Diaries by Keyword - SANS Internet Storm Center

Participate: Learn more about our honeypot network
https://isc.sans.edu/tools/honeypot/

Handler on Duty: Yee Ching Tok

Threat Level: green

Date	Author	Title
2024-03-28	Xavier Mertens	From JavaScript to AsyncRAT
2024-03-14	Jan Kopriva	Increase in the number of phishing messages pointing to IPFS and to R2 buckets
2024-03-05	Johannes Ullrich	Apple Releases iOS/iPadOS Updates with Zero Day Fixes.
2024-02-21	Jan Kopriva	Phishing pages hosted on archive.org
2024-01-22	Johannes Ullrich	Apple Updates Everything - New 0 Day in WebKit
2024-01-12	Xavier Mertens	One File, Two Payloads
2023-12-11	Johannes Ullrich	Apple Patches Everything
2023-12-09	Didier Stevens	IPv4-mapped IPv6 Address Used For Obfuscation
2023-11-17	Jan Kopriva	Phishing page with trivial anti-analysis features
2023-10-25	Johannes Ullrich	Apple Patches Everything. Releases iOS 17.1, MacOS 14.1 and updates for older versions fixing exploited vulnerability
2023-10-23	Johannes Ullrich	How an AppleTV may take down your (#IPv6) network
2023-10-09	Didier Stevens	ZIP's DOSTIME & DOSDATE Formats
2023-10-07	Didier Stevens	Binary IPv6 Addresses
2023-10-05	Jim Clausing	New tool: le-hex-to-ip.py
2023-08-23	Xavier Mertens	More Exotic Excel Files Dropping AgentTesla
2023-07-29	Xavier Mertens	Do Attackers Pay More Attention to IPv6?
2023-07-26	Xavier Mertens	Suspicious IP Addresses Avoided by Malware Samples
2023-06-24	Guy Bruneau	Email Spam with Attachment Modiloader
2023-06-22	Brad Duncan	Qakbot (Qbot) activity, obama271 distribution tag
2023-06-22	Johannes Ullrich	Apple Patches Exploited Vulnerabilities in iOS/iPadOS, macOS, watchOS and Safari
2023-06-11	Guy Bruneau	DShield Honeypot Activity for May 2023
2023-06-05	Johannes Ullrich	Brute Forcing Simple Archive Passwords
2023-05-20	Xavier Mertens	Phishing Kit Collecting Victim's IP Address
2023-05-18	Johannes Ullrich	A Quick Survey of .zip Domains: Your highest risk is running into Rick Astley.
2023-05-16	Jesse La Grew	Signals Defense With Faraday Bags & Flipper Zero
2023-03-27	Johannes Ullrich	Apple Updates Everything (including Studio Display)
2023-03-25	Guy Bruneau	Microsoft Released an Update for Windows Snipping Tool Vulnerability
2023-03-22	Didier Stevens	Windows 11 Snipping Tool Privacy Bug: Inspecting PNG Files
2023-02-28	Brad Duncan	BB17 distribution Qakbot (Qbot) activity
2023-02-06	Johannes Ullrich	APIs Used by Bots to Detect Public IP address
2023-01-24	Johannes Ullrich	Apple Updates (almost) Everything: Patch Overview
2023-01-17	Johannes Ullrich	Packet Tuesday: IPv6 Router Advertisements https://www.youtube.com/watch?v=uRWpB_lYIZ8
2022-11-17	Johannes Ullrich	Lessons Learned from Automatic Failover: When 8.8.8.8 "disappears". IPv6 to the Rescue?
2022-11-04	Xavier Mertens	Remcos Downloader with Unicode Obfuscation
2022-10-21	Brad Duncan	sczriptzzbn inject pushes malware for NetSupport RAT
2022-10-16	Didier Stevens	Video: Analysis of a Malicious HTML File (QBot)
2022-10-13	Didier Stevens	Analysis of a Malicious HTML File (QBot)
2022-10-07	Xavier Mertens	Critical Fortinet Vulnerability Ahead
2022-08-17	Johannes Ullrich	A Quick VoIP Experiment
2022-08-14	Johannes Ullrich	Realtek SDK SIP ALG Vulnerability: A Big Deal, but not much you can do about it. CVE 2022-27255
2022-08-11	Xavier Mertens	InfoStealer Script Based on Curl and NSudo
2022-07-20	Johannes Ullrich	Apple Patches Everything Day
2022-07-09	Didier Stevens	7-Zip Editing & MoW
2022-07-04	Didier Stevens	7-Zip & MoW: "For Office files"
2022-07-03	Didier Stevens	7-Zip & MoW
2022-06-26	Didier Stevens	My Paste Command
2022-06-25	Xavier Mertens	Malicious Code Passed to PowerShell via the Clipboard
2022-06-22	Xavier Mertens	Malicious PowerShell Targeting Cryptocurrency Browser Extensions
2022-06-16	Xavier Mertens	Houdini is Back Delivered Through a JavaScript Dropper
2022-06-04	Guy Bruneau	Spam Email Contains a Very Large ISO file
2022-06-01	Jan Kopriva	HTML phishing attachments - now with anti-analysis features
2022-05-20	Xavier Mertens	A 'Zip Bomb' to Bypass Security Controls & Sandboxes
2022-05-13	Johannes Ullrich	From 0-Day to Mirai: 7 days of BIG-IP Exploits
2022-05-09	Xavier Mertens	Octopus Backdoor is Back with a New Embedded Obfuscated Bat File
2022-05-08	Johannes Ullrich	F5 BIG-IP Unauthenticated RCE Vulnerability (CVE-2022-1388)
2022-04-21	Xavier Mertens	Multi-Cryptocurrency Clipboard Swapper
2022-04-20	Brad Duncan	"aa" distribution Qakbot (Qbot) infection with DarkVNC traffic
2022-03-31	Johannes Ullrich	Apple Patches Actively Exploited Vulnerability in macOS, iOS and iPadOS,
2022-03-14	Johannes Ullrich	Apple Updates Everything: MacOS 12.3, XCode 13.3, tvOS 15.4, watchOS 8.5, iPadOS 15.4 and more
2022-03-10	Xavier Mertens	Credentials Leaks on VirusTotal
2022-02-25	Didier Stevens	Windows, Fixed IPv4 Addresses and APIPA
2022-02-18	Xavier Mertens	Remcos RAT Delivered Through Double Compressed Archive
2022-02-10	Johannes Ullrich	iOS/iPadOS and MacOS Update: Single WebKit 0-Day Vulnerability Patched
2022-01-27	Johannes Ullrich	Apple Patches Everything
2022-01-18	Jan Kopriva	Phishing e-mail with...an advertisement?
2022-01-04	Xavier Mertens	A Simple Batch File That Blocks People
2021-11-18	Xavier Mertens	JavaScript Downloader Delivers Agent Tesla Trojan
2021-11-15	Rob VandenBrink	Changing your AD Password Using the Clipboard - Not as Easy as You'd Think!
2021-10-31	Didier Stevens	Video: Phishing ZIP With Malformed Filename
2021-10-24	Didier Stevens	Phishing ZIP With Malformed Filename
2021-10-21	Brad Duncan	"Stolen Images Evidence" campaign pushes Sliver-based malware
2021-10-07	Johannes Ullrich	Who Is Hunting For Your IPTV Set-Top Box?
2021-09-17	Xavier Mertens	Malicious Calendar Subscriptions Are Back?
2021-09-08	Brad Duncan	"Stolen Images Evidence" Campaign Continues Pushing BazarLoader Malware
2021-09-07	Johannes Ullrich	Why I Gave Up on IPv6. And no, it is not because of security issues.
2021-08-30	Xavier Mertens	Cryptocurrency Clipboard Swapper Delivered With Love
2021-08-29	Guy Bruneau	Filter JSON Data by Value with Linux jq
2021-08-13	Brad Duncan	Example of Danabot distributed through malspam
2021-07-26	Didier Stevens	Failed Malspam: Recovering The Password
2021-05-28	Xavier Mertens	Malicious PowerShell Hosted on script.google.com
2021-05-22	Xavier Mertens	"Serverless" Phishing Campaign
2021-05-18	Xavier Mertens	From RunDLL32 to JavaScript then PowerShell
2021-05-10	Johannes Ullrich	Correctly Validating IP Addresses: Why encoding matters for input validation.
2021-05-08	Guy Bruneau	Who is Probing the Internet for Research Purposes?
2021-04-28	Xavier Mertens	Deeper Analyzis of my Last Malicious PowerPoint Add-On
2021-03-19	Xavier Mertens	Pastebin.com Used As a Simple C2 Channel
2021-02-13	Guy Bruneau	Using Logstash to Parse IPtables Firewall Logs
2020-12-22	Xavier Mertens	Malware Victim Selection Through WiFi Identification
2020-11-13	Xavier Mertens	Old Worm But New Obfuscation Technique
2020-11-09	Xavier Mertens	How Attackers Brush Up Their Malicious Scripts
2020-11-06	Johannes Ullrich	Rediscovering Limitations of Stateful Firewalls: "NAT Slipstreaming" ? Implications, Detections and Mitigations
2020-10-24	Guy Bruneau	An Alternative to Shodan, Censys with User-Agent CensysInspect/1.1
2020-10-14	Brad Duncan	More TA551 (Shathak) Word docs push IcedID (Bokbot)
2020-09-11	Rob VandenBrink	What's in Your Clipboard? Pillaging and Protecting the Clipboard
2020-08-07	Brad Duncan	TA551 (Shathak) Word docs push IcedID (Bokbot)
2020-07-28	Johannes Ullrich	All I want this Tuesday: More Data
2020-07-27	Johannes Ullrich	In Memory of Donald Smith
2020-07-24	Xavier Mertens	Compromized Desktop Applications by Web Technologies
2020-07-06	Johannes Ullrich	Summary of CVE-2020-5902 F5 BIG-IP RCE Vulnerability Exploits
2020-07-05	Didier Stevens	CVE-2020-5902 F5 BIG-IP Exploitation Attempt
2020-06-11	Xavier Mertens	Anti-Debugging JavaScript Techniques
2020-06-08	Didier Stevens	Translating BASE64 Obfuscated Scripts
2020-05-13	Brad Duncan	Malspam with links to zip archives pushes Dridex malware
2020-05-08	Xavier Mertens	Using Nmap As a Lightweight Vulnerability Scanner
2020-05-03	Didier Stevens	ZIP & AES
2020-04-26	Didier Stevens	Video: Malformed .docm File
2020-04-08	Brad Duncan	German malspam pushes ZLoader malware
2020-04-04	Didier Stevens	New Bypass Technique or Corrupt Word Document?
2020-03-27	Xavier Mertens	Malicious JavaScript Dropping Payload in the Registry
2020-03-25	Brad Duncan	Recent Dridex activity
2020-02-28	Xavier Mertens	Show me Your Clipboard Data!
2020-02-22	Xavier Mertens	Simple but Efficient VBScript Obfuscation
2020-02-07	Xavier Mertens	Sandbox Detection Tricks & Nice Obfuscation in a Single VBScript
2020-01-22	Brad Duncan	German language malspam pushes Ursnif
2020-01-15	Johannes Ullrich	CVE-2020-0601 Followup
2019-09-27	Xavier Mertens	New Scans for Polycom Autoconfiguration Files
2019-09-26	Rob VandenBrink	Mining MAC Address and OUI Information
2019-08-30	Xavier Mertens	Malware Dropping a Local Node.js Instance
2019-08-22	Xavier Mertens	Simple Mimikatz & RDPWrapper Dropper
2019-08-09	Xavier Mertens	100% JavaScript Phishing Page
2019-06-20	Xavier Mertens	Using a Travel Packing App for Infosec Purpose
2019-06-10	Xavier Mertens	Interesting JavaScript Obfuscation Example
2019-03-15	Remco Verhoef	Binary Analysis with Jupyter and Radare2
2019-03-14	Didier Stevens	Tip: Ghidra & ZIP Files
2019-02-24	Guy Bruneau	Packet Editor and Builder by Colasoft
2019-02-21	Xavier Mertens	Simple Powershell Keyloggers are Back
2019-02-07	Xavier Mertens	Phishing Kit with JavaScript Keylogger
2019-01-29	Johannes Ullrich	A Not So Well Done Phish (Why Attackers need to Implement IPv6 Now! ;-) )
2018-12-17	Didier Stevens	Password Protected ZIP with Maldoc
2018-11-26	Russ McRee	ViperMonkey: VBA maldoc deobfuscation
2018-07-17	Xavier Mertens	Searching for Geographically Improbable Login Attempts
2018-07-13	Xavier Mertens	Cryptominer Delivered Though Compromized JavaScript File
2018-06-19	Xavier Mertens	PowerShell: ScriptBlock Logging... Or Not?
2018-06-18	Xavier Mertens	Malicious JavaScript Targeting Mobile Browsers
2018-05-01	Xavier Mertens	Diving into a Simple Maldoc Generator
2018-03-01	Johannes Ullrich	Why Does Emperor Xi Dislike Winnie the Pooh and Scrambled Eggs?
2018-01-19	Jim Clausing	Followup to IPv6 brute force and IPv6 blocking
2018-01-09	Jim Clausing	Are you watching for brute force attacks on IPv6?
2017-11-17	Xavier Mertens	Top-100 Malicious IP STIX Feed
2017-10-25	Mark Hofman	DUHK attack, continuing a week of named issues
2017-09-13	Rob VandenBrink	No IPv6? Challenge Accepted! (Part 1)
2017-08-26	Didier Stevens	Malware analysis: searching for dots
2017-08-10	Didier Stevens	Maldoc Analysis with ViperMonkey
2017-07-08	Xavier Mertens	A VBScript with Obfuscated Base64 Data
2017-06-22	Xavier Mertens	Obfuscating without XOR
2017-04-02	Guy Bruneau	IPFire - A Household Multipurpose Security Gateway
2017-03-24	Xavier Mertens	Nicely Obfuscated JavaScript Sample
2017-03-10	Xavier Mertens	The Side Effect of GeoIP Filters
2017-03-04	Xavier Mertens	How your pictures may affect your website reputation
2017-02-28	Johannes Ullrich	My Catch Of 4 Months In The Amazon IP Address Space
2017-02-12	Xavier Mertens	Analysis of a Suspicious Piece of JavaScript
2017-02-02	Rick Wanner	Multiple vulnerabilities discovered in popular printer models
2016-12-13	Xavier Mertens	UAC Bypass in JScript Dropper
2016-11-22	Didier Stevens	Update:ZIP With Comment
2016-11-21	Didier Stevens	ZIP With Comment
2016-09-01	Xavier Mertens	Maxmind.com (Ab)used As Anti-Analysis Technique
2016-08-28	Guy Bruneau	Spam with Obfuscated Javascript
2016-07-26	Johannes Ullrich	Command and Control Channels Using "AAAA" DNS Records
2016-06-18	Rob VandenBrink	Controlling JavaScript Malware Before it Runs
2016-04-27	Tom Webb	Kippos Cousin Cowrie
2016-02-20	Didier Stevens	Locky: JavaScript Deobfuscation
2016-02-07	Xavier Mertens	More Malicious JavaScript Obfuscation
2016-02-06	Jim Clausing	More updates to kippo-log2db
2016-02-02	Johannes Ullrich	Targeted IPv6 Scans Using pool.ntp.org .
2016-01-15	Xavier Mertens	JavaScript Deobfuscation Tool
2015-12-22	Rick Wanner	The other Juniper vulnerability - CVE-2015-7756
2015-08-07	Tony Carothers	Critical Firefox Update Today
2015-06-02	Alex Stanford	Guest Diary: Xavier Mertens - Playing with IP Reputation with Dshield & OSSEC
2015-03-12	Johannes Ullrich	Who got the bad SSL Certificate? Using tshark to analyze the SSL handshake.
2015-02-07	Jim Clausing	Update to kippo-log2db.pl
2014-11-10	Chris Mohan	Lessons Learn from attacks on Kippo honeypots
2014-09-19	Guy Bruneau	CipherShed Fork from TrueCrypt Project, Support Windows, Mac OS and Linux - https://ciphershed.org
2014-09-03	Johannes Ullrich	F5 BigIP Unauthenticated rsync Vulnerability
2014-08-29	Johannes Ullrich	False Positive or Not? Difficult to Analyze Javascript
2014-08-12	Adrien de Beaupre	Host discovery with nmap
2014-07-23	Johannes Ullrich	New Feature: "Live" SSH Brute Force Logs and New Kippo Client
2014-07-22	Daniel Wesemann	App "telemetry"
2014-07-02	Johannes Ullrich	Simple Javascript Extortion Scheme Advertised via Bing
2014-07-01	Johannes Ullrich	Microsoft No-IP Takedown
2014-06-19	Tony Carothers	New Supermicro IPMI/BMC Vulnerability
2014-04-03	Bojan Zdrnja	Watching the watchers
2014-03-20	Johannes Ullrich	Normalizing IPv6 Addresses
2014-02-10	Rob VandenBrink	Isn't it About Time to Get Moving on Chip and PIN?
2014-01-30	Johannes Ullrich	IPv6 and isc.sans.edu (Update)
2014-01-17	Russ McRee	Massive RFI scans likely a free web app vuln scanner rather than bots
2014-01-13	Johannes Ullrich	Got an IPv6 Firewall?
2014-01-01	Russ McRee	Six degrees of celebration: Juniper, ANT, Shodan, Maltego, Cisco, and Tails
2013-12-21	Guy Bruneau	Strange DNS Queries - Request for Packets
2013-12-19	Rob VandenBrink	Target US - Credit Card Data Breach
2013-11-19	Jim Clausing	Updated dumpdns.pl
2013-11-06	Johannes Ullrich	Rapid7 Discloses IPMI Vulnerabilities
2013-11-04	Manuel Humberto Santander Pelaez	When attackers use your DNS to check for the sites you are visiting
2013-10-25	Rob VandenBrink	Kaspersky flags TCPIP.SYS as Malware
2013-09-05	Rob VandenBrink	Building Your Own GPU Enabled Private Cloud
2013-09-05	Rob VandenBrink	What's Next for IPS?
2013-09-02	Guy Bruneau	Multiple Cisco Security Notice
2013-08-07	Johannes Ullrich	Firefox 23 and Mixed Active Content
2013-07-25	Johannes Ullrich	A Couple of SSH Brute Force Compromises
2013-07-20	Manuel Humberto Santander Pelaez	Do you have rogue Internet gateways in your network? Check it with nmap
2013-07-12	Johannes Ullrich	Microsoft Teredo Server "Sunset"
2013-07-01	Manuel Humberto Santander Pelaez	Using nmap scripts to enhance vulnerability asessment results
2013-06-12	Johannes Ullrich	Stupid Little IPv6 Tricks
2013-05-20	Johannes Ullrich	Ubuntu Package available to submit firewall logs to DShield
2013-05-17	Johannes Ullrich	SSL: Another reason not to ignore IPv6
2013-04-23	Russ McRee	Microsoft's Security Intelligence Report (SIRv14) released
2013-03-27	Adam Swanger	IPv6 Focus Month: Guest Diary: Stephen Groat - IPv6 moving target defense
2013-03-25	Johannes Ullrich	IPv6 Focus Month: IPv6 over IPv4 Preference
2013-03-21	Jim Clausing	IPv6 Focus Month: Guest Diary: Matthew Newton - IPv6 Cat Feeder - Turning those extra bits into bytes, literally
2013-03-19	Johannes Ullrich	IPv6 Focus Month: The warm and fuzzy side of IPv6
2013-03-18	Johannes Ullrich	IPv6 Focus Month: What is changing with DHCP
2013-03-13	Johannes Ullrich	IPv6 Focus Month: Kaspersky Firewall IPv6 Vulnerability
2013-03-12	Swa Frantzen	IPv6 Focus Month: How to say no!
2013-03-11	Richard Porter	IPv6 Focus Month: Traffic Testing, Firewalls, ACLs, pt 1
2013-03-09	Guy Bruneau	IPv6 Focus Month: IPv6 Encapsulation - Protocol 41
2013-03-08	Johannes Ullrich	IPv6 Focus Month: Filtering ICMPv6 at the Border
2013-03-07	Rob VandenBrink	IPv6 Focus Month: Barriers to Implementing IPv6
2013-03-06	Adam Swanger	IPv6 Focus Month: Guest Diary: Stephen Groat - Geolocation Using IPv6 Addresses
2013-03-05	Mark Hofman	IPv6 Focus Month: Device Defaults
2013-03-04	Johannes Ullrich	IPv6 Focus Month: Addresses
2013-03-01	Jim Clausing	IPv6 Focus Month at the Internet Storm Center
2013-02-11	John Bambenek	Is This Chinese Registrar Really Trying to XSS Me?
2013-02-08	Kevin Shortt	Is it Spam or Is it Malware?
2013-02-04	Russ McRee	An expose of a recent SANS GIAC XSS vulnerability
2013-01-31	Johannes Ullrich	IPv6 Focus Month
2013-01-30	Richard Porter	Getting Involved with the Local Community
2013-01-25	Johannes Ullrich	Vulnerability Scans via Search Engines (Request for Logs)
2013-01-10	Rob VandenBrink	What Else runs Telnets? Or, Pentesters Love Video Conferencing Units Too!
2012-12-06	Johannes Ullrich	How to identify if you are behind a "Transparent Proxy"
2012-10-06	Manuel Humberto Santander Pelaez	Cyber Security Awareness Month - Day 6 - NERC: The standard that enforces security on power SCADA
2012-10-04	Johannes Ullrich	Cyber Security Awareness Month - Day 4: Crypto Standards
2012-09-05	Rob VandenBrink	Auditing a Network for VOIP Call Quality Metrics
2012-08-16	Johannes Ullrich	A Poor Man's DNS Anomaly Detection Script
2012-07-21	Rick Wanner	TippingPoint DNS Version Request increase
2012-07-18	Rob VandenBrink	Snort Updated today
2012-06-25	Guy Bruneau	Using JSDetox to Analyze and Deobfuscate Javascript
2012-06-07	Johannes Ullrich	IPMI: Hacking servers that are turned "off"
2012-06-01	Johannes Ullrich	What Does "IPv6 Day" mean to you?
2012-05-31	Johannes Ullrich	SCADA@Home: Your health is no secret no more!
2012-05-22	Johannes Ullrich	nmap 6 released
2012-05-17	Johannes Ullrich	New IPv6 Video: IPv6 Router Advertisements https://isc.sans.edu/ipv6videos
2012-05-07	Guy Bruneau	iOS 5.1.1 Software Update for iPod, iPhone, iPad
2012-05-06	Jim Clausing	Tool updates and Win 8
2012-04-25	Daniel Wesemann	Blacole's obfuscated JavaScript
2012-01-22	Johannes Ullrich	Javascript DDoS Tool Analysis
2012-01-12	Rob VandenBrink	Stuff I Learned Scripting - Fun with STDERR
2012-01-03	Bojan Zdrnja	The tale of obfuscated JavaScript continues
2011-12-21	Chris Mohan	The off switch
2011-12-07	Lenny Zeltser	V8 as an Alternative to SpiderMonkey for JavaScript Deobfuscation
2011-11-10	Rob VandenBrink	Stuff I Learned Scripting - - Parsing XML in a One-Liner
2011-11-07	Rob VandenBrink	Stuff I Learned Scripting - Evaluating a Remote SSL Certificate
2011-11-07	Rob VandenBrink	Juniper BGP issues causing locallized Internet Problems
2011-11-04	Guy Bruneau	New Poll: In the coming 12 months, what is your deployment plan or status with IPv6?
2011-10-23	Guy Bruneau	tcpdump and IPv6
2011-09-29	Daniel Wesemann	The SSD dilemma
2011-09-09	Guy Bruneau	IPv6 and DNS Sinkhole
2011-08-24	Rob VandenBrink	Citrix Access Gateway Cross Site Scripting vulnerability and fix ==> http://support.citrix.com/article/CTX129971
2011-08-22	Jim Clausing	Are your tools ready for IPv6? (part 2)
2011-08-04	Jim Clausing	Are your tools ready for IPv6? (part 1)
2011-07-27	Johannes Ullrich	Internet Storm Center iPhone App now available. Feedback/Feature Requests welcome. Search App Store for "ISC Reader"
2011-07-09	Tony Carothers	Copyright Alert System - What say you?
2011-06-17	Richard Porter	When do you stop owning Technology?
2011-06-09	Johannes Ullrich	IPv6 Day Summary
2011-06-08	Johannes Ullrich	IPv6 Day Started
2011-06-06	Manuel Humberto Santander Pelaez	Phishing: Same goal, same techniques and people still falling for such scams
2011-06-02	Johannes Ullrich	IPv6 RA-Guard: How it works and how to defeat it
2011-06-01	Johannes Ullrich	Enabling Privacy Enhanced Addresses for IPv6
2011-05-03	Johannes Ullrich	Analyzing Teredo with tshark and Wireshark
2011-04-25	Rob VandenBrink	What's Your (IP) Address Worth?
2011-04-23	Manuel Humberto Santander Pelaez	Image search can lead to malware download
2011-04-22	Manuel Humberto Santander Pelaez	iPhoneMap: iPhoneTracker port to Linux
2011-04-20	Johannes Ullrich	iPhone GPS Data Storage
2011-04-11	Johannes Ullrich	Layer 2 DoS and other IPv6 Tricks
2011-04-05	Johannes Ullrich	IPv6 MITM via fake router advertisements
2011-02-08	Johannes Ullrich	Tippingpoint Releases Details on Unpatched Bugs
2011-02-01	Johannes Ullrich	The End Of IP As We Know It
2011-01-24	Rob VandenBrink	Where have all the COM Ports Gone? - How enumerating COM ports led to me finding a “misplaced” Microsoft tool
2011-01-05	Johannes Ullrich	ipv6finder : How ready are you for IPv6?
2010-12-02	Kevin Johnson	Robert Hansen and our happiness
2010-11-29	Stephen Hall	iPhone phishing - What you see, isn't what you get
2010-11-08	Manuel Humberto Santander Pelaez	Network Security Perimeter: How to choose the correct firewall and IPS for your environment?
2010-08-06	Rob VandenBrink	FOXIT PDF Reader update to resolve iPhone/iPad Jailbreak issue ==> http://www.foxitsoftware.com/announcements/2010861227.html
2010-08-01	Manuel Humberto Santander Pelaez	Evation because IPS fails to validate TCP checksums?
2010-07-29	Rob VandenBrink	NoScript 2.0 released
2010-07-29	Rob VandenBrink	FBI, Slovenian and Spanish Police announce more arrests of Mariposa Botnet Creator, Operators
2010-07-04	Manuel Humberto Santander Pelaez	Malware inside PDF Files
2010-06-23	Johannes Ullrich	IPv6 Support in iOS 4
2010-06-15	Manuel Humberto Santander Pelaez	TCP evasions for IDS/IPS
2010-06-15	Manuel Humberto Santander Pelaez	iPhone 4 Order Security Breach Exposes Private Information
2010-06-10	Deborah Hale	iPad Owners Exposed
2010-04-15	Mark Hofman	SIP Attacks on internet connected port5060 targeting Asterix servers
2010-03-24	Kyle Haugsness	Wikipedia outage
2010-03-21	Scott Fendley	Skipfish - Web Application Security Tool
2010-03-05	Kyle Haugsness	Javascript obfuscators used in the wild
2010-02-26	Rick Wanner	NIST Guidelines for Secure Deployment of IPv6 - http://csrc.nist.gov/publications/drafts/800-119/draft-sp800-119_feb2010.pdf
2010-02-16	Johannes Ullrich	Teredo "stray packet" analysis
2010-02-16	Jim Clausing	Teredo request for packets
2010-02-03	Rob VandenBrink	APPLE-SA-2010-02-02-1 iPhone OS 3.1.3 and iPhone OS 3.1.3 for iPod touch
2010-02-02	Johannes Ullrich	New IPv6 Screencast Videos: http://isc.sans.org/ipv6videos (Today: blocking and detecting IPv6 in Linux)
2010-01-19	Jim Clausing	49Gbps DDoS, IPv4 exhaustion, and DNSSEC, oh my!
2010-01-12	Johannes Ullrich	IPv6 and isc.sans.org
2010-01-06	Johannes Ullrich	Denial of Service Attack Aftermath (and what did Iran have to do with it?)
2010-01-06	Johannes Ullrich	New Tool: IPv6 conversions http://isc.sans.org/tools/ipv6.html
2009-12-21	Marcus Sachs	iPhone Botnet Analysis
2009-11-09	Chris Carboni	80's Flashback on Jailbroken iPhones
2009-11-08	Bojan Zdrnja	iPhone worm in the wild
2009-10-20	Raul Siles	Cyber Security Awareness Month - Day 20 - Ports 5060 & 5061 - SIP (VoIP)
2009-09-12	Jim Clausing	Apple Updates
2009-09-07	Jim Clausing	Request for packets
2009-08-28	Adrien de Beaupre	WPA with TKIP done
2009-07-31	Deborah Hale	The iPhone patch is out
2009-07-30	Deborah Hale	iPhone Hijack
2009-06-06	Patrick Nolan	ARRA/HIPAA Breach Reporting Dates Approaching
2009-05-09	Patrick Nolan	Unusable, Unreadable, or Indecipherable? No Breach reporting required
2009-05-04	Tom Liston	Adobe Reader/Acrobat Critical Vulnerability
2009-04-30	Marcus Sachs	ARIN Notification Concerning IPv6
2009-04-18	Johannes Ullrich	Twitter Packet Challenge Solution
2009-04-07	Bojan Zdrnja	Advanced JavaScript obfuscation (or why signature scanning is a failure)
2009-04-02	Bojan Zdrnja	JavaScript insertion and log deletion attack tools
2009-03-24	G. N. White	PSYB0T: A MIPS-device (mipsel) IRC Bot
2009-03-22	Mari Nichols	Dealing with Security Challenges
2009-03-01	Jim Clausing	Cool combination of tools
2009-02-25	Andre Ludwig	Adobe Acrobat pdf 0-day exploit, No JavaScript needed!
2009-02-25	Andre Ludwig	Preview/Iphone/Linux pdf issues
2009-02-13	Kevin Liston	Canada Calling
2008-12-13	Jim Clausing	Followup from last shift and some research to do.
2008-11-17	Jim Clausing	How are you coming with that IPv6 migration?
2008-10-20	Johannes Ullrich	Fraudulent ATM Reactivation Phone Calls.
2008-10-01	Rick Wanner	Handler Mailbag
2008-09-10	Adrien de Beaupre	Apple updates iPod Touch + Bonjour for Windows
2008-09-08	Raul Siles	VoIP Attacks: Reverse Vhising, SEO and Phone Number Authentication
2008-07-14	Daniel Wesemann	Obfuscated JavaScript Redux
2008-07-11	Jim Clausing	Handling the load
2008-06-30	Marcus Sachs	More SQL Injection with Fast Flux hosting
2008-06-18	Chris Carboni	Cisco Security Advisory
2008-05-20	Raul Siles	List of malicious domains inserted through SQL injection
2008-04-29	Bojan Zdrnja	Scripts in ASF files
2008-04-06	Daniel Wesemann	Advanced obfuscated JavaScript analysis
2008-04-03	Bojan Zdrnja	Mixed (VBScript and JavaScript) obfuscation