SANS ISC

[SANS ISC] Malware Delivered via Windows Installer Files

I published the following diary on isc.sans.org: “Malware Delivered via Windows Installer Files“: For some days, I collected a few samples of malicious MSI files. MSI files are Windows installer files that users can execute to install software on a Microsoft Windows system. Of course, you can replace “software” with “malware”. MSI

SANS ISC

[SANS ISC] Investigating Microsoft BITS Activity

I published the following diary on isc.sans.org: “Investigating Microsoft BITS Activity“: Microsoft BITS (“Background Intelligent Transfer Service”) is a tool present[1] in all modern Microsoft Windows operating systems. As the name says, you can see it as a “curl” or “wget” tool for Windows. It helps to transfer files between

SANS ISC

[SANS ISC] Comment your Packet Captures!

I published the following diary on isc.sans.org: “Comment your Packet Captures!“: When you are investigating a security incident, a key element is to take notes and to document as much as possible. There is no “best” way to take notes, some people use electronic solutions while others are using good

SANS ISC

[SANS ISC] Example of ‘MouseOver’ Link in a Powerpoint File

I published the following diary on isc.sans.org: “Example of ‘MouseOver’ Link in a Powerpoint File“: I really like Microsoft Office documents… They offer so many features that can be (ab)used to make them virtual bombs. Yesterday, I found a simple one but nicely prepared Powerpoint presentation: Payment_copy.ppsx (SHA256:7d6f3eb45c03a8c2fca4685e9f2d4e05c5fc564c3c81926a5305b6fa6808ac3f). It was still

1 24 25 26 27 28 36