News

Issue #25 – Volume XXII – SANS Newsbites – March 27th, 2020

Published March 27, 2020

Reposted from SANS NewsBites. Click here to read the original posting.

Read more

Help us classify Covid19 related domains https://isc.sans.edu/covidclassifier.html (login required), (Fri, Mar 27th)

Published March 27, 2020

— Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute Twitter| (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Reposted from SANS. View original.

Read more

Malicious JavaScript Dropping Payload in the Registry, (Fri, Mar 27th)

Published March 27, 2020

When we speak about “fileless” malware, it means that the malware does not use the standard filesystem to store temporary files or payloads. But they need to write data somewhere in the system for persistence or during the infection phase. If the filesystem is not used, the classic way to store data is to use the […]

Read more

ISC Stormcast For Friday, March 27th 2020 https://isc.sans.edu/podcastdetail.html?id=6928, (Fri, Mar 27th)

Published March 26, 2020

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Reposted from SANS. View original.

Read more

Very Large Sample as Evasion Technique?, (Thu, Mar 26th)

Published March 26, 2020

Security controls have a major requirement: they can’t (or at least they try to not) interfere with normal operations of the protected system. It is known that antivirus products do not scan very large files (or just the first x bytes) for performance reasons. Can we consider a very big file as a technique to […]

Read more

ISC Stormcast For Thursday, March 26th 2020 https://isc.sans.edu/podcastdetail.html?id=6926, (Thu, Mar 26th)

Published March 25, 2020

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Reposted from SANS. View original.

Read more

Issue #24 – Volume XXII – SANS Newsbites – March 24th, 2020

Published March 25, 2020

Reposted from SANS NewsBites. Click here to read the original posting.

Read more

ISC Stormcast For Wednesday, March 25th 2020 https://isc.sans.edu/podcastdetail.html?id=6924, (Wed, Mar 25th)

Published March 24, 2020

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Reposted from SANS. View original.

Read more

Recent Dridex activity, (Wed, Mar 25th)

Published March 24, 2020

Introduction This week, I’ve seen a lot of malicious spam (malspam) pushing Dridex malware.  Today’s diary, provides a quick rundown on the types of malspam I’ve seen, and it also covers what an infected Windows host looks like. The malspam I’ve seen at least 3 different themes used during the first two days of this […]

Read more

SANS CyberCast Hallway Talk: Microsoft Windows Type 1 Font Parsing 0-Day https://www.youtube.com/watch?v=VSnVbrgnXJs, (Tue, Mar 24th)

Published March 24, 2020

— Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute Twitter| (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Reposted from SANS. View original.

Read more