Threat Level: green Handler on Duty: Russ McRee

SANS ISC: Diaries by Keyword Diaries by Keyword

Special Webcast: What you need to know about the crypt32.dll vulnerability. Register Now

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title

100 IPS PER DOMAIN NAME

2013-12-21Guy BruneauStrange DNS Queries - Request for Packets

100

2013-12-21/a>Guy BruneauStrange DNS Queries - Request for Packets
2011-04-28/a>Chris MohanGathering and use of location information fears - or is it all a bit too late
2010-06-02/a>Mark HofmanOpenSSL version 1.0.0a released. This fixes a number of security issues. Don't forget a number of commercial appliances will be using this, so look for vendor updates soon.
2010-04-22/a>Guy BruneauMS10-025 Security Update has been Pulled
2010-04-16/a>G. N. WhiteMS10-021: Encountering A Failed WinXP Update
2010-03-03/a>Mark HofmanMS10-015 re-released
2010-02-19/a>Mark HofmanMS10-015 may cause Windows XP to blue screen (but only if you have malware on it)
2010-01-19/a>Jim ClausingThe IE saga continues, out-of-cycle patch coming soon
2010-01-15/a>Kevin ListonExploit code available for CVE-2010-0249
2006-10-10/a>Kyle HaugsnessMS06-063: Mailslot DoS (Server service)
2006-10-10/a>Johannes UllrichMS06-056: ASP.NET XSS Information Disclosure Vulnerability (moderate)
2006-10-10/a>Johannes UllrichMS06-061: XSLT/MSXML Buffer Overflow Code Execution Vulnerability (moderate)

IPS

2017-10-25/a>Mark HofmanDUHK attack, continuing a week of named issues
2017-04-02/a>Guy BruneauIPFire - A Household Multipurpose Security Gateway
2014-04-03/a>Bojan ZdrnjaWatching the watchers
2013-12-21/a>Guy BruneauStrange DNS Queries - Request for Packets
2013-10-25/a>Rob VandenBrinkKaspersky flags TCPIP.SYS as Malware
2013-09-05/a>Rob VandenBrinkWhat's Next for IPS?
2012-12-06/a>Johannes UllrichHow to identify if you are behind a "Transparent Proxy"
2012-10-04/a>Johannes UllrichCyber Security Awareness Month - Day 4: Crypto Standards
2012-07-18/a>Rob VandenBrinkSnort Updated today
2011-12-21/a>Chris MohanThe off switch
2010-11-08/a>Manuel Humberto Santander PelaezNetwork Security Perimeter: How to choose the correct firewall and IPS for your environment?
2010-08-01/a>Manuel Humberto Santander PelaezEvation because IPS fails to validate TCP checksums?
2010-06-15/a>Manuel Humberto Santander PelaezTCP evasions for IDS/IPS
2009-03-24/a>G. N. WhitePSYB0T: A MIPS-device (mipsel) IRC Bot
2009-03-22/a>Mari NicholsDealing with Security Challenges
2008-06-18/a>Chris CarboniCisco Security Advisory

PER

2019-12-04/a>Jan KoprivaAnalysis of a strangely poetic malware
2019-08-22/a>Xavier MertensSimple Mimikatz & RDPWrapper Dropper
2019-02-17/a>Didier StevensVideo: Finding Property Values in Office Documents
2019-02-16/a>Didier StevensFinding Property Values in Office Documents
2018-11-26/a>Russ McReeViperMonkey: VBA maldoc deobfuscation
2018-11-04/a>Pasquale StirparoBeyond good ol' LaunchAgent - part 1
2018-10-21/a>Pasquale StirparoBeyond good ol’ LaunchAgent - part 0
2018-05-07/a>Xavier MertensAdding Persistence Via Scheduled Tasks
2018-01-10/a>Russ McReeGitHub InfoSec Threepeat: HELK, ptf, and VulnWhisperer
2017-11-07/a>Xavier MertensInteresting VBA Dropper
2017-08-10/a>Didier StevensMaldoc Analysis with ViperMonkey
2016-07-27/a>Xavier MertensCritical Xen PV guests vulnerabilities
2015-12-22/a>Rick WannerThe other Juniper vulnerability - CVE-2015-7756
2015-02-17/a>Rob VandenBrinkA Different Kind of Equation
2014-08-23/a>Guy BruneauNSS Labs Cyber Resilience Report
2014-01-01/a>Russ McReeSix degrees of celebration: Juniper, ANT, Shodan, Maltego, Cisco, and Tails
2013-12-21/a>Guy BruneauStrange DNS Queries - Request for Packets
2013-12-16/a>Tom WebbThe case of Minerd
2013-10-26/a>Guy BruneauActive Perl/Shellbot Trojan
2013-10-25/a>Rob VandenBrinkKaspersky flags TCPIP.SYS as Malware
2013-09-05/a>Rob VandenBrinkBuilding Your Own GPU Enabled Private Cloud
2013-04-25/a>Adam SwangerGuest Diary: Dylan Johnson - A week in the life of some Perimeter Firewalls
2013-03-13/a>Johannes UllrichIPv6 Focus Month: Kaspersky Firewall IPv6 Vulnerability
2013-02-25/a>Johannes UllrichTrustwave Trustkeeper Phish
2013-02-25/a>Johannes UllrichPunkspider enumerates web application vulnerabilities
2013-02-04/a>Adam SwangerSAN Securing The Human Monthly Awareness Video - Advanced Persistent Threat (APT) http://www.securingthehuman.org/resources/ncsam
2013-01-15/a>Rob VandenBrinkWhen Disabling IE6 (or Java, or whatever) is not an Option...
2012-09-19/a>Russ McReeScript kiddie scavenging with Shellbot.S
2012-08-02/a>Guy BruneauOpera Security Update
2012-05-06/a>Jim ClausingTool updates and Win 8
2012-03-27/a>Guy BruneauOpera 11.62 for Windows patch several bugs and vulnerabilities - http://www.opera.com/docs/changelogs/windows/1162/
2011-11-07/a>Rob VandenBrinkJuniper BGP issues causing locallized Internet Problems
2011-06-28/a>Johannes UllrichUpdate: Opera 11.50 is now available http://www.opera.com/
2011-06-04/a>Rick WannerDo you have a personal disaster recovery plan?
2011-03-16/a>Johannes UllrichAnalyzing HTTP Packet Captures
2011-02-21/a>Adrien de BeaupreKaspersky update servers unreachable
2011-02-19/a>Guy BruneauSnort Data Acquisition Library
2011-01-27/a>Chris CarboniOpera Updates
2011-01-12/a>Richard PorterHow Many Loyalty Cards do you Carry?
2010-11-08/a>Manuel Humberto Santander PelaezNetwork Security Perimeter: How to choose the correct firewall and IPS for your environment?
2010-10-12/a>Adrien de BeaupreNew version of Opera- Opera 10.63 is a recommended upgrade offering security and stability enhancements: http://www.opera.com/browser/download/
2010-09-09/a>Jim ClausingOpera 10.62 - security (the DLL path issue) and stability upate see http://www.opera.com/docs/changelogs/windows/1062/
2010-08-19/a>Daniel WesemannCasper the unfriendly ghost
2010-06-23/a>Scott FendleyOpera Browser Update
2010-05-22/a>Rick WannerSANS 2010 Digital Forensics Summit - APT Based Forensic Challenge
2010-03-22/a>Guy BruneauNew Opera 10.51 available with security fixes. More information available at: http://www.opera.com/docs/changelogs/windows/1051/
2010-03-05/a>Kyle HaugsnessUnpatched Opera 10.50 and below code execution vulnerability
2009-09-01/a>Guy BruneauOpera 10 with Security Fixes
2009-03-03/a>Kyle HaugsnessOpera browser security updates
2009-03-01/a>Jim ClausingCool combination of tools
2008-12-17/a>donald smithOpera 9.6.3 released with security fixes
2008-10-30/a>Kevin ListonOpera 9.62 available - security update
2008-10-22/a>Mari NicholsOpera 9.6.1 Released
2008-08-20/a>Adrien de BeaupreFrom the mailbag, Opera 9.52...
2008-07-03/a>Bojan ZdrnjaNew Opera v9.51 fixes couple of security issues
2008-07-02/a>Jim ClausingAnother little script I threw together
2008-06-16/a>Kevin ListonOpera 9.5 is Available
2008-06-10/a>Swa FrantzenRansomware keybreaking
2008-04-03/a>Bojan ZdrnjaOpera fixes vulnerabilities and Microsoft announces April's fixes
2006-11-29/a>Toby KohlenbergNew Vulnerability Announcement and patches from Apple

DOMAIN

2019-07-17/a>Xavier MertensAnalyzis of DNS TXT Records
2019-04-24/a>Rob VandenBrinkWhere have all the Domain Admins gone? Rooting out Unwanted Domain Administrators
2019-03-27/a>Xavier MertensRunning your Own Passive DNS Service
2017-12-13/a>Xavier MertensTracking Newly Registered Domains
2017-11-16/a>Xavier MertensSuspicious Domains Tracking Dashboard
2017-07-05/a>Didier StevensSelecting domains with random names
2017-05-20/a>Xavier MertensTyposquatting: Awareness and Hunting
2014-07-09/a>Daniel WesemannWho owns your typo?
2014-01-30/a>Johannes UllrichNew gTLDs appearing in the root zone
2013-12-21/a>Guy BruneauStrange DNS Queries - Request for Packets
2012-03-13/a>Lenny ZeltserPlease transfer this email to your CEO or appropriate person, thanks
2009-05-02/a>Rick WannerMore Swine/Mexican/H1N1 related domains
2009-04-27/a>Johannes UllrichSwine Flu (Mexican Flu) related domains

NAME

2015-01-27/a>Johannes UllrichNew Critical GLibc Vulnerability CVE-2015-0235 (aka GHOST)
2014-07-09/a>Daniel WesemannWho owns your typo?
2013-12-21/a>Guy BruneauStrange DNS Queries - Request for Packets
2012-03-13/a>Lenny ZeltserPlease transfer this email to your CEO or appropriate person, thanks
2011-09-04/a>Lorna HutchesonSeveral Sites Defaced
2008-05-19/a>Maarten Van HorenbeeckRoute filtering and its impact on the DNS fabric