I published the following diary on isc.sans.edu: “Rig Exploit Kit Delivering VBScript“:
I detected the following suspicious traffic on a corporate network. It was based on multiples infection stages and looked interesting enough to publish a diary about it. This is also a good reminder that, just by surfing the web, you can spot malicious scripts that will try to infect your computer (Exploit Kits). It started with a succession of HTTP redirects across multiple domains, all using the .xyz TLD… [Read more]
[The post [SANS ISC] Rig Exploit Kit Delivering VBScript has been first published on /dev/random]
Article Link: https://blog.rootshell.be/2019/09/13/sans-isc-rig-exploit-kit-delivering-vbscript/