowerShell
2020-04-04/a>Didier StevensNew Bypass Technique or Corrupt Word Document?
2019-12-26/a>Xavier MertensBypassing UAC to Install a Cryptominer
2019-11-08/a>Xavier MertensMicrosoft Apps Diverted from Their Main Use
2019-07-25/a>Rob VandenBrinkWhen Users Attack! Users (and Admins) Thwarting Security Controls
2017-03-05/a>Didier StevensAnother example of maldoc string obfuscation, with extra bonus: UAC bypass
2016-12-13/a>Xavier MertensUAC Bypass in JScript Dropper
2016-11-16/a>Xavier MertensExample of Getting Analysts & Researchers Away
2015-06-16/a>John BambenekCVE-2014-4114 and an Interesting AV Bypass Technique
2014-03-13/a>Daniel WesemannIdentification and authentication are hard ... finding out intention is even harder
2013-09-18/a>Rob VandenBrinkCisco DCNM Update Released
2012-05-08/a>Bojan ZdrnjaWindows Firewall Bypass Vulnerability and NetBIOS NS
2008-04-22/a>donald smithSymantec decomposer rar bypass allowed malicious content.