Internet Storm Center
Sign In
Sign Up
Handler on Duty:
Didier Stevens
Threat Level:
green
Date
Author
Title
BIN LADEN
2011-05-03
Johannes Ullrich
Update on Osama Bin Laden themed Malware
2011-05-02
Johannes Ullrich
Bin Laden Death Related Malware
BIN
2023-06-19/a>
Xavier Mertens
Malware Delivered Through .inf File
2023-03-31/a>
Guy Bruneau
Using Linux grep and Windows findstr to Manipulate Files
2022-12-04/a>
Didier Stevens
Finger.exe LOLBin
2022-12-03/a>
Guy Bruneau
Linux LOLBins Applications Available in Windows
2022-03-25/a>
Xavier Mertens
XLSB Files: Because Binary is Stealthier Than XML
2022-03-15/a>
Xavier Mertens
Clean Binaries with Suspicious Behaviour
2021-07-31/a>
Guy Bruneau
Unsolicited DNS Queries
2021-05-06/a>
Xavier Mertens
Alternative Ways To Perform Basic Tasks
2021-03-19/a>
Xavier Mertens
Pastebin.com Used As a Simple C2 Channel
2020-08-25/a>
Xavier Mertens
Keep An Eye on LOLBins
2020-03-21/a>
Guy Bruneau
Honeypot - Scanning and Targeting Devices & Services
2019-11-25/a>
Xavier Mertens
My Little DoH Setup
2019-07-13/a>
Guy Bruneau
Guidance to Protect DNS Against Hijacking & Scanning for Version.BIND Still a Thing
2019-07-02/a>
Xavier Mertens
Malicious Script With Multiple Payloads
2018-11-22/a>
Xavier Mertens
Divided Payload in Multiple Pasties
2017-11-29/a>
Xavier Mertens
Fileless Malicious PowerShell Sample
2017-02-12/a>
Xavier Mertens
Analysis of a Suspicious Piece of JavaScript
2017-02-05/a>
Xavier Mertens
Many Malware Samples Found on Pastebin
2015-04-10/a>
Didier Stevens
The Kill Chain: Now With Pastebin
2014-06-12/a>
Guy Bruneau
BIND Security Update for CVE-2014-3859
2013-12-01/a>
Richard Porter
BPF, PCAP, Binary, hex, why they matter?
2013-07-26/a>
Scott Fendley
ISC BIND DoS
2013-06-05/a>
Richard Porter
BIND 9 Update fixing CVE-2013-3919
2013-04-16/a>
John Bambenek
Fake Boston Marathon Scams Update
2013-04-15/a>
John Bambenek
Please send any spam (full headers), URLs or other suspicious content scamming off Boston Marathon explosions to handlers@sans.org
2013-01-25/a>
Johannes Ullrich
Vulnerability Scans via Search Engines (Request for Logs)
2012-07-30/a>
Guy Bruneau
BIND 9 Security Updates
2012-06-06/a>
Jim Clausing
BIND 9 Update - DoS or information disclosure vulnerability
2011-12-05/a>
Stephen Hall
ISC describe DNS crash bug analysis
2011-11-24/a>
Russ McRee
Quick Tip: Pastebin Monitoring & Recon
2011-11-23/a>
Johannes Ullrich
SCADA hacks published on Pastebin
2011-11-16/a>
Jason Lam
Potential 0-day on Bind 9
2011-07-05/a>
Raul Siles
Two DoS remotely exploitable vulnerabilities affect BIND 9: http://www.isc.org/advisories/bind Updgrade to 9.8.0-P4.
2011-06-28/a>
Johannes Ullrich
DNSSEC Tips
2011-05-09/a>
Johannes Ullrich
Patch for BIND 9.8.0 DoS Vulnerability
2011-05-03/a>
Johannes Ullrich
Update on Osama Bin Laden themed Malware
2011-05-02/a>
Johannes Ullrich
Bin Laden Death Related Malware
2011-03-27/a>
Guy Bruneau
Strange Shockwave File with Surprising Attachments
2011-02-23/a>
Manuel Humberto Santander Pelaez
Bind DOS vulnerability (CVE-2011-0414)
2010-07-29/a>
Rob VandenBrink
NoScript 2.0 released
2010-02-17/a>
Rob VandenBrink
Multiple Security Updates for ESX 3.x and ESXi 3.x
2009-12-15/a>
Johannes Ullrich
Important BIND name server updates - DNSSEC
2009-11-24/a>
John Bambenek
BIND Security Advisory (DNSSEC only)
2009-07-29/a>
Bojan Zdrnja
BIND 9 DoS attacks in the wild
2009-01-08/a>
Kyle Haugsness
BIND OpenSSL follow-up
2009-01-07/a>
William Salusky
BIND 9.x security patch - resolves potentially new DNS poisoning vector
2008-08-14/a>
Johannes Ullrich
DNSSEC for DShield.org
2008-08-02/a>
Swa Frantzen
BIND: -P2 patches are released
2008-07-08/a>
Johannes Ullrich
Mulitple Vendors DNS Spoofing Vulnerability
LADEN
2011-05-03/a>
Johannes Ullrich
Update on Osama Bin Laden themed Malware
2011-05-02/a>
Johannes Ullrich
Bin Laden Death Related Malware
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
This site is powered by
your submissions
, so tell us
what you see happening