Diaries by Keyword - SANS Internet Storm Center

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Handler on Duty: Jesse La Grew

Threat Level: green

Date	Author	Title
CHANGE INFOCON
2014-09-26	Richard Porter	Why We Have Moved to InfoCon:Yellow
CHANGE
2022-12-22/a>	Guy Bruneau	Exchange OWASSRF Exploited for Remote Code Execution
2022-01-02/a>	Guy Bruneau	Exchange Server - Email Trapped in Transport Queues
2021-11-15/a>	Rob VandenBrink	Changing your AD Password Using the Clipboard - Not as Easy as You'd Think!
2021-09-24/a>	Xavier Mertens	Keep an Eye on Your Users Mobile Devices (Simple Inventory)
2021-08-13/a>	Guy Bruneau	Scanning for Microsoft Exchange eDiscovery
2021-03-03/a>	Johannes Ullrich	Microsoft Releases Exchange Emergency Patch to Fix Actively Exploited Vulnerability
2020-12-08/a>	Johannes Ullrich	December 2020 Microsoft Patch Tuesday: Exchange, Sharepoint, Dynamics and DNS Spoofing
2019-01-28/a>	Bojan Zdrnja	Relaying Exchange?s NTLM authentication to domain admin (and more)
2017-05-17/a>	Richard Porter	Wait What? We don?t have to change passwords every 90 days?
2016-10-08/a>	Russell Eubanks	Unauthorized Change Detected!
2014-09-26/a>	Richard Porter	Why We Have Moved to InfoCon:Yellow
2014-05-22/a>	Rob VandenBrink	Another Site Breached - Time to Change your Passwords! (If you can that is)
2014-04-27/a>	Tony Carothers	The Dreaded "D" Word of IT
2014-02-10/a>	Rob VandenBrink	A Tale of Two Admins (and no Change Control)
2013-11-29/a>	Russ McRee	MS Exchange update, includes failed backup fix: http://support.microsoft.com/kb/2892464
2013-08-15/a>	Johannes Ullrich	Microsoft Pulls MS013-061 due to problems with Exchange Server 2013 http://blogs.technet.com/b/exchange/archive/2013/08/14/exchange-2013-security-update-ms13-061-status-update.aspx
2013-02-22/a>	Chris Mohan	PHP 5.4.12 and PHP 5.3.22 released http://www.php.net/ChangeLog-5.php
2012-12-18/a>	Dan Goldberg	Mitigating the impact of organizational change: a risk assessment
2012-11-23/a>	Rob VandenBrink	What's in Your Change Control Form?
2012-07-25/a>	Johannes Ullrich	Microsoft Exchange/Sharepoint and others: Oracle Outside In Vulnerability
2012-05-30/a>	Rob VandenBrink	Too Big to Fail / Too Big to Learn?
2012-02-23/a>	donald smith	DNS-Changer "clean DNS" extension requested
2012-02-20/a>	Rick Wanner	DNSChanger resolver shutdown deadline is March 8th
2011-11-09/a>	Russ McRee	Operation Ghost Click: FBI bags crime ring responsible for $14 million in losses
2011-08-05/a>	donald smith	New Mac Trojan: BASH/QHost.WB
2010-08-19/a>	Rob VandenBrink	Change is Good. Change is Bad. Change is Life.
2008-11-25/a>	Andre Ludwig	OS X Dns Changers part three
2008-11-25/a>	Andre Ludwig	Tmobile G1 handsets having DNS problems?
INFOCON
2021-12-14/a>	Johannes Ullrich	Log4j: Getting ready for the long haul (CVE-2021-44228)
2015-01-23/a>	Adrien de Beaupre	Infocon change to yellow for Adobe Flash issues
2014-09-26/a>	Richard Porter	Why We Have Moved to InfoCon:Yellow
2014-05-22/a>	Johannes Ullrich	Discontinuing Support for ISC Alert Task Bar Icon
2014-04-14/a>	Kevin Shortt	INFOCon Green: Heartbleed - on the mend
2012-03-16/a>	Swa Frantzen	INFOCON Yellow - Microsoft RDP - MS12-020
2010-12-26/a>	Manuel Humberto Santander Pelaez	ISC infocon monitor app for OS X
2010-07-20/a>	Manuel Humberto Santander Pelaez	Lowering infocon back to green
2010-01-17/a>	Mark Hofman	Why not Yellow?
2009-07-13/a>	Adrien de Beaupre	* Infocon raised to yellow for Excel Web Components ActiveX vulnerability
2009-07-07/a>	Marcus Sachs	* INFOCON Status - staying green
2008-08-12/a>	Johannes Ullrich	Upcoming Infocon Test and new Color
2006-10-02/a>	Jim Clausing	Back to green, but the exploits are still running wild

CHANGE INFOCON

CHANGE

INFOCON