Month: July 2020

Fell Deeds Awake

Malicious documents exploiting CVE-2017-11882 continue to be used by malicious actors, but it has been a few years since I took a deep dive into their mechanics. A quick spelunk through our dataset produces quite a few, but I wanted an RTF example with minimal RTF obfuscation and came across …

Continue Reading

Getting Organized

I have this awful habit of testing concepts in poorly designed code with no logging, alerting, or comments, then somehow, they end up in production.  Not real production, but it fills a need, saves time and effort, and several others want to use it, so it’s available for anyone who …

Continue Reading