I published the following diary on isc.sans.edu: “Keep an Eye on Command-Line Browsers“:
For a few weeks, I’m searching for suspicious files that make use of a command line browser like curl.exe or wget.exe in Windows environment. Wait, you were not aware of this? Just open a cmd.exe and type ‘curl.exe’ on your Windows 10 host… [Read more]