Internet Storm Center
Sign In
Sign Up
Handler on Duty:
Jesse La Grew
Threat Level:
green
Date
Author
Title
2023-04-12
Brad Duncan
Recent IcedID (Bokbot) activity
2023-02-24
Brad Duncan
URL files and WebDAV used for IcedID (Bokbot) infection
2022-11-02
Brad Duncan
Who put the "Dark" in DarkVNC?
2022-10-23
Didier Stevens
Video: PNG Analysis
2022-10-15
Guy Bruneau
Malware - Covid Vaccination Supplier Declaration
2022-09-29
Didier Stevens
PNG Analysis
2022-08-24
Brad Duncan
Monster Libra (TA551/Shathak) --> IcedID (Bokbot) --> Cobalt Strike & DarkVNC
2022-08-12
Brad Duncan
Monster Libra (TA551/Shathak) pushes IcedID (Bokbot) with Dark VNC and Cobalt Strike
2022-07-27
Brad Duncan
IcedID (Bokbot) with Dark VNC and Cobalt Strike
2021-12-16
Brad Duncan
How the "Contact Forms" campaign tricks people
2021-12-02
Brad Duncan
TA551 (Shathak) pushes IcedID (Bokbot)
2020-10-14
Brad Duncan
More TA551 (Shathak) Word docs push IcedID (Bokbot)
2020-08-07
Brad Duncan
TA551 (Shathak) Word docs push IcedID (Bokbot)
2020-07-15
Brad Duncan
Word docs with macros for IcedID (Bokbot)
2020-05-20
Brad Duncan
Microsoft Word document with malicious macro pushes IcedID (Bokbot)
2019-12-24
Brad Duncan
Malspam with links to Word docs pushes IcedID (Bokbot)
2019-03-06
Brad Duncan
Malspam with password-protected word docs still pushing IcedID (Bokbot) with Trickbot
2019-01-16
Brad Duncan
Emotet infections and follow-up malware
2018-12-18
Brad Duncan
Malspam links to password-protected Word docs that push IcedID (Bokbot)
2018-11-15
Brad Duncan
Emotet infection with IcedID banking Trojan
2018-09-26
Brad Duncan
One Emotet infection leads to three follow-up malware infections
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
Keep yourself informed with our
aggregate InfoSec news