Internet Storm Center
Sign In
Sign Up
Participate: Learn more about our honeypot network
https://isc.sans.edu/tools/honeypot/
Handler on Duty:
Didier Stevens
Threat Level:
green
Date
Author
Title
RED CROSS
2022-03-07
Johannes Ullrich
No Bitcoin - No Problem: Follow Up to Last Weeks Donation Scam
2022-03-04
Johannes Ullrich
Scam E-Mail Impersonating Red Cross
RED
2022-10-04/a>
Johannes Ullrich
Credential Harvesting with Telegram API
2022-09-15/a>
Xavier Mertens
Malicious Word Document with a Frameset
2022-07-08/a>
Johannes Ullrich
ISC Website Redesign
2022-03-10/a>
Xavier Mertens
Credentials Leaks on VirusTotal
2022-03-07/a>
Johannes Ullrich
No Bitcoin - No Problem: Follow Up to Last Weeks Donation Scam
2022-03-04/a>
Johannes Ullrich
Scam E-Mail Impersonating Red Cross
2022-01-20/a>
Xavier Mertens
RedLine Stealer Delivered Through FTP
2022-01-16/a>
Guy Bruneau
10 Most Popular Targeted Ports in the Past 3 Weeks
2021-11-08/a>
Xavier Mertens
(Ab)Using Security Tools & Controls for the Bad
2021-06-18/a>
Daniel Wesemann
Open redirects ... and why Phishers love them
2021-05-29/a>
Guy Bruneau
Spear-phishing Email Targeting Outlook Mail Clients
2021-03-06/a>
Xavier Mertens
Spotting the Red Team on VirusTotal!
2020-11-18/a>
Xavier Mertens
When Security Controls Lead to Security Issues
2020-07-16/a>
John Bambenek
Hunting for SigRed Exploitation
2020-07-15/a>
Johannes Ullrich
PATCH NOW - SIGRed - CVE-2020-1350 - Microsoft DNS Server Vulnerability
2020-04-27/a>
Xavier Mertens
Powershell Payload Stored in a PSCredential Object
2020-02-27/a>
Xavier Mertens
Offensive Tools Are For Blue Teams Too
2020-02-25/a>
Jan Kopriva
Quick look at a couple of current online scam campaigns
2019-11-29/a>
Russ McRee
ISC Snapshot: Search with SauronEye
2019-11-09/a>
Guy Bruneau
Fake Netflix Update Request by Text
2019-11-08/a>
Xavier Mertens
Microsoft Apps Diverted from Their Main Use
2019-08-28/a>
Johannes Ullrich
[Guest Diary] Open Redirect: A Small But Very Common Vulnerability
2019-08-21/a>
Russ McRee
KAPE: Kroll Artifact Parser and Extractor
2019-07-16/a>
Russ McRee
Commando VM: The Complete Mandiant Offensive VM
2019-04-05/a>
Russ McRee
Beagle: Graph transforms for DFIR data & logs
2018-10-17/a>
Russ McRee
RedHunt Linux - Adversary Emulation, Threat Hunting & Intelligence
2018-03-08/a>
Xavier Mertens
CRIMEB4NK IRC Bot
2017-12-27/a>
Guy Bruneau
What are your Security Challenges for 2018?
2016-09-09/a>
Xavier Mertens
Collecting Users Credentials from Locked Devices
2016-06-29/a>
Xavier Mertens
Phishing Campaign with Blurred Images
2016-01-05/a>
Guy Bruneau
What are you Concerned the Most in 2016?
2015-05-23/a>
Guy Bruneau
Business Value in "Big Data"
2015-03-18/a>
Daniel Wesemann
Pass the hash!
2015-01-31/a>
Guy Bruneau
Beware of Phishing and Spam Super Bowl Fans!
2014-11-24/a>
Richard Porter
Someone is using this? PoS: Compressor
2014-09-12/a>
Chris Mohan
Are credential dumps worth reviewing?
2014-07-03/a>
Johannes Ullrich
Credit Card Processing in 700 Words or Less
2014-06-13/a>
Richard Porter
A welcomed response, PF Chang's
2013-12-19/a>
Rob VandenBrink
Target US - Credit Card Data Breach
2013-09-23/a>
Rob VandenBrink
How do you spell "PSK"?
2013-07-12/a>
Johannes Ullrich
DNS resolution is failing for Microsofts Teredo server (teredo.ipv6.microsoft.com)
2013-07-12/a>
Johannes Ullrich
Microsoft Teredo Server "Sunset"
2013-03-09/a>
Guy Bruneau
IPv6 Focus Month: IPv6 Encapsulation - Protocol 41
2013-02-21/a>
Pedro Bueno
NBC site redirecting to Exploit kit
2011-05-03/a>
Johannes Ullrich
Analyzing Teredo with tshark and Wireshark
2011-01-03/a>
Johannes Ullrich
What Will Matter in 2011
2010-07-24/a>
Manuel Humberto Santander Pelaez
Transmiting logon information unsecured in the network
2010-06-15/a>
Manuel Humberto Santander Pelaez
Mastercard delivering cards with OTP device included
2010-04-22/a>
John Bambenek
Data Redaction: You're Doing it Wrong
2010-02-16/a>
Jim Clausing
Teredo request for packets
2010-02-16/a>
Johannes Ullrich
Teredo "stray packet" analysis
2009-07-28/a>
Adrien de Beaupre
YYAMCCBA
2009-05-18/a>
Rick Wanner
JSRedir-R/Gumblar badness
CROSS
2022-03-07/a>
Johannes Ullrich
No Bitcoin - No Problem: Follow Up to Last Weeks Donation Scam
2022-03-04/a>
Johannes Ullrich
Scam E-Mail Impersonating Red Cross
2014-08-09/a>
Adrien de Beaupre
Complete application ownage via Multi-POST XSRF
2013-02-11/a>
John Bambenek
Is This Chinese Registrar Really Trying to XSS Me?
2013-02-04/a>
Russ McRee
An expose of a recent SANS GIAC XSS vulnerability
2013-01-25/a>
Johannes Ullrich
Vulnerability Scans via Search Engines (Request for Logs)
2011-08-24/a>
Rob VandenBrink
Citrix Access Gateway Cross Site Scripting vulnerability and fix ==> http://support.citrix.com/article/CTX129971
2009-07-17/a>
John Bambenek
Cross-Platform, Cross-Browser DoS Vulnerability
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Forums
Auditing
Diary Discussions
Forensics
General Discussions
Industry News
Network Security
Penetration Testing
Software Security
Contact Us
Contact Us
About Us
Handlers
Slack Channel
Mastodon
Twitter
Follow updates by subscribing to the handler's
diary RSS feed