[SANS ISC] Malicious PowerPoint Add-On: “Small Is Beautiful”

I published the following diary on isc.sans.edu: “Malicious PowerPoint Add-On: ‘Small Is Beautiful‘”: Yesterday I spotted a DHL-branded phishing campaign that used a PowerPoint file to compromise the victim. The malicious attachment is a PowerPoint add-in. This technique is not new, I already analyzed such a sample in a previous

[SANS ISC] Simple Powershell Ransomware Creating a 7Z Archive of your Files

I published the following diary on isc.sans.edu: “Simple Powershell Ransomware Creating a 7Z Archive of your Files“: If some ransomware families are based on PE files with complex features, it’s easy to write quick-and-dirty ransomware in other languages like Powershell. I found this sample while hunting. I’m pretty confident that this

1 2 3 29