Category: SANS Internet Storm Center, InfoCON: green

June 2026 Apple Updates, (Tue, Jun 30th)

Apple released updates for iOS/iPadOS, macOS, and Safari on Monday. There have been no updates for other Apple operating systems (visionOS, watchOS, tvOS). Usually, Apple updates all products at the same time. This article has been indexed from SANS Internet…

YARA-X 1.18.0 and 1.19.0 Release, (Sun, Jun 28th)

YARA-X's 1.18.0 release brings 3 improvements and 2 bugfixes. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: YARA-X 1.18.0 and 1.19.0 Release, (Sun, Jun 28th)

Linux Process Name Masquerading, (Wed, Jun 24th)

In a previous diary, I talked about stack strings[1] with a practical example of them. Since my SEC670 class, I’m even more interested in malware obfuscation techniques. I had a look at process names. When you list running processes on a computer,…

Webshells Remain Popular, (Mon, Jun 22nd)

Webshells have been popular for a long time. We already covered this topic across multiple diaries[1][2]. I spent some time to track them[3] and slighly paid less attention to them but today I found another one. It seems to be…

From a VHDX File to a Remcos RAT, (Tue, Jun 16th)

Yesterday, a reader reported to us a malicious ZIP archive (SHA256: a0104921a2d37ab87482ac9a9f5c3713479c118846c3e999178e75b81620c094[1]). Once unzipped, it contains a VHDX file that discloses a malicious JavaScript after being mounted (which is automatic on modern Windows OSs): This article has been indexed from…