Threat Level: green Handler on Duty: Russ McRee

SANS ISC: Diaries by Keyword Diaries by Keyword

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title
2020-05-13Brad DuncanMalspam with links to zip archives pushes Dridex malware
2020-03-25Brad DuncanRecent Dridex activity
2019-12-22Didier StevensExtracting VBA Macros From .DWG Files
2019-12-16Didier StevensMalicious .DWG Files?
2019-12-04Jan KoprivaAnalysis of a strangely poetic malware
2019-12-03Brad DuncanUrsnif infection with Dridex
2019-09-26Rob VandenBrinkMining MAC Address and OUI Information
2019-08-22Xavier MertensSimple Mimikatz & RDPWrapper Dropper
2019-06-18Brad DuncanMalspam with password-protected Word docs pushing Dridex
2019-06-14Jim ClausingA few Ghidra tips for IDA users, part 4 - function call graphs
2019-05-19Guy BruneauIs Metadata Only Approach, Good Enough for Network Traffic Analysis?
2019-05-03Jim ClausingA few Ghidra tips for IDA users, part 3 - conversion, labels, and comments
2019-04-17Jim ClausingA few Ghidra tips for IDA users, part 2 - strings and parameters
2019-04-08Jim ClausingA few Ghidra tips for IDA users, part 1 - the decompiler/unreachable code
2019-04-03Jim ClausingA few Ghidra tips for IDA users, part 0 - automatic comments for API call parameters
2019-03-14Didier StevensTip: Ghidra & ZIP Files
2019-03-08Remco VerhoefAnalysing meterpreter payload with Ghidra
2018-12-13Xavier MertensPhishing Attack Through Non-Delivery Notification
2018-08-01Johannes UllrichWhen Cameras and Routers attack Phones. Spike in CVE-2014-8361 Exploits Against Port 52869
2018-06-16Russ McReeAnomaly Detection & Threat Hunting with Anomalize
2018-04-27Tom WebbMore Threat Hunting with User Agent and Drupal Exploits
2018-04-25Johannes UllrichYet Another Drupal RCE Vulnerability
2018-02-09Didier StevensAn autograph from the Dridex gang
2017-11-07Xavier MertensInteresting VBA Dropper
2017-10-24Xavier MertensBadRabbit: New ransomware wave hitting RU & UA
2017-10-06Johannes UllrichWhat's in a cable? The dangers of unauthorized cables
2017-04-11Brad DuncanDridex malspam seen on Monday 2017-04-10
2016-08-31Deborah HaleDropbox Breach
2016-07-13Xavier MertensDrupal: Patch released today to fix a highly critical RCE in contributed modules
2016-07-03Guy BruneauIs Data Privacy part of your Company's Culture?
2016-06-22Bojan ZdrnjaSecurity through obscurity never works
2016-05-02Rick WannerFake Chrome update for Android
2015-07-28Rick WannerAndroid Stagefright multimedia viewer prone to remote exploitation
2015-04-06Guy Bruneau'Dead Drops' Hidden USB Sticks Around the World
2014-04-26Guy BruneauAndroid Users - Beware of Bitcoin Mining Malware
2014-04-05Jim ClausingThose strange e-mails with URLs in them can lead to Android malware
2014-04-01Basil Alawi S.TaherUpgrading Your Android, Elevating My Malware
2014-02-05Johannes UllrichTo Merrillville or Sochi: How Dangerous is it to travel?
2014-01-16Kevin ShorttPort 4028 - Interesting Activity
2013-12-28Russ McReeWeekend Reading List 27 DEC
2013-12-28Bojan ZdrnjaDRG online challenge(s)
2013-08-14Johannes UllrichImaging LUKS Encrypted Drives
2013-03-04Johannes UllrichIPv6 Focus Month: Addresses
2012-05-18Johannes UllrichZTE Score M Android Phone backdoor
2012-04-30Rob VandenBrinkFCC posts Enquiry Documents on Google Wardriving
2012-03-03Jim ClausingNew automated sandbox for Android malware
2011-11-01Russ McReeHoneynet Project: Android Reverse Engineering (A.R.E.) Virtual Machine released
2011-09-07Lenny ZeltserAnalyzing Mobile Device Malware - Honeynet Forensic Challenge 9 and Some Tools
2011-08-24Rob VandenBrinkDisaster Preparedness - Are We Shaken or Stirred?
2011-08-15Rob VandenBrink8 Years since the Eastern Seaboard Blackout - Has it Been that Long?
2011-06-01Johannes UllrichEnabling Privacy Enhanced Addresses for IPv6
2011-05-18Bojan ZdrnjaAndroid, HTTP and authentication tokens
2011-05-01Deborah HaleDroid MarketPlace Has a New App
2011-04-25Rob VandenBrinkWhat's Your (IP) Address Worth?
2011-03-03Manuel Humberto Santander PelaezRogue apps inside Android Marketplace
2010-12-31Bojan ZdrnjaAndroid malware enters 2011
2010-09-07Bojan ZdrnjaSSH password authentication insight and analysis by DRG
2010-08-13Tom ListonThe Strange Case of Doctor Jekyll and Mr. ED
2010-03-24Johannes Ullrich".sys" Directories Delivering Driveby Downloads
2010-02-28Mari NicholsDisasters take practice
2010-01-26Rob VandenBrinkVMware vSphere Hardening Guide Draft posted for public review
2010-01-14Bojan ZdrnjaDRG (Dragon Research Group) Distro available for general release
2010-01-11Johannes UllrichFake Android Application
2010-01-06Guy BruneauSecure USB Flaw Exposed
2009-11-13Deborah HaleIt's Never Too Early To Start Teaching Them
2009-11-05Swa FrantzenLegacy systems
2009-08-26Johannes UllrichMalicious CD ROMs mailed to banks
2009-07-03Adrien de BeaupreBCP/DRP
2008-11-25Andre LudwigTmobile G1 handsets having DNS problems?
2008-07-19William SaluskyA twist in fluxnet operations. Enter Hydraflux
2008-06-01Swa FrantzenThe Planet outage - what can we all learn from it?