Diaries by Keyword - SANS Internet Storm Center

Date	Author	Title
2018-12-05	Brad Duncan	Campaign evolution: Hancitor changes its Word macros
2018-12-04	Brad Duncan	Malspam pushing Lokibot malware
2018-11-14	Brad Duncan	Day in the life of a researcher: Finding a wave of Trickbot malspam
2018-09-26	Brad Duncan	One Emotet infection leads to three follow-up malware infections
2018-05-09	Xavier Mertens	Nice Phishing Sample Delivering Trickbot
2018-04-25	Xavier Mertens	Malicious Network Traffic From /bin/bash
2018-03-26	Xavier Mertens	Windows IRC Bot in the Wild
2018-03-08	Xavier Mertens	CRIMEB4NK IRC Bot
2017-10-19	Brad Duncan	HSBC-themed malspam uses ISO attachments to push Loki Bot malware
2017-08-15	Brad Duncan	Malspam pushing Trickbot banking Trojan
2017-07-19	Xavier Mertens	Bots Searching for Keys & Config Files
2017-05-08	Renato Marinho	Exploring a P2P Transient Botnet - From Discovery to Enumeration
2016-12-31	Xavier Mertens	Ongoing Scans Below the Radar
2016-12-07	Xavier Mertens	The Passwords You Should Never Use
2016-09-10	Xavier Mertens	Ongoing IMAP Scan, Anyone Else?
2016-07-27	Xavier Mertens	Analyze of a Linux botnet client source code
2015-02-06	Johannes Ullrich	Anthem, TurboTax and How Things "Fit Together" Sometimes
2014-10-09	Johannes Ullrich	CSAM: My servers started speaking IRC, and that is when I started to listen!
2014-08-16	Lenny Zeltser	Web Server Attack Investigation - Installing a Bot and Reverse Shell via a PHP Vulnerability
2014-01-16	Kevin Shortt	Port 4028 - Interesting Activity
2013-12-07	Guy Bruneau	Suspected Active Rovnix Botnet Controller
2013-10-26	Guy Bruneau	Active Perl/Shellbot Trojan
2013-08-11	Bojan Zdrnja	XATattacks (attacks on xat.com)
2012-10-26	Russ McRee	Cyber Security Awareness Month - Day 26 - Attackers use trusted domain to propagate Citadel Zeus variant
2011-08-04	Johannes Ullrich	IRC traffic on non standard ports
2011-05-14	Guy Bruneau	Websense Study Claims Canada Next Hotbed for Cybercrime Web Hosting Activity
2011-02-28	Deborah Hale	Possible Botnet Scanning
2011-01-11	Kevin Shortt	Spam Cannons on Holiday
2010-11-18	Chris Carboni	All of your pages are belonging to us
2010-11-05	Adrien de Beaupre	Bot honeypot
2010-08-19	Daniel Wesemann	Casper the unfriendly ghost
2010-07-29	Rob VandenBrink	FBI, Slovenian and Spanish Police announce more arrests of Mariposa Botnet Creator, Operators
2010-06-14	Manuel Humberto Santander Pelaez	New way of social engineering on IRC
2010-05-07	Johannes Ullrich	Stock market "wipe out" may be due to computer error
2010-05-02	Mari Nichols	Zbot Social Engineering
2010-04-23	Adrien de Beaupre	Shadowserver botnet rules
2010-03-25	Kevin Liston	Zeus wants to do your taxes
2010-03-11	donald smith	Cert write up on Skype IMBot Logic and Functionality.
2010-02-02	Johannes Ullrich	Pushdo Update
2010-01-25	William Salusky	"Bots and Spiders and Crawlers, be gone!" - or - "New Open Source WebAppSec tools, Huzzah!"
2009-12-21	Marcus Sachs	iPhone Botnet Analysis
2009-11-13	Deborah Hale	Pushdo/Cutwail Spambot - A Little Known BIG Problem
2009-11-08	Kevin Liston	FireEye takes on Ozdok and Recovery Ideas
2009-10-10	Tony Carothers	User Notification for Possible Infected Systems
2009-09-16	Raul Siles	IETF Draft for Remediation of Bots in ISP Networks
2009-05-07	Deborah Hale	Botnet hijacking reveals 70GB of stolen data
2008-11-05	donald smith	Bot net hunters get an improved tool from SRI bothunters
2008-09-09	Swa Frantzen	The complaint that's an attack
2008-09-01	John Bambenek	The Number of Machines Controlled by Botnets Has Jumped 4x in Last 3 Months
2008-07-19	William Salusky	A twist in fluxnet operations. Enter Hydraflux
2008-07-15	Maarten Van Horenbeeck	Bot controller mimicry
2008-04-07	John Bambenek	Got Kraken?
2008-04-07	John Bambenek	Kraken Technical Details: UPDATED x3
2006-08-31	Joel Esler	MS06-040 Worm
2006-08-31	Swa Frantzen	NT botnet submitted