This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, July 30th, 2024…
Category: SANS Internet Storm Center, InfoCON: green
ISC Stormcast For Monday, July 29th, 2024 https://isc.sans.edu/podcastdetail/9072, (Mon, Jul 29th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, July 29th, 2024…

Quickie: Password Cracking & Energy, (Sun, Jul 28th)
When Johannes talked about my diary entry “Protected OOXML Spreadsheets” on his StormCast podcast, he mentioned that I privately shared data on the power consumption of my desktop with a NVIDIA GeForce RTX 3080 GPU when running Hashcat. This article…
CrowdStrike Outage Themed Maldoc, (Mon, Jul 29th)
I found a malicious Word document with VBA code using the CrowdStrike outage for social engineering purposes. It's an .ASD file (AutoRecover file). My tool oledump.py can analyze it: This article has been indexed from SANS Internet Storm Center, InfoCON:…
Quickie: Password Cracking & Energy, (Sun, Jul 28th)
When Johannes talked about my diary entry “Protected OOXML Spreadsheets” on his StormCast podcast, he mentioned that I privately shared data on the power consumption of my desktop with a NVIDIA GeForce RTX 3080 GPU when running Hashcat. This article…
Create Your Own BSOD: NotMyFault, (Sat, Jul 27th)
With all the Blue Screen Of Death screenshots we saw lately, I got the idea to write about Sysinternals' tool NotMyFault. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Create Your Own…
ExelaStealer Delivered “From Russia With Love”, (Fri, Jul 26th)
Some simple PowerShell scripts might deliver nasty content if executed by the target. I found a very simple one (with a low VT score of 8/65): This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the…
ISC Stormcast For Friday, July 26th, 2024 https://isc.sans.edu/podcastdetail/9070, (Fri, Jul 26th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, July 26th, 2024…
XWorm Hidden With Process Hollowing, (Thu, Jul 25th)
XWorm is not a brand-new malware family[1]. It's a common RAT (Remote Access Tool) re-use regularly in new campaigns. Yesterday, I found a sample that behaves like a dropper and runs the malware using the Process Hollowing technique[2]. The sample…
ISC Stormcast For Thursday, July 25th, 2024 https://isc.sans.edu/podcastdetail/9068, (Thu, Jul 25th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Thursday, July 25th, 2024…