Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Diaries by Keyword - SANS Internet Storm Center Diaries by Keyword

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title
2021-12-16Brad DuncanHow the "Contact Forms" campaign tricks people
2021-12-02Brad DuncanTA551 (Shathak) pushes IcedID (Bokbot)
2020-10-14Brad DuncanMore TA551 (Shathak) Word docs push IcedID (Bokbot)
2020-08-07Brad DuncanTA551 (Shathak) Word docs push IcedID (Bokbot)
2020-07-15Brad DuncanWord docs with macros for IcedID (Bokbot)
2020-05-20Brad DuncanMicrosoft Word document with malicious macro pushes IcedID (Bokbot)
2019-12-24Brad DuncanMalspam with links to Word docs pushes IcedID (Bokbot)
2019-03-06Brad DuncanMalspam with password-protected word docs still pushing IcedID (Bokbot) with Trickbot
2019-01-16Brad DuncanEmotet infections and follow-up malware
2018-12-18Brad DuncanMalspam links to password-protected Word docs that push IcedID (Bokbot)
2018-11-15Brad DuncanEmotet infection with IcedID banking Trojan
2018-09-26Brad DuncanOne Emotet infection leads to three follow-up malware infections