News

ISC Stormcast For Friday, May 29th 2020 https://isc.sans.edu/podcastdetail.html?id=7016, (Fri, May 29th)

Published May 28, 2020

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Reposted from SANS. View original.

Read more

Flashback on CVE-2019-19781, (Thu, May 28th)

Published May 28, 2020

First of all, did you know that the Flame[1] malware turned 8 years today! Happy Birthday! This famous malware discovered was announced on May 28th, 2012. The malware was used for targeted cyber espionage activities in the Middle East area. If this malware was probably developed by a nation-state organization. It infected a limited amount […]

Read more

ISC Stormcast For Thursday, May 28th 2020 https://isc.sans.edu/podcastdetail.html?id=7014, (Thu, May 28th)

Published May 27, 2020

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Reposted from SANS. View original.

Read more

Frankenstein's phishing using Google Cloud Storage, (Wed, May 27th)

Published May 27, 2020

Phishing e-mail messages and/or web pages are often unusual in one way or another from the technical standpoint – some are surprisingly sophisticated, while others are incredibly simple, and sometimes they are a very strange mix of the two. The latter was the case with an e-mail, which our company e-mail gateway caught last week […]

Read more

ISC Stormcast For Wednesday, May 27th 2020 https://isc.sans.edu/podcastdetail.html?id=7012, (Wed, May 27th)

Published May 26, 2020

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Reposted from SANS. View original.

Read more

Seriously, SHA3 where art thou?, (Tue, May 26th)

Published May 26, 2020

A couple weeks ago, Rob wrote a couple of nice diaries. In our private handlers slack channel I was joking after the first one about whether he was going to rewrite CyberChef in PowerShell. After the second I asked what about SHA3? So, he wrote another one (your welcome for the diary ideas, Rob). I was only […]

Read more

Issue #42 – Volume XXII – SANS Newsbites – May 26th, 2020

Published May 26, 2020

Reposted from SANS NewsBites. Click here to read the original posting.

Read more

ISC Stormcast For Tuesday, May 26th 2020 https://isc.sans.edu/podcastdetail.html?id=7010, (Tue, May 26th)

Published May 26, 2020

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Reposted from SANS. View original.

Read more

Zloader Maldoc Analysis With xlm-deobfuscator, (Sun, May 24th)

Published May 25, 2020

Reader Roland submitted a malicious Zloader Excel 4 macro spreadsheet (MD5 82c12e7fe6cabf5edc0bdaa760b4b8c8). It’s typical of the samples we have seen these last weeks, with heavy formula obfuscation: These maldocs can now easily be analysed with xlm-deobfuscator: I also created a short video: Didier Stevens Senior handler Microsoft MVP blog.DidierStevens.com DidierStevensLabs.com (c) SANS Internet Storm Center. […]

Read more

Wireshark 3.2.4 Released, (Sun, May 24th)

Published May 24, 2020

Wireshark version 3.2.4 was released. It has a vulnerability fix and bug fixes. A vulnerability in the NSP dissector can be abused to cause a crash. Didier Stevens Senior handler Microsoft MVP blog.DidierStevens.com DidierStevensLabs.com (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Reposted from SANS. View original.

Read more