A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at a malspam message with macro-enabled PowerPoint attachment that turned out to be first stage of an Agent Tesla infection chain…

A Diary of mine was published today on the SANS Internet Storm Center. In this one, we take a look at an interesting e-mail message carrying Qakbot downloader, which appeared to be sent in a response to a historical Full Disclosure mailing list post…

A Diary of mine was published today on the SANS Internet Storm Center. In this one we take a look at analysis of an interesting malicious document which turned out to be AZORult downloader. What made it stand out - among its other aspects - were 3 layers of home-grown encryption...