-
ISC Stormcast For Monday, December 8th, 2025 https://isc.sans.edu/podcastdetail/9728, (Mon, Dec 8th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
AutoIT3 Compiled Scripts Dropping Shellcodes, (Fri, Dec 5th)
AutoIT3[1] is a powerful language that helps to built nice applications for Windows environments, mainly to automate tasks. If it looks pretty old, the latest version was released last September and it remains popular amongst developers, for the good… or the bad! Malware written in AutoIt3 has existed since the late 2000s, when attackers realized…
-
ISC Stormcast For Friday, December 5th, 2025 https://isc.sans.edu/podcastdetail/9726, (Fri, Dec 5th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
ISC Stormcast For Thursday, December 4th, 2025 https://isc.sans.edu/podcastdetail/9724, (Thu, Dec 4th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
![Nation-State Attack or Compromised Government? [Guest Diary], (Thu, Dec 4th)](/wp-content/uploads/2025/12/Jackie_Nguyen_pic1-YyeV9W.png)
Nation-State Attack or Compromised Government? [Guest Diary], (Thu, Dec 4th)
[This is a Guest Diary by Jackie Nguyen, an ISC intern as part of the SANS.edu BACS program] The ISC internship didn’t just teach me about security, it changed how I thought about threats entirely. There’s something intriguing about watching live attacks materialize on your DShield Honeypot, knowing that somewhere across the world, an attacker…
-
Attempts to Bypass CDNs, (Wed, Dec 3rd)
Currently, in order to provide basic DDoS protection and filter aggressive bots, some form of Content Delivery Network (CDN) is usually the simplest and most cost-effective way to protect a web application. In a typical setup, DNS is used to point clients to the CDN, and the CDN will then forward the request to the…
-
ISC Stormcast For Wednesday, December 3rd, 2025 https://isc.sans.edu/podcastdetail/9722, (Wed, Dec 3rd)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
ISC Stormcast For Tuesday, December 2nd, 2025 https://isc.sans.edu/podcastdetail/9720, (Tue, Dec 2nd)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
-
![[Guest Diary] Hunting for SharePoint In-Memory ToolShell Payloads, (Tue, Dec 2nd)](/wp-content/uploads/2025/12/2025-12-02_figure1-UHamgO.png)
[Guest Diary] Hunting for SharePoint In-Memory ToolShell Payloads, (Tue, Dec 2nd)
[This is a Guest Diary by James Woodworth, an ISC intern as part of the SANS.edu Bachelor’s Degree in Applied Cybersecurity (BACS) program [1]. In July 2025, many of us were introduced to the Microsoft SharePoint exploit chain known as ToolShell. ToolShell exploits the deserialization and authentication bypass vulnerabilities, CVE-2025-53770 [2] and CVE-2025-53771 [3], in…
-
ISC Stormcast For Monday, December 1st, 2025 https://isc.sans.edu/podcastdetail/9718, (Mon, Dec 1st)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
