Diaries by Keyword - SANS Internet Storm Center

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Handler on Duty: Jesse La Grew

Threat Level: green

Date	Author	Title
BIN LADEN
2011-05-03	Johannes Ullrich	Update on Osama Bin Laden themed Malware
2011-05-02	Johannes Ullrich	Bin Laden Death Related Malware
BIN
2023-06-19/a>	Xavier Mertens	Malware Delivered Through .inf File
2023-03-31/a>	Guy Bruneau	Using Linux grep and Windows findstr to Manipulate Files
2022-12-04/a>	Didier Stevens	Finger.exe LOLBin
2022-12-03/a>	Guy Bruneau	Linux LOLBins Applications Available in Windows
2022-03-25/a>	Xavier Mertens	XLSB Files: Because Binary is Stealthier Than XML
2022-03-15/a>	Xavier Mertens	Clean Binaries with Suspicious Behaviour
2021-07-31/a>	Guy Bruneau	Unsolicited DNS Queries
2021-05-06/a>	Xavier Mertens	Alternative Ways To Perform Basic Tasks
2021-03-19/a>	Xavier Mertens	Pastebin.com Used As a Simple C2 Channel
2020-08-25/a>	Xavier Mertens	Keep An Eye on LOLBins
2020-03-21/a>	Guy Bruneau	Honeypot - Scanning and Targeting Devices & Services
2019-11-25/a>	Xavier Mertens	My Little DoH Setup
2019-07-13/a>	Guy Bruneau	Guidance to Protect DNS Against Hijacking & Scanning for Version.BIND Still a Thing
2019-07-02/a>	Xavier Mertens	Malicious Script With Multiple Payloads
2018-11-22/a>	Xavier Mertens	Divided Payload in Multiple Pasties
2017-11-29/a>	Xavier Mertens	Fileless Malicious PowerShell Sample
2017-02-12/a>	Xavier Mertens	Analysis of a Suspicious Piece of JavaScript
2017-02-05/a>	Xavier Mertens	Many Malware Samples Found on Pastebin
2015-04-10/a>	Didier Stevens	The Kill Chain: Now With Pastebin
2014-06-12/a>	Guy Bruneau	BIND Security Update for CVE-2014-3859
2013-12-01/a>	Richard Porter	BPF, PCAP, Binary, hex, why they matter?
2013-07-26/a>	Scott Fendley	ISC BIND DoS
2013-06-05/a>	Richard Porter	BIND 9 Update fixing CVE-2013-3919
2013-04-16/a>	John Bambenek	Fake Boston Marathon Scams Update
2013-04-15/a>	John Bambenek	Please send any spam (full headers), URLs or other suspicious content scamming off Boston Marathon explosions to handlers@sans.org
2013-01-25/a>	Johannes Ullrich	Vulnerability Scans via Search Engines (Request for Logs)
2012-07-30/a>	Guy Bruneau	BIND 9 Security Updates
2012-06-06/a>	Jim Clausing	BIND 9 Update - DoS or information disclosure vulnerability
2011-12-05/a>	Stephen Hall	ISC describe DNS crash bug analysis
2011-11-24/a>	Russ McRee	Quick Tip: Pastebin Monitoring & Recon
2011-11-23/a>	Johannes Ullrich	SCADA hacks published on Pastebin
2011-11-16/a>	Jason Lam	Potential 0-day on Bind 9
2011-07-05/a>	Raul Siles	Two DoS remotely exploitable vulnerabilities affect BIND 9: http://www.isc.org/advisories/bind Updgrade to 9.8.0-P4.
2011-06-28/a>	Johannes Ullrich	DNSSEC Tips
2011-05-09/a>	Johannes Ullrich	Patch for BIND 9.8.0 DoS Vulnerability
2011-05-03/a>	Johannes Ullrich	Update on Osama Bin Laden themed Malware
2011-05-02/a>	Johannes Ullrich	Bin Laden Death Related Malware
2011-03-27/a>	Guy Bruneau	Strange Shockwave File with Surprising Attachments
2011-02-23/a>	Manuel Humberto Santander Pelaez	Bind DOS vulnerability (CVE-2011-0414)
2010-07-29/a>	Rob VandenBrink	NoScript 2.0 released
2010-02-17/a>	Rob VandenBrink	Multiple Security Updates for ESX 3.x and ESXi 3.x
2009-12-15/a>	Johannes Ullrich	Important BIND name server updates - DNSSEC
2009-11-24/a>	John Bambenek	BIND Security Advisory (DNSSEC only)
2009-07-29/a>	Bojan Zdrnja	BIND 9 DoS attacks in the wild
2009-01-08/a>	Kyle Haugsness	BIND OpenSSL follow-up
2009-01-07/a>	William Salusky	BIND 9.x security patch - resolves potentially new DNS poisoning vector
2008-08-14/a>	Johannes Ullrich	DNSSEC for DShield.org
2008-08-02/a>	Swa Frantzen	BIND: -P2 patches are released
2008-07-08/a>	Johannes Ullrich	Mulitple Vendors DNS Spoofing Vulnerability
LADEN
2011-05-03/a>	Johannes Ullrich	Update on Osama Bin Laden themed Malware
2011-05-02/a>	Johannes Ullrich	Bin Laden Death Related Malware

BIN LADEN

BIN

LADEN