Internet Storm Center
Sign In
Sign Up
Handler on Duty:
Didier Stevens
Threat Level:
green
Date
Author
Title
2024-08-26
Xavier Mertens
From Highly Obfuscated Batch File to XWorm and Redline
2024-08-14
Xavier Mertens
Multiple Malware Dropped Through MSI Package
2024-05-22
Guy Bruneau
Analysis of ?redtail? File Uploads to ICS Honeypot, a Multi-Architecture Coin Miner [Guest Diary]
2024-05-15
Rob VandenBrink
Got MFA? If not, Now is the Time!
2024-03-10
Guy Bruneau
What happens when you accidentally leak your AWS API keys? [Guest Diary]
2024-03-07
Jesse La Grew
[Guest Diary] AWS Deployment Risks - Configuration and Credential File Targeting
2023-11-15
Xavier Mertens
Redline Dropped Through MSIX Package
2023-10-29
Guy Bruneau
Spam or Phishing? Looking for Credentials & Passwords
2023-08-04
Xavier Mertens
Are Leaked Credentials Dumps Used by Attackers?
2022-10-04
Johannes Ullrich
Credential Harvesting with Telegram API
2022-09-15
Xavier Mertens
Malicious Word Document with a Frameset
2022-07-08
Johannes Ullrich
ISC Website Redesign
2022-03-10
Xavier Mertens
Credentials Leaks on VirusTotal
2022-03-07
Johannes Ullrich
No Bitcoin - No Problem: Follow Up to Last Weeks Donation Scam
2022-03-04
Johannes Ullrich
Scam E-Mail Impersonating Red Cross
2022-01-20
Xavier Mertens
RedLine Stealer Delivered Through FTP
2022-01-16
Guy Bruneau
10 Most Popular Targeted Ports in the Past 3 Weeks
2021-11-08
Xavier Mertens
(Ab)Using Security Tools & Controls for the Bad
2021-06-18
Daniel Wesemann
Open redirects ... and why Phishers love them
2021-05-29
Guy Bruneau
Spear-phishing Email Targeting Outlook Mail Clients
2021-03-06
Xavier Mertens
Spotting the Red Team on VirusTotal!
2020-11-18
Xavier Mertens
When Security Controls Lead to Security Issues
2020-07-16
John Bambenek
Hunting for SigRed Exploitation
2020-07-15
Johannes Ullrich
PATCH NOW - SIGRed - CVE-2020-1350 - Microsoft DNS Server Vulnerability
2020-04-27
Xavier Mertens
Powershell Payload Stored in a PSCredential Object
2020-02-27
Xavier Mertens
Offensive Tools Are For Blue Teams Too
2020-02-25
Jan Kopriva
Quick look at a couple of current online scam campaigns
2019-11-29
Russ McRee
ISC Snapshot: Search with SauronEye
2019-11-09
Guy Bruneau
Fake Netflix Update Request by Text
2019-11-08
Xavier Mertens
Microsoft Apps Diverted from Their Main Use
2019-08-28
Johannes Ullrich
[Guest Diary] Open Redirect: A Small But Very Common Vulnerability
2019-08-21
Russ McRee
KAPE: Kroll Artifact Parser and Extractor
2019-07-16
Russ McRee
Commando VM: The Complete Mandiant Offensive VM
2019-04-05
Russ McRee
Beagle: Graph transforms for DFIR data & logs
2018-10-17
Russ McRee
RedHunt Linux - Adversary Emulation, Threat Hunting & Intelligence
2018-03-08
Xavier Mertens
CRIMEB4NK IRC Bot
2017-12-27
Guy Bruneau
What are your Security Challenges for 2018?
2016-09-09
Xavier Mertens
Collecting Users Credentials from Locked Devices
2016-06-29
Xavier Mertens
Phishing Campaign with Blurred Images
2016-01-05
Guy Bruneau
What are you Concerned the Most in 2016?
2015-05-23
Guy Bruneau
Business Value in "Big Data"
2015-03-18
Daniel Wesemann
Pass the hash!
2015-01-31
Guy Bruneau
Beware of Phishing and Spam Super Bowl Fans!
2014-11-24
Richard Porter
Someone is using this? PoS: Compressor
2014-09-12
Chris Mohan
Are credential dumps worth reviewing?
2014-07-03
Johannes Ullrich
Credit Card Processing in 700 Words or Less
2014-06-13
Richard Porter
A welcomed response, PF Chang's
2013-12-19
Rob VandenBrink
Target US - Credit Card Data Breach
2013-09-23
Rob VandenBrink
How do you spell "PSK"?
2013-07-12
Johannes Ullrich
DNS resolution is failing for Microsofts Teredo server (teredo.ipv6.microsoft.com)
2013-07-12
Johannes Ullrich
Microsoft Teredo Server "Sunset"
2013-03-09
Guy Bruneau
IPv6 Focus Month: IPv6 Encapsulation - Protocol 41
2013-02-21
Pedro Bueno
NBC site redirecting to Exploit kit
2011-05-03
Johannes Ullrich
Analyzing Teredo with tshark and Wireshark
2011-01-03
Johannes Ullrich
What Will Matter in 2011
2010-07-24
Manuel Humberto Santander Pelaez
Transmiting logon information unsecured in the network
2010-06-15
Manuel Humberto Santander Pelaez
Mastercard delivering cards with OTP device included
2010-04-22
John Bambenek
Data Redaction: You're Doing it Wrong
2010-02-16
Jim Clausing
Teredo request for packets
2010-02-16
Johannes Ullrich
Teredo "stray packet" analysis
2009-07-28
Adrien de Beaupre
YYAMCCBA
2009-05-18
Rick Wanner
JSRedir-R/Gumblar badness
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
Have you seen our swag?
Buy SANS ISC Gear