Category: SANS™ Internet Storm Center

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

The SANS DShield project receives a wide variety of logs submitted by participants of the DShield project. Looking at the “” URLs page, I observed an interesting URL and dived deeper to investigate. The URL recorded

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

When I teach FOR610[1], I like to use a funny quotation with my students: “Make malware happy!” What does it mean? Yes, we like malware, and we need to treat it in a friendly way. To

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

We entered a new year, but attack scenarios have not changed (yet). I found a Python script with an interesting behavior[1] and a low Virustotal score (7/61). It targets Microsoft Windows hosts because it starts by loading all

In the cybersecurity landscape, we all need hashes! A hash is the result of applying a special mathematical function (a “hash function”) that transforms an input (such as a file or a piece of text) into

While most of us are preparing the switch to a new year (If it’s already the case for you: Happy New Year!), Attackers never stop and implement always new tricks to defeat our security controls. For

With the end of the year quickly approaching, it is undoubtedly a good time to take a look at what has changed during the past 12 months. One security-related area, which deserves special attention in this

It is again the time of the year when scammers are asking to verify banking information, whether it is credit cards, bank card, package shipping information, winning money, etc. Last night I received a text message