SANS Internet Storm Center | Office of Information Technology

SANS Internet Storm Center

RSS Feed SANS Internet Storm Center
SANS Internet Storm Center - Cooperative Cyber Security Monitor
Updated: 14 hours 19 min ago

Critical VMware vulnerabilities disclosed, (Wed, Mar 29th)

Wed, 03/29/2017 - 3:15am

VMware released a security bulletin[

Logical & Physical Security Correlation, (Tue, Mar 28th)

Wed, 03/29/2017 - 12:55am

Today, I would like to review an example how we can improve our daily security operations or, for ...

Symantec vs. Google: The CA Fight Continues. What do you need to know?, (Mon, Mar 27th)

Mon, 03/27/2017 - 9:20am

Google has long been vocal about Symantecs use of test certificates. Google alleged that Symantec ...

Infocon: green

Sat, 03/25/2017 - 10:20am
Distraction as a Service

Distraction as a Service, (Sat, Mar 25th)

Sat, 03/25/2017 - 6:02am
Have you noticed that some security projects never seem to get finished? Despite the best of in ...

Nicely Obfuscated JavaScript Sample , (Fri, Mar 24th)

Fri, 03/24/2017 - 5:45am

One of our readers sent us an interesting sample that was captured by his anti-spam. The suspicio ...

SSMA Usage, (Thu, Mar 23rd)

Wed, 03/22/2017 - 7:06pm

SSMA is handy tool for quickly getting an idea if a file is maliciou ...

"Blank Slate" malspam still pushing Cerber ransomware, (Wed, Mar 22nd)

Wed, 03/22/2017 - 9:33am

2017-03-22 Update: This diary was posted earlier, but we had some technical issues, and the p ...

Malspam with password-protected Word documents, (Tue, Mar 21st)

Mon, 03/20/2017 - 8:46pm


On Monday 2017-03-20, the ISC received a notific ...

What is really being proxied?, (Wed, Mar 8th)

Mon, 03/20/2017 - 5:57am

An observation from the road, was with a client recently and the discussion of proxy entered into ...

Searching for Base64-encoded PE Files, (Sun, Mar 19th)

Sun, 03/19/2017 - 2:57pm

When hunting for suspicious activity, its always a good idea to search for Microsoft Executables. ...

Example of Multiple Stages Dropper, (Sat, Mar 18th)

Sat, 03/18/2017 - 12:42am
If some malware samples remain simple padding:5px 10px"> From: To: ...