This month, Microsoft is addressing a total of 83 vulnerabilities. Among these, 3 are classified as critical, 2 have been exploited in the wild, and another 2 have been disclosed prior to Patch Tuesday. Organizations are
Continue ReadingCategory: SANS™ Internet Storm Center
ISC Stormcast For Tuesday, November 12th, 2024 https://isc.sans.edu/podcastdetail/9218, (Tue, Nov 12th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingPDF Object Streams, (Mon, Nov 11th)
The first thing to do, when analyzing a potentially malicious PDF, is to look for the /Encrypt name as explained in diary entry Analyzing an Encrypted Phishing PDF. The second thing to do, is to look
Continue ReadingISC Stormcast For Monday, November 11th, 2024 https://isc.sans.edu/podcastdetail/9216, (Mon, Nov 11th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue Readingzipdump & PKZIP Records, (Sun, Nov 10th)
In yesterday's diary entry "zipdump & Evasive ZIP Concatenation" I showed how one can inspect the PKZIP records that make up a ZIP file. My tool zipdump.py can also inspect the data of PKZIP file records,
Continue Readingzipdump & Evasive ZIP Concatenation, (Sat, Nov 9th)
On Friday's Stormcast, Johannes talks about Evasive ZIP Concatenation, a technique where 2 (or more) ZIP files are concatenated together to evade detection. This gives me a good opportunity to remind you that my zip analysis
Continue ReadingSANS Holiday Hack Challenge 2024, (Sat, Nov 9th)
The SANS Holiday Hack Challenge is open early this year: Enjoy! :-) Didier Stevens Senior handler blog.DidierStevens.com (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingISC Stormcast For Friday, November 8th, 2024 https://isc.sans.edu/podcastdetail/9214, (Fri, Nov 8th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingSteam Account Checker Poisoned with Infostealer, (Thu, Nov 7th)
I found an interesting script targeting Steam users. Steam[1] is a popular digital distribution platform for purchasing, downloading, and playing video games on personal computers. The script is called "steam-account-checker" and is available in Github[2]. Its description is: steam
Continue ReadingISC Stormcast For Thursday, November 7th, 2024 https://isc.sans.edu/podcastdetail/9212, (Thu, Nov 7th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue Reading