Diaries by Keyword - SANS Internet Storm Center

Handler on Duty: Johannes Ullrich

Threat Level: green

Date	Author	Title
2024-05-30	Xavier Mertens	Feeding MISP with OSSEC
2023-04-28	Xavier Mertens	Quick IOC Scan With Docker
2022-11-10	Xavier Mertens	Do you collect "Observables" or "IOCs"?
2020-10-01	Daniel Wesemann	IOC's turning into IOOI's
2020-07-23	Xavier Mertens	Simple Blocklisting with MISP & pfSense
2020-07-22	Rick Wanner	A few IoCs related to CVE-2020-5902
2020-04-30	Xavier Mertens	Collecting IOCs from IMAP Folder
2019-07-24	Xavier Mertens	May People Be Considered as IOC?
2019-01-22	Xavier Mertens	DNS Firewalling with MISP
2018-11-20	Xavier Mertens	Querying DShield from Cortex
2017-11-17	Xavier Mertens	Top-100 Malicious IP STIX Feed
2017-10-18	Renato Marinho	Baselining Servers to Detect Outliers
2017-03-15	Xavier Mertens	Retro Hunting!
2017-03-04	Xavier Mertens	How your pictures may affect your website reputation
2017-01-26	Xavier Mertens	IOC's: Risks of False Positive Alerts Flood Ahead
2016-08-29	Russ McRee	Recommended Reading: Intrusion Detection Using Indicators of Compromise Based on Best Practices and Windows Event Logs
2016-07-12	Xavier Mertens	Hunting for Malicious Files with MISP + OSSEC
2016-05-13	Xavier Mertens	MISP - Malware Information Sharing Platform
2016-02-11	Tom Webb	Tomcat IR with XOR.DDoS
2015-12-24	Xavier Mertens	Unity Makes Strength
2014-08-04	Russ McRee	Threats & Indicators: A Security Intelligence Lifecycle
2014-07-19	Russ McRee	Keeping the RATs out: the trap is sprung - Part 3
2014-07-18	Russ McRee	Keeping the RATs out: **it happens - Part 2
2014-07-16	Russ McRee	Keeping the RATs out: an exercise in building IOCs - Part 1