Date Author Title
2025-05-31Xavier MertensA PNG Image With an Embedded Gift
2024-09-25Johannes UllrichDNS Reflection Update and Odd Corrupted DNS Requests
2024-04-29Guy BruneauLinux Trojan - Xorddos with Filename eyshcjdmzg
2024-04-17Xavier MertensMalicious PDF File Used As Delivery Mechanism
2023-11-09Guy BruneauRouters Targeted for Gafgyt Botnet [Guest Diary]
2023-11-07Johannes UllrichWhat's Normal: New uses of DNS, Discovery of Designated Resolvers (DDR)
2023-10-28Xavier MertensSize Matters for Many Security Controls
2023-08-23Xavier MertensMore Exotic Excel Files Dropping AgentTesla
2023-07-26Xavier MertensSuspicious IP Addresses Avoided by Malware Samples
2023-05-20Xavier MertensPhishing Kit Collecting Victim's IP Address
2023-05-04Xavier MertensInfostealer Embedded in a Word Document
2023-04-18Johannes UllrichUDDIs are back? Attackers rediscovering old exploits.
2023-02-06Johannes UllrichAPIs Used by Bots to Detect Public IP address
2022-11-02Brad DuncanWho put the "Dark" in DarkVNC?
2022-08-10Johannes UllrichAnd Here They Come Again: DNS Reflection Attacks
2022-08-02Johannes UllrichA Little DDoS in the Morning - Followup
2022-08-01Johannes UllrichA Little DDoS In the Morning
2022-04-13Jan KoprivaHow is Ukrainian internet holding up during the Russian invasion?
2022-01-05Xavier MertensCode Reuse In the Malware Landscape
2021-11-19Xavier MertensDownloader Disguised as Excel Add-In (XLL)
2021-07-31Guy BruneauUnsolicited DNS Queries
2021-05-10Johannes UllrichCorrectly Validating IP Addresses: Why encoding matters for input validation.
2021-04-23Xavier MertensMalicious PowerPoint Add-On: "Small Is Beautiful"
2021-02-21Didier StevensDDE and oledump
2021-02-19Xavier MertensDynamic Data Exchange (DDE) is Back in the Wild?
2020-09-18Xavier MertensA Mix of Python & VBA in a Malicious Word Document
2020-09-01Johannes UllrichExposed Windows Domain Controllers Used in CLDAP DDoS Attacks
2020-08-07Brad DuncanTA551 (Shathak) Word docs push IcedID (Bokbot)
2020-05-23Xavier MertensAgentTesla Delivered via a Malicious PowerPoint Add-In
2019-12-05Jan KoprivaE-mail from Agent Tesla
2019-09-26Rob VandenBrinkMining MAC Address and OUI Information
2019-08-14Brad DuncanRecent example of MedusaHTTP malware
2018-09-28Xavier MertensMore Excel DDE Code Injection
2018-07-07Didier Stevensdd progress indicator on Linux
2018-07-07Didier Stevensdd progress indicator on OSX
2018-04-25Johannes UllrichYet Another Drupal RCE Vulnerability
2017-10-20Rick WannerOne year Anniversary of Dyn DDOS
2017-10-17Brad DuncanHancitor malspam uses DDE attack
2017-07-07Renato MarinhoDDoS Extortion E-mail: Yet Another Bluff?
2016-12-29Rick WannerMore on Protocol 47 denys
2016-12-19John BambenekUPDATED x1: Mirai Scanning for Port 6789 Looking for New Victims / Now hitting tcp/23231
2016-12-09Rick WannerMirai - now with DGA
2016-05-29Guy BruneauAnalysis of a Distributed Denial of Service (DDoS)
2016-02-07Rick WannerDDOS is down, but still a concern for ISPs
2015-06-23Kevin ShorttXOR DDOS Mitigation and Analysis
2015-04-06Guy Bruneau'Dead Drops' Hidden USB Sticks Around the World
2015-02-27Rick WannerDDOS are way down? Why?
2015-02-19Daniel WesemannDNS-based DDoS
2014-08-31Rick Wanner1900/UDP (SSDP) Scanning and DDOS
2014-08-17Rick WannerPart 1: Is your home network unwittingly contributing to NTP DDOS attacks?
2014-08-17Rick WannerPart 2: Is your home network unwittingly contributing to NTP DDOS attacks?
2014-06-24Kevin ShorttNTP DDoS Counts Have Dropped
2014-06-02Rick WannerUsing nmap to scan for DDOS reflectors
2014-04-30Russ McReeUltraDNS DDOS
2014-03-14Richard PorterWord Press Shenanigans? Anyone seeing strange activity today?
2014-03-12Johannes UllrichWordpress "Pingback" DDoS Attacks
2014-02-17Chris MohanNTP reflection attacks continue
2014-01-17Russ McReeMassive RFI scans likely a free web app vuln scanner rather than bots
2013-11-22Rick WannerPort 0 DDOS
2013-09-09Johannes UllrichSSL is broken. So what?
2013-06-05Richard PorterBIND 9 Update fixing CVE-2013-3919
2013-04-21John BambenekA Chargen-based DDoS? Chargen is still a thing?
2013-03-28John BambenekWhere Were You During the Great DDoS Cybergeddon of 2013?
2013-03-18Kevin ShorttSpamhaus DDOS
2013-03-04Johannes UllrichIPv6 Focus Month: Addresses
2013-02-25Rob VandenBrinkSilent Traitors - Embedded Devices in your Datacenter
2013-01-05Guy BruneauD-link Wireless-G Router Year Issue (Y2K-plus-13)
2012-09-20Russ McReeFinancial sector advisory: attacks and threats against financial institutions
2012-03-30Daniel WesemannTomorrow, the world will end
2012-01-22Johannes UllrichJavascript DDoS Tool Analysis
2011-06-09Richard PorterOne Browser to Rule them All?
2011-06-01Johannes UllrichEnabling Privacy Enhanced Addresses for IPv6
2011-05-20Guy BruneauDistributed Denial of Service Cheat Sheet
2011-04-25Rob VandenBrinkWhat's Your (IP) Address Worth?
2011-04-05Mark HofmanSony DDOS
2011-04-05Mark HofmanDNS.be DDOS
2011-03-07Bojan ZdrnjaOracle padding attacks (Codegate crypto 400 writeup)
2011-03-04Mark HofmanDDOS, the new black?
2011-02-12Kevin ListonDDoS Analysis Process
2011-01-29Mark HofmanSourceforge attack
2010-12-21Rob VandenBrinkNetwork Reliability, Part 2 - HSRP Attacks and Defenses
2010-12-09Mark HofmanHaving a look at the DDOS tool used in the attacks today
2010-12-08Rob VandenBrinkInteresting DDOS activity around Wikileaks
2010-09-14Adrien de BeaupreBlackEnergy DDoS
2010-08-16Raul SilesDDOS: State of the Art
2010-08-07Stephen HallDnsMadeEasy under a "quite large and unique" ddos.
2010-07-24Manuel Humberto Santander PelaezTransmiting logon information unsecured in the network
2010-06-21Adrien de BeaupreGoDaddy Scam/Phish/Spam
2010-02-02Johannes UllrichPushdo Update
2010-01-19Jim Clausing49Gbps DDoS, IPv4 exhaustion, and DNSSEC, oh my!
2010-01-06Johannes UllrichDenial of Service Attack Aftermath (and what did Iran have to do with it?)
2009-11-11Rob VandenBrinkLayer 2 Network Protections against Man in the Middle Attacks
2009-09-09Mark HofmanPossible DDOS on gov.au sites starting tonight?
2009-08-18Daniel WesemannForensics: Mounting partitions from full-disk 'dd' images
2009-07-09John BambenekLatest Updates on Ongoing DDoS on Governmental/Commercial Websites in USA and S. Korea
2009-07-08Marcus SachsRFI: DDoS Against Government and Civilian Web Sites
2009-06-23Bojan ZdrnjaSlowloris and Iranian DDoS attacks
2009-05-30John BambenekEmbedded Devices: An Avenue for Cyberterrorism?
2009-04-07Johannes UllrichCommon Apache Misconception
2009-03-08Marcus SachsBehind the Estonia Cyber Attacks
2009-01-31Swa FrantzenDNS DDoS - let's use a long term solution
2009-01-28Robert DanfordEmbedded device security assessment
2008-12-03Andre LudwigNew ISC Poll! Has your organization suffered a DDoS (Distributed Denial of Service) attack in the last year?
2008-10-12Mari NicholsDay 12 Containment: Gathering Evidence That Can be Used in Court
2008-10-08Johannes UllrichDomaincontrol (GoDaddy) Nameservers DNS Poisoning
2008-07-20Kevin ListonDenial of Service Attack Against Georgia-- Are You Participating?
2008-04-10Deborah HaleDSLReports Being Attacked Again
2006-10-05John BambenekThere are no more Passive Exploits