Category: SANS Internet Storm Center, InfoCON: green

In diary entry “Quick Howto: Extract URLs from RTF files” I mentioned ZIP files. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Quick Howto: ZIP Files Inside RTF, (Mon, Mar 2nd)

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, March 2nd, 2026…

Read more →

It&#x27s Friday, let&#x27s have a look at another simple piece of malware to close a busy week! I received a Fedex notification about a delivery. Usually, such emails are simple phishing attacks that redirect you to a fake login page…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, February 27th, 2026…

Read more →

[This is a Guest Diary by Austin Bodolay, an ISC intern as part of the SANS.edu BACS program] This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Finding Signal in the Noise: Lessons…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Thursday, February 26th, 2026…

Read more →

This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: The CLAIR Model: A Synthesized Conceptual Framework for Mapping Critical Infrastructure Interdependencies [Guest Diary], (Wed, Feb 25th)

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Wednesday, February 25th, 2026…

Read more →

In 2010, OWASP added “Unvalidated Redirects and Forwards” to its Top 10 list and merged it into “Sensitive Data Exposure” in 2013. Open redirects are often overlooked, and their impact is not always well understood. At first, it does not…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, February 24th, 2026…

Read more →

In his last two diaries, Xavier discussed recent malware campaigns that download JPEG files with embedded malicious payload[1,2]. At that point in time, I&#x27ve not come across the malicious “MSI image” myself, but while I was going over malware samples…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, February 23rd, 2026…

Read more →

Introduction This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Japanese-Language Phishing Emails, (Sat, Feb 21st)

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, February 20th, 2026…

Read more →

[This is a Guest Diary contributed by John Moutos] This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Under the Hood of DynoWiper, (Thu, Feb 19th)

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Thursday, February 19th, 2026…

Read more →

A few days ago I wrote a diary called “Malicious Script Delivering More Maliciousness”[1]. In the malware infection chain, there was a JPEG picture that embedded the last payload delimited with “BaseStart-” and “-BaseEnd” tags. This article has been indexed…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Wednesday, February 18th, 2026…

Read more →

This morning, I received an interesting phishing email. I’ve a “love & hate” relation with such emails because I always have the impression to lose time when reviewing them but sometimes it’s a win because you spot interesting “TTPs” (“tools,…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, February 17th, 2026…

Read more →