Category Archives: SANS ISC

[SANS ISC] Shadow IT Makes People More Vulnerable to Phishing

Posted on by

I published the following diary on isc.sans.edu: “Shadow IT Makes People More Vulnerable to Phishing“: Shadow IT is a real problem in many organizations. Behind this term, we speak about pieces of hardware or software that are installed by users without the approval of the IT department. In many cases,

The post [SANS ISC] Shadow IT Makes People More Vulnerable to Phishing appeared first on /dev/random.

Continue reading [SANS ISC] Shadow IT Makes People More Vulnerable to Phishing

[SANS ISC] (Ab)Using Security Tools & Controls for the Bad

Posted on by

I published the following diary on isc.sans.edu: “(Ab)Using Security Tools & Controls for the Bad“: As security practitioners, we give daily advice to our customers to increase the security level of their infrastructures. Install this tool, enable this feature, disable this function, etc. When enabled, these techniques can also be

The post [SANS ISC] (Ab)Using Security Tools & Controls for the Bad appeared first on /dev/random.

Continue reading [SANS ISC] (Ab)Using Security Tools & Controls for the Bad

[SANS ISC] Keep an Eye on Your Users Mobile Devices (Simple Inventory)

Posted on by

I published the following diary on isc.sans.edu: “Keep an Eye on Your Users Mobile Devices (Simple Inventory)“: Today, smartphones are everywhere and became our best friends for many tasks. Probably your users already access their corporate mailbox via a mobile device. If it’s not yet the case, you probably have

The post [SANS ISC] Keep an Eye on Your Users Mobile Devices (Simple Inventory) appeared first on /dev/random.

Continue reading [SANS ISC] Keep an Eye on Your Users Mobile Devices (Simple Inventory)

[SANS ISC] Excel Recipe: Some VBA Code with a Touch of Excel4 Macro

Posted on by

I published the following diary on isc.sans.edu: “Excel Recipe: Some VBA Code with a Touch of Excel4 Macro“: Microsoft Excel supports two types of macros. The legacy format is known as “Excel4 macro” and the new (but already used for a while) is based on VBA. We already cover both

The post [SANS ISC] Excel Recipe: Some VBA Code with a Touch of Excel4 Macro appeared first on /dev/random.

Continue reading [SANS ISC] Excel Recipe: Some VBA Code with a Touch of Excel4 Macro

[SANS ISC] Malicious Calendar Subscriptions Are Back?

Posted on by

I published the following diary on isc.sans.edu: “Malicious Calendar Subscriptions Are Back?“: Did this threat really disappear? This isn’t a brand new technique to deliver malicious content to mobile devices but it seems that attackers started new waves of spam campaigns based on malicious calendar subscriptions. Being a dad, you can imagine that

The post [SANS ISC] Malicious Calendar Subscriptions Are Back? appeared first on /dev/random.

Continue reading [SANS ISC] Malicious Calendar Subscriptions Are Back?

[SANS ISC] Attackers Will Always Abuse Major Events in our Lifes

Posted on by

I published the following diary on isc.sans.edu: “Attackers Will Always Abuse Major Events in our Lifes“: All major events in our daily life are potential sources of revenue for attackers. When elections or major sports events are organized, attackers will surf on these waves and try to make some profit or

The post [SANS ISC] Attackers Will Always Abuse Major Events in our Lifes appeared first on /dev/random.

Continue reading [SANS ISC] Attackers Will Always Abuse Major Events in our Lifes

[SANS ISC] Cryptocurrency Clipboard Swapper Delivered With Love

Posted on by

I published the following diary on isc.sans.edu: “Cryptocurrency Clipboard Swapper Delivered With Love“: Be careful if you’re a user of cryptocurrencies. My goal is not to re-open a debate about them and their associated financial risks. No, I’m talking here about technical risk. Wallet addresses are long strings of characters that

The post [SANS ISC] Cryptocurrency Clipboard Swapper Delivered With Love appeared first on /dev/random.

Continue reading [SANS ISC] Cryptocurrency Clipboard Swapper Delivered With Love

[SANS ISC] Waiting for the C2 to Show Up

Posted on by

published the following diary on isc.sans.edu: “Waiting for the C2 to Show Up“: Keep this in mind: “Patience is key”. Sometimes when you are working on a malware sample, you depend on online resources. I’m working on a classic case: a Powershell script decodes then injects a shellcode into a process. There

The post [SANS ISC] Waiting for the C2 to Show Up appeared first on /dev/random.

Continue reading [SANS ISC] Waiting for the C2 to Show Up

[SANS ISC] Malicious Microsoft Word Remains A Key Infection Vector

Posted on by

I published the following diary on isc.sans.edu: “Malicious Microsoft Word Remains A Key Infection Vector“: Despite Microsoft’s attempts to make its Office suite more secure and disable many automatic features, despite the fact that users are warned that suspicious documents should not be opened, malicious Word documents remain a key

The post [SANS ISC] Malicious Microsoft Word Remains A Key Infection Vector appeared first on /dev/random.

Continue reading [SANS ISC] Malicious Microsoft Word Remains A Key Infection Vector

[SANS ISC] Malicious Microsoft Word Remains A Key Infection Vector

Posted on by

I published the following diary on isc.sans.edu: “Malicious Microsoft Word Remains A Key Infection Vector“: Despite Microsoft’s attempts to make its Office suite more secure and disable many automatic features, despite the fact that users are warned that suspicious documents should not be opened, malicious Word documents remain a key

The post [SANS ISC] Malicious Microsoft Word Remains A Key Infection Vector appeared first on /dev/random.

Continue reading [SANS ISC] Malicious Microsoft Word Remains A Key Infection Vector