Category: SANS™ Internet Storm Center

[This is a Guest Diary by Jean-Luc Hurier, an ISC intern as part of the SANS.edu BACS program] Background In April 2020, at the height of the global pandemic, virtualization was in high demand.  During that

Microsoft today released patches for 71 vulnerabilities. 16 of these vulnerabilities are considered critical. One vulnerability (CVE-2024-49138) has already been exploited, and details were made public before today's patch release. Significant Vulnerabilities CVE-2024-49138: This vulnerability affects

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

[This is a Guest Diary by Chris Kobee, an ISC intern as part of the SANS.edu Bachelor's Degree in Applied Cybersecurity (BACS) program [1]. Business Email Compromise (BEC) is a lucrative attack, which FBI data shows

[This is a Guest Diary by Robert Cao, an ISC intern as part of the SANS.edu BACS program] As a cybersecurity professional, I've always prided myself on my technical skills—understanding protocols, setting up secure systems, and

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

I found a sample that is a Word document with an embedded executable. I'll explain how to extract the embedded executable with my tools. First I check with file-magic.py: The identification says Word 2007+, so this