Diaries by Keyword - SANS Internet Storm Center

Handler on Duty: Didier Stevens

Threat Level: green

Date	Author	Title
2024-01-17	Jesse La Grew	Number Usage in Passwords
2023-10-29	Guy Bruneau	Spam or Phishing? Looking for Credentials & Passwords
2023-09-29	Xavier Mertens	Are You Still Storing Passwords In Plain Text Files?
2023-09-02	Jesse La Grew	What is the origin of passwords submitted to honeypots?
2023-08-04	Xavier Mertens	Are Leaked Credentials Dumps Used by Attackers?
2023-04-19	Rob VandenBrink	Taking a Bite Out of Password Expiry Helpdesk Calls
2023-03-31	Guy Bruneau	Using Linux grep and Windows findstr to Manipulate Files
2022-08-13	Guy Bruneau	Phishing HTML Attachment as Voicemail Audio Transcription
2022-03-10	Xavier Mertens	Credentials Leaks on VirusTotal
2021-06-19	Xavier Mertens	Easy Access to the NIST RDS Database
2021-01-06	Johannes Ullrich	Scans for Zyxel Backdoors are Commencing.
2017-05-17	Richard Porter	Wait What? We don?t have to change passwords every 90 days?
2016-06-20	Xavier Mertens	Using Your Password Manager to Monitor Data Leaks
2015-06-26	Daniel Wesemann	Cisco default credentials - again!
2014-11-24	Richard Porter	Someone is using this? PoS: Compressor
2014-08-06	Johannes Ullrich	All Passwords have been lost: What's next?
2014-07-03	Johannes Ullrich	Credit Card Processing in 700 Words or Less
2014-02-07	Rob VandenBrink	New ISO Standards on Vulnerability Handling and Disclosure
2013-12-05	Mark Hofman	Updated Standards Part 1 - ISO 27001
2013-05-14	Jim Clausing	So what passwords are those ssh scanners trying?
2012-10-24	Russ McRee	Cyber Security Awareness Month - Day 24 - A Standard for Information Security Incident Management - ISO 27035
2012-10-23	Rob VandenBrink	Cyber Security Awareness Month - Day 23: Character Encoding Standards - ASCII and Successors
2012-10-17	Rob VandenBrink	Cyber Security Awareness Month - Day 17 - A Standard for Risk Management - ISO 27005
2012-10-12	Mark Hofman	Cyber Security Awareness Month - Day 12 PCI DSS
2012-10-11	Rob VandenBrink	Cyber Security Awareness Month - Day 11 - Vendor Agnostic Standards (Center for Internet Security)
2012-10-09	Johannes Ullrich	Cyber Security Awreness Month - Day 9 - Request for Comment (RFC)
2012-07-16	Jim Clausing	An analysis of the Yahoo! passwords
2012-06-06	Jim Clausing	Potential leak of 6.5+ million LinkedIn password hashes
2011-10-10	Tom Liston	What's In A Name?
2011-08-10	Johannes Ullrich	Theoretical and Practical Password Entropy
2011-06-28	Johannes Ullrich	Hashing Passwords
2011-05-30	Johannes Ullrich	Allied Telesis Passwords Leaked
2010-12-13	Deborah Hale	Gawker Media Breach of Security
2010-02-02	Johannes Ullrich	Twitter Mass Password Reset due to Phishing
2009-12-16	Rob VandenBrink	Beware the Attack of the Christmas Greeting Cards !
2009-12-04	Daniel Wesemann	The economics of security advice (MSFT research paper)
2009-07-28	Adrien de Beaupre	YYAMCCBA
2009-04-28	Deborah Hale	RSA Conference Social Security Awards
2008-11-11	Swa Frantzen	Phishing for Google adwords
2008-09-22	Jim Clausing	Lessons learned from the Palin (and other) account hijacks
2008-06-01	Mark Hofman	Free Yahoo email account! Sign me up, Ok well maybe not.