Category: SANS Internet Storm Center, InfoCON: green

Microsoft November 2024 Patch Tuesday, (Tue, Nov 12th)

This month, Microsoft is addressing a total of 83 vulnerabilities. Among these, 3 are classified as critical, 2 have been exploited in the wild, and another 2 have been disclosed prior to Patch Tuesday. Organizations are encouraged to prioritize these…

Read more →

PDF Object Streams, (Mon, Nov 11th)

The first thing to do, when analyzing a potentially malicious PDF, is to look for the /Encrypt name as explained in diary entry Analyzing an Encrypted Phishing PDF. This article has been indexed from SANS Internet Storm Center, InfoCON: green…

Read more →


zipdump & PKZIP Records, (Sun, Nov 10th)

In yesterday's diary entry “zipdump & Evasive ZIP Concatenation” I showed how one can inspect the PKZIP records that make up a ZIP file. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article:…

Read more →


zipdump & Evasive ZIP Concatenation, (Sat, Nov 9th)

On Friday's Stormcast, Johannes talks about Evasive ZIP Concatenation, a technique where 2 (or more) ZIP files are concatenated together to evade detection. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: 
zipdump…

Read more →

zipdump & PKZIP Records, (Sun, Nov 10th)

In yesterday's diary entry “zipdump & Evasive ZIP Concatenation” I showed how one can inspect the PKZIP records that make up a ZIP file. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article:…

Read more →

zipdump & Evasive ZIP Concatenation, (Sat, Nov 9th)

On Friday's Stormcast, Johannes talks about Evasive ZIP Concatenation, a technique where 2 (or more) ZIP files are concatenated together to evade detection. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: zipdump…

Read more →