SANS ISC

[SANS ISC] Suspicious PDF Connecting to a Remote SMB Share

I published the following diary on isc.sans.edu: “Suspicious PDF Connecting to a Remote SMB Share”:

Yesterday I stumbled upon a PDF file that was flagged as suspicious by a customer’s anti-malware solution and placed in the quarantine. Later, the recipient contacted the team in charge of emails to access his document because he knew the sender and pretended that the file was legit… [Read more]

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.