Sans News Feed
- The Evil MSI Background is Back!, (Fri, Jun 5th) June 5, 2026A few months ago, I wrote a diary about a payload that was embedded into a JPEG picture. It was a MSI-branded background[1]. Yesterday, I spotted another one! It seems that the technic is getting more and more popular. This time, it started with a mail containing a WeTransfer link.
- ISC Stormcast For Friday, June 5th, 2026 https://isc.sans.edu/podcastdetail/9960, (Fri, Jun 5th) June 5, 2026
- Microsoft's Coreutils for Windows, (Thu, Jun 4th) June 4, 2026I've been using the GnuWin32 CoreUtils for Windows for many years now (it gives you many *nix core commands on Windows).
- ISC Stormcast For Thursday, June 4th, 2026 https://isc.sans.edu/podcastdetail/9958, (Thu, Jun 4th) June 4, 2026
- Continuing Scans for swagger.json, (Wed, Jun 3rd) June 3, 2026Enterprise applications often still use complex standards like SOAP for web services. The big advantage of SOAP is its tight and extensive standards, which enable interoperability across an enterprise governed by web services. The disadvantage of SOAP: First, while it is de facto usually used over HTTP, it does not leverage HTTP, leading to unnecessary […]
- ISC Stormcast For Wednesday, June 3rd, 2026 https://isc.sans.edu/podcastdetail/9956, (Wed, Jun 3rd) June 3, 2026
- New Wave Of Phishing Emails with SVG Files, (Tue, Jun 2nd) June 2, 2026For a few days, my SANS ISC mailbox is flooded with emails that delivers SVG files. An SVG ("Scalable Vector Graphic") is a web-friendly vector file format used for graphics and icons. No URL in the body, just “an imageâ€, that's the perfect way to deliver some malicious content. This isn't the first time that […]
- ISC Stormcast For Tuesday, June 2nd, 2026 https://isc.sans.edu/podcastdetail/9954, (Tue, Jun 2nd) June 2, 2026
- ISC Stormcast For Monday, June 1st, 2026 https://isc.sans.edu/podcastdetail/9952, (Mon, Jun 1st) June 1, 2026
- Unidentified RAT pushes NetSupport RAT, (Mon, Jun 1st) June 1, 2026Introduction