Internet Storm Center
Sign In
Sign Up
SANS Network Security: Las Vegas Sept 4-9.
Handler on Duty:
Didier Stevens
Threat Level:
green
Date
Author
Title
ZEROSHELL LINUX ROUTER
2020-07-19
Guy Bruneau
Scanning Activity for ZeroShell Unauthenticated Access
ZEROSHELL
2020-07-19/a>
Guy Bruneau
Scanning Activity for ZeroShell Unauthenticated Access
LINUX
2024-10-09/a>
Xavier Mertens
From Perfctl to InfoStealer
2024-07-08/a>
Xavier Mertens
Kunai: Keep an Eye on your Linux Hosts Activity
2024-06-20/a>
Guy Bruneau
No Excuses, Free Tools to Help Secure Authentication in Ubuntu Linux [Guest Diary]
2024-04-29/a>
Guy Bruneau
Linux Trojan - Xorddos with Filename eyshcjdmzg
2023-07-24/a>
Rob VandenBrink
JQ: Another Tool We Thought We Knew
2023-07-01/a>
Russ McRee
Sandfly Security
2023-03-11/a>
Xavier Mertens
Overview of a Mirai Payload Generator
2023-01-26/a>
Tom Webb
Live Linux IR with UAC
2023-01-23/a>
Xavier Mertens
Who's Resolving This Domain?
2022-12-20/a>
Xavier Mertens
Linux File System Monitoring & Actions
2021-11-21/a>
Didier Stevens
Backdooring PAM
2021-09-20/a>
Johannes Ullrich
#OMIGOD Exploits Captured in the Wild. Researchers responsible for half of scans for related ports.
2020-07-19/a>
Guy Bruneau
Scanning Activity for ZeroShell Unauthenticated Access
2020-07-11/a>
Guy Bruneau
Scanning Home Internet Facing Devices to Exploit
2019-06-18/a>
Johannes Ullrich
What You Need To Know About TCP "SACK Panic"
2018-10-26/a>
Xavier Mertens
Dissecting Malicious Office Documents with Linux
2018-10-17/a>
Russ McRee
RedHunt Linux - Adversary Emulation, Threat Hunting & Intelligence
2018-08-05/a>
Didier Stevens
Video: Maldoc analysis with standard Linux tools
2017-10-18/a>
Renato Marinho
Baselining Servers to Detect Outliers
2017-06-14/a>
Xavier Mertens
Systemd Could Fallback to Google DNS?
2016-07-27/a>
Xavier Mertens
Analyze of a Linux botnet client source code
2016-05-18/a>
Russ McRee
Resources: Windows Auditing & Monitoring, Linux 2FA
2016-05-08/a>
Jim Clausing
Guest Diary: Linux Capabilities - A friend and foe
2016-03-28/a>
Xavier Mertens
Improving Bash Forensics Capabilities
2014-11-25/a>
Adrien de Beaupre
Less is, umm, less?
2014-08-16/a>
Lenny Zeltser
Web Server Attack Investigation - Installing a Bot and Reverse Shell via a PHP Vulnerability
2014-03-07/a>
Tom Webb
Linux Memory Dump with Rekall
2013-12-24/a>
Daniel Wesemann
Unfriendly crontab additions
2013-05-14/a>
Swa Frantzen
CVE-2013-2094: Linux privilege escalation
2011-08-31/a>
Johannes Ullrich
Kernel.org Compromise
2011-07-31/a>
Daniel Wesemann
Anatomy of a Unix breach
2011-06-01/a>
Johannes Ullrich
Enabling Privacy Enhanced Addresses for IPv6
2011-05-01/a>
Deborah Hale
Droid MarketPlace Has a New App
2010-09-17/a>
Robert Danford
Circa 2007 Linux Kernel Vulnerability Resurfaces (Was CVE-2007-4573, Now CVE-2010-3301)
2009-07-17/a>
Bojan Zdrnja
A new fascinating Linux kernel vulnerability
2008-07-31/a>
Swa Frantzen
Linus - Linux and Security - follow-up
2008-07-29/a>
Swa Frantzen
Linus - Linux and Security
2008-06-10/a>
Swa Frantzen
Linux ASN.1 BER kernel buffer overflow
2008-05-13/a>
Swa Frantzen
OpenSSH: Predictable PRNG in debian and ubuntu Linux
ROUTER
2024-02-12/a>
Johannes Ullrich
Exploit against Unnamed "Bytevalue" router vulnerability included in Mirai Bot
2023-11-09/a>
Guy Bruneau
Routers Targeted for Gafgyt Botnet [Guest Diary]
2023-01-17/a>
Johannes Ullrich
Packet Tuesday: IPv6 Router Advertisements https://www.youtube.com/watch?v=uRWpB_lYIZ8
2020-10-03/a>
Guy Bruneau
Scanning for SOHO Routers
2020-07-19/a>
Guy Bruneau
Scanning Activity for ZeroShell Unauthenticated Access
2020-07-11/a>
Guy Bruneau
Scanning Home Internet Facing Devices to Exploit
2018-05-20/a>
Didier Stevens
DASAN GPON home routers exploits in-the-wild
2014-04-01/a>
Johannes Ullrich
cmd.so Synology Scanner Also Found on Routers
2014-01-10/a>
Basil Alawi S.Taher
Cisco Small Business Devices backdoor fix
2013-11-30/a>
Russ McRee
A review of Tubes, A Journey to the Center of the Internet
2013-03-05/a>
Mark Hofman
IPv6 Focus Month: Device Defaults
2012-05-17/a>
Johannes Ullrich
New IPv6 Video: IPv6 Router Advertisements https://isc.sans.edu/ipv6videos
2010-01-07/a>
Daniel Wesemann
Juniper routers may crash on certain malformed packets
2008-04-11/a>
John Bambenek
ADSL Router / Cable Modem / Home Wireless AP Hardening in 5 Steps
2008-03-21/a>
donald smith
D-Link router based worm?
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
Have you heard our daily podcast covering the latest
information security threats
?