Diaries by Keyword - SANS Internet Storm Center

Participate: Learn more about our honeypot network
https://isc.sans.edu/tools/honeypot/

Handler on Duty: Jesse La Grew

Threat Level: green

Date	Author	Title
CRITICAL CONTROL 11
2011-10-17	Rob VandenBrink	Critical Control 11: Account Monitoring and Control
CRITICAL
2019-10-19/a>	Russell Eubanks	What Assumptions Are You Making?
2019-07-25/a>	Rob VandenBrink	When Users Attack! Users (and Admins) Thwarting Security Controls
2017-07-24/a>	Russell Eubanks	Trends Over Time
2017-06-10/a>	Russell Eubanks	An Occasional Look in the Rear View Mirror
2017-05-28/a>	Pasquale Stirparo	Analysis of Competing Hypotheses (ACH part 1)
2017-05-02/a>	Richard Porter	Do you have Intel AMT? Then you have a problem today! Intel Active Management Technology INTEL-SA-00075
2015-12-21/a>	Daniel Wesemann	Critical Security Controls: Getting to know the unknown
2015-11-04/a>	Richard Porter	Application Aware and Critical Control 2
2015-05-29/a>	Russell Eubanks	Trust But Verify
2014-04-12/a>	Guy Bruneau	Critical Security Update for JetPack WordPress Plugin. Bug has existed since Jetpack 1.9, released in October 2012. - http://jetpack.me/2014/04/10/jetpack-security-update/
2012-08-21/a>	Adrien de Beaupre	YYABCAFU - Yes Yet Another Bleeping Critical Adobe Flash Update
2011-11-03/a>	Richard Porter	An Apple, Inc. Sandbox to play in.
2011-10-29/a>	Richard Porter	The Sub Critical Control? Evidence Collection
2011-10-28/a>	Daniel Wesemann	Critical Control 20: Security Skills Assessment and Training to fill Gaps
2011-10-27/a>	Mark Baggett	Critical Control 18: Incident Response Capabilities
2011-10-26/a>	Rick Wanner	Critical Control 17:Penetration Tests and Red Team Exercises
2011-10-17/a>	Rob VandenBrink	Critical Control 11: Account Monitoring and Control
2011-08-15/a>	Rob VandenBrink	8 Years since the Eastern Seaboard Blackout - Has it Been that Long?
2010-04-02/a>	Guy Bruneau	Oracle Java SE and Java for Business Critical Patch Update Advisory
2009-09-05/a>	Mark Hofman	Critical Infrastructure and dependencies
CONTROL
2024-04-22/a>	Jan Kopriva	It appears that the number of industrial devices accessible from the internet has risen by 30 thousand over the past three years
2022-05-03/a>	Rob VandenBrink	Finding the Real "Last Patched" Day (Interim Version)
2021-07-08/a>	Xavier Mertens	Using Sudo with Python For More Security Controls
2021-05-12/a>	Jan Kopriva	Number of industrial control systems on the internet is lower then in 2020...but still far from zero
2019-10-19/a>	Russell Eubanks	What Assumptions Are You Making?
2019-07-25/a>	Rob VandenBrink	When Users Attack! Users (and Admins) Thwarting Security Controls
2019-07-18/a>	Rob VandenBrink	The Other Side of Critical Control 1: 802.1x Wired Network Access Controls
2017-07-24/a>	Russell Eubanks	Trends Over Time
2017-06-10/a>	Russell Eubanks	An Occasional Look in the Rear View Mirror
2016-11-23/a>	Tom Webb	Mapping Attack Methodology to Controls
2016-10-08/a>	Russell Eubanks	Unauthorized Change Detected!
2016-07-26/a>	Johannes Ullrich	Command and Control Channels Using "AAAA" DNS Records
2015-12-21/a>	Daniel Wesemann	Critical Security Controls: Getting to know the unknown
2015-11-04/a>	Richard Porter	Application Aware and Critical Control 2
2015-05-29/a>	Russell Eubanks	Trust But Verify
2014-10-13/a>	Lorna Hutcheson	For or Against: Port Security for Network Access Control
2014-08-17/a>	Rick Wanner	Part 2: Is your home network unwittingly contributing to NTP DDOS attacks?
2014-07-28/a>	Guy Bruneau	Management and Control of Mobile Device Security
2014-06-11/a>	Daniel Wesemann	Help your pilot fly!
2014-02-10/a>	Rob VandenBrink	A Tale of Two Admins (and no Change Control)
2013-09-02/a>	Guy Bruneau	Multiple Cisco Security Notice
2013-03-13/a>	Mark Baggett	Wipe the drive! Stealthy Malware Persistence Mechanism - Part 1
2012-12-31/a>	Manuel Humberto Santander Pelaez	How to determine which NAC solutions fits best to your needs
2012-11-23/a>	Rob VandenBrink	What's in Your Change Control Form?
2011-11-03/a>	Richard Porter	An Apple, Inc. Sandbox to play in.
2011-10-29/a>	Richard Porter	The Sub Critical Control? Evidence Collection
2011-10-28/a>	Daniel Wesemann	Critical Control 20: Security Skills Assessment and Training to fill Gaps
2011-10-27/a>	Mark Baggett	Critical Control 18: Incident Response Capabilities
2011-10-26/a>	Rick Wanner	Critical Control 17:Penetration Tests and Red Team Exercises
2011-10-17/a>	Rob VandenBrink	Critical Control 11: Account Monitoring and Control
2010-08-22/a>	Rick Wanner	Failure of controls...Spanair crash caused by a Trojan
2010-08-19/a>	Rob VandenBrink	Change is Good. Change is Bad. Change is Life.
2010-08-05/a>	Rob VandenBrink	Access Controls for Network Infrastructure
2010-06-14/a>	Manuel Humberto Santander Pelaez	Python on a microcontroller?
2010-06-07/a>	Manuel Humberto Santander Pelaez	Software Restriction Policy to keep malware away
2009-10-22/a>	Adrien de Beaupre	Cyber Security Awareness Month - Day 22 port 502 TCP - Modbus
11
2023-07-12/a>	Brad Duncan	Loader activity for Formbook "QM18"
2023-06-17/a>	Brad Duncan	Formbook from Possible ModiLoader (DBatLoader)
2023-03-22/a>	Didier Stevens	Windows 11 Snipping Tool Privacy Bug: Inspecting PNG Files
2021-07-09/a>	Brad Duncan	Hancitor tries XLL as initial malware file
2021-06-30/a>	Johannes Ullrich	CVE-2021-1675: Incomplete Patch and Leaked RCE Exploit
2021-02-24/a>	Brad Duncan	Malspam pushes GuLoader for Remcos RAT
2019-11-06/a>	Brad Duncan	More malspam pushing Formbook
2015-08-12/a>	Rob VandenBrink	Wireshark 1.12.7 is released, multiple fixes. Find the release notes at: https://www.wireshark.org/docs/relnotes/wireshark-1.12.7.html and the binaries at: https://www.wireshark.org/download.html
2015-06-16/a>	John Bambenek	CVE-2014-4114 and an Interesting AV Bypass Technique
2014-02-07/a>	Rob VandenBrink	New ISO Standards on Vulnerability Handling and Disclosure
2012-05-07/a>	Guy Bruneau	iOS 5.1.1 Software Update for iPod, iPhone, iPad
2012-04-19/a>	Kevin Shortt	OpenSSL Security Advisory - CVE-2012-2110
2012-01-12/a>	Rob VandenBrink	PHP 5.39 was release on the 10th, amongst other things, it addresses CVE-2011-4885 (prevents attacks based on hash collisions) and CVE-2011-4566 (integer overflow when parsing invalid exif header)
2011-10-29/a>	Richard Porter	The Sub Critical Control? Evidence Collection
2011-10-28/a>	Russ McRee	Critical Control 19: Data Recovery Capability
2011-10-28/a>	Daniel Wesemann	Critical Control 20: Security Skills Assessment and Training to fill Gaps
2011-10-27/a>	Mark Baggett	Critical Control 18: Incident Response Capabilities
2011-10-26/a>	Rick Wanner	Critical Control 17:Penetration Tests and Red Team Exercises
2011-10-17/a>	Rob VandenBrink	Critical Control 11: Account Monitoring and Control
2011-10-13/a>	Guy Bruneau	Critical Control 10: Continuous Vulnerability Assessment and Remediation
2011-10-12/a>	Kevin Shortt	Critical Control 8 - Controlled Use of Administrative Privileges
2011-10-11/a>	Swa Frantzen	Critical Control 7 - Application Software Security
2011-10-10/a>	Jim Clausing	Critical Control 6 - Maintenance, Monitoring, and Analysis of Security Audit Logs
2011-10-07/a>	Mark Hofman	Critical Control 5 - Boundary Defence
2011-10-06/a>	Rob VandenBrink	Apache HTTP Server mod_proxy reverse proxy issue
2011-10-04/a>	Rob VandenBrink	Critical Control 2 - Inventory of Authorized and Unauthorized Software
2011-10-04/a>	Johannes Ullrich	Critical Control 3 - Secure Configurations for Hardware and Software on Laptops, Workstations and Servers
2011-10-03/a>	Mark Hofman	Critical Control 1 - Inventory of Authorized and Unauthorized Devices
2011-10-03/a>	Mark Baggett	What are the 20 Critical Controls?
2011-10-03/a>	Tom Liston	Security 101 : Security Basics in 140 Characters Or Less
2011-10-02/a>	Mark Hofman	Cyber Security Awareness Month Day 1/2 - Schedule
2011-10-02/a>	Mark Hofman	Cyber Security Awareness Month Day 1/2 - Introduction to the controls
2011-09-21/a>	Mark Hofman	October 2011 Cyber Security Awareness Month
2011-08-11/a>	Johannes Ullrich	As part of this weeks patch tuesday, microsoft also re-release MS11-043 to address stability issues.
2011-04-15/a>	Kevin Liston	MS11-020 (KB2508429) Upgrading from Critical to PATCH NOW
2011-02-23/a>	Manuel Humberto Santander Pelaez	Bind DOS vulnerability (CVE-2011-0414)
2011-01-03/a>	Johannes Ullrich	What Will Matter in 2011
2010-08-15/a>	Manuel Humberto Santander Pelaez	Opensolaris project cancelled, replaced by Solaris 11 express
2010-03-10/a>	Rob VandenBrink	Microsoft re-release of KB973811 - attacks on Extended Protection for Authentication
2009-08-28/a>	Adrien de Beaupre	WPA with TKIP done
2000-01-01/a>	Manuel Humberto Santander Pelaez	Happy New Year 2011!!!

CRITICAL CONTROL 11

CRITICAL

CONTROL

11