DNSCHANGER ISP CLEANUP DNS EXTENSION GHOSTCLICK |
| 2012-02-23 | donald smith | DNS-Changer "clean DNS" extension requested |
DNSCHANGER |
| 2012-02-23/a> | donald smith | DNS-Changer "clean DNS" extension requested |
| 2012-02-20/a> | Rick Wanner | DNSChanger resolver shutdown deadline is March 8th |
| 2011-11-09/a> | Russ McRee | Operation Ghost Click: FBI bags crime ring responsible for $14 million in losses |
| 2011-08-05/a> | donald smith | New Mac Trojan: BASH/QHost.WB |
ISP |
| 2018-04-24/a> | Xavier Mertens | The real value of an IOC? |
| 2018-03-23/a> | Xavier Mertens | Extending Hunting Capabilities in Your Network |
| 2018-03-22/a> | Xavier Mertens | Automatic Hunting for Malicious Files Crossing your Network |
| 2018-01-10/a> | Russ McRee | GitHub InfoSec Threepeat: HELK, ptf, and VulnWhisperer |
| 2017-03-15/a> | Xavier Mertens | Retro Hunting! |
| 2017-01-26/a> | Xavier Mertens | IOC's: Risks of False Positive Alerts Flood Ahead |
| 2016-07-12/a> | Xavier Mertens | Hunting for Malicious Files with MISP + OSSEC |
| 2016-05-13/a> | Xavier Mertens | MISP - Malware Information Sharing Platform |
| 2014-11-04/a> | Daniel Wesemann | Whois someone else? |
| 2014-02-24/a> | Russ McRee | Explicit Trusted Proxy in HTTP/2.0 or...not so much |
| 2012-02-23/a> | donald smith | DNS-Changer "clean DNS" extension requested |
| 2011-07-09/a> | Tony Carothers | Copyright Alert System - What say you? |
| 2009-12-19/a> | Deborah Hale | Frustrations of ISP Abuse Handling |
| 2009-09-16/a> | Raul Siles | IETF Draft for Remediation of Bots in ISP Networks |
CLEANUP |
| 2012-02-23/a> | donald smith | DNS-Changer "clean DNS" extension requested |
| 2011-03-21/a> | Kevin Shortt | Port 1434: Sudden Slammer Decline? |
| 2010-11-03/a> | Kevin Liston | SQL Slammer Clean-up: Roundup and Review |
| 2010-10-29/a> | Kevin Liston | SQL Slammer Clean-up: Contacting CERTs |
| 2010-10-25/a> | Kevin Liston | SQL Slammer Clean-up: Switching Viewpoints |
| 2010-10-19/a> | Kevin Liston | SQL Slammer Clean-up: Picking up the Phone |
| 2010-10-11/a> | Kevin Liston | SQL Slammer Clean-up: Reporting Upstream |
| 2010-10-04/a> | Kevin Liston | SQL Slammer Clean-up: How to Report |
| 2010-10-01/a> | Kevin Liston | Cyber Security Awareness Month Activity: SQL Slammer Clean-up |
DNS |
| 2018-02-25/a> | Guy Bruneau | Blackhole Advertising Sites with Pi-hole |
| 2017-12-13/a> | Xavier Mertens | Tracking Newly Registered Domains |
| 2017-11-16/a> | Xavier Mertens | Suspicious Domains Tracking Dashboard |
| 2017-10-20/a> | Rick Wanner | One year Anniversary of Dyn DDOS |
| 2017-10-02/a> | Xavier Mertens | Investigating Security Incidents with Passive DNS |
| 2017-06-14/a> | Xavier Mertens | Systemd Could Fallback to Google DNS? |
| 2017-04-20/a> | Xavier Mertens | DNS Query Length... Because Size Does Matter |
| 2016-10-23/a> | Johannes Ullrich | ISC Briefing: Large DDoS Attack Against Dyn |
| 2016-07-26/a> | Johannes Ullrich | Command and Control Channels Using "AAAA" DNS Records |
| 2016-06-12/a> | Guy Bruneau | DNS Sinkhole ISO Version 2.0 |
| 2016-04-28/a> | Rob VandenBrink | DNS and DHCP Recon using Powershell |
| 2015-11-22/a> | Guy Bruneau | OpenDNS Research Used to Predict Threat |
| 2015-11-08/a> | Rick Wanner | DNS Reconnaissance using nmap |
| 2015-08-19/a> | Bojan Zdrnja | Outsourcing critical infrastructure (such as DNS) |
| 2015-02-19/a> | Daniel Wesemann | DNS-based DDoS |
| 2014-06-02/a> | Rick Wanner | Using nmap to scan for DDOS reflectors |
| 2014-05-20/a> | Johannes Ullrich | Detecting Queries to "odd" DNS Servers |
| 2014-04-30/a> | Johannes Ullrich | Be on the Lookout: Odd DNS Traffic, Possible C&C Traffic |
| 2014-04-30/a> | Russ McRee | UltraDNS DDOS |
| 2014-02-04/a> | Johannes Ullrich | Do you block "new" domain names? |
| 2014-01-30/a> | Johannes Ullrich | New gTLDs appearing in the root zone |
| 2013-12-21/a> | Guy Bruneau | Strange DNS Queries - Request for Packets |
| 2013-11-19/a> | Jim Clausing | Updated dumpdns.pl |
| 2013-11-04/a> | Manuel Humberto Santander Pelaez | When attackers use your DNS to check for the sites you are visiting |
| 2013-10-21/a> | Johannes Ullrich | New tricks that may bring DNS spoofing back or: "Why you should enable DNSSEC even if it is a pain to do" |
| 2013-10-17/a> | Adrien de Beaupre | Internet wide DNS scanning |
| 2013-10-10/a> | Johannes Ullrich | google.com.my DNS hijack |
| 2013-10-08/a> | Johannes Ullrich | CSAM: ANY queries used in reflective DoS attack |
| 2013-10-02/a> | Johannes Ullrich | CSAM: Misc. DNS Logs |
| 2013-09-26/a> | Johannes Ullrich | How do you monitor DNS? |
| 2013-09-02/a> | Guy Bruneau | Snort IDS Sensor with Sguil New ISO Released |
| 2013-08-14/a> | Johannes Ullrich | .GOV zones may not resolve due to DNSSEC problems. |
| 2013-08-07/a> | Mark Hofman | DNS servers hijacked in the Netherlands |
| 2013-07-17/a> | Johannes Ullrich | Network Solutions Outage |
| 2013-07-12/a> | Johannes Ullrich | DNS resolution is failing for Microsofts Teredo server (teredo.ipv6.microsoft.com) |
| 2013-07-10/a> | Johannes Ullrich | .NL Registrar Compromisse |
| 2013-06-22/a> | Guy Bruneau | .biz DNSSEC DNSKEY is Invalid |
| 2013-06-20/a> | Johannes Ullrich | Linkedin DNS Hijack |
| 2013-06-05/a> | Richard Porter | BIND 9 Update fixing CVE-2013-3919 |
| 2012-12-14/a> | Johannes Ullrich | The "D-root" DNS server (terp.umd.edu) is changing its IP address in January http://seclists.org/nanog/2012/Dec/330 |
| 2012-12-06/a> | Daniel Wesemann | Comodo DNS hiccup on usertrust.com |
| 2012-08-16/a> | Johannes Ullrich | A Poor Man's DNS Anomaly Detection Script |
| 2012-07-24/a> | Richard Porter | Report of spike in DNS Queries gd21.net |
| 2012-07-21/a> | Rick Wanner | TippingPoint DNS Version Request increase |
| 2012-07-21/a> | Rick Wanner | OpenDNS is looking for a few good malware people! |
| 2012-05-21/a> | Kevin Shortt | DNS ANY Request Cannon - Need More Packets |
| 2012-05-16/a> | Johannes Ullrich | Got Packets? Odd duplicate DNS replies from 10.x IP Addresses |
| 2012-03-30/a> | Daniel Wesemann | Tomorrow, the world will end |
| 2012-02-23/a> | donald smith | DNS-Changer "clean DNS" extension requested |
| 2012-02-20/a> | Rick Wanner | DNSChanger resolver shutdown deadline is March 8th |
| 2012-02-09/a> | Richard Porter | DNS Ghost Domains, How I loath you so! |
| 2012-01-21/a> | Guy Bruneau | DNS Sinkhole Scripts Fixes/Update |
| 2012-01-18/a> | Johannes Ullrich | Use of Mixed Case DNS Queries |
| 2012-01-13/a> | Guy Bruneau | Strange DNS Queries - Request Packets/Logs |
| 2011-12-13/a> | Johannes Ullrich | Possible Widespread DNS Attack (info wanted) |
| 2011-12-05/a> | Stephen Hall | ISC describe DNS crash bug analysis |
| 2011-11-28/a> | Tom Liston | A Puzzlement... |
| 2011-11-16/a> | Jason Lam | Potential 0-day on Bind 9 |
| 2011-11-11/a> | Rick Wanner | What's up with fbi.gov DNS? |
| 2011-11-11/a> | Johannes Ullrich | Details About the fbi.gov DNSSEC Configuration Issue. |
| 2011-11-09/a> | Russ McRee | Operation Ghost Click: FBI bags crime ring responsible for $14 million in losses |
| 2011-10-15/a> | Guy Bruneau | DNS Sinkhole Parser Script Update |
| 2011-10-10/a> | Tom Liston | What's In A Name? |
| 2011-09-09/a> | Guy Bruneau | IPv6 and DNS Sinkhole |
| 2011-09-04/a> | Lorna Hutcheson | Several Sites Defaced |
| 2011-08-17/a> | Rob VandenBrink | When Good Patches go Bad - a DNS tale that didn't start out that way |
| 2011-08-05/a> | Johannes Ullrich | Microsoft Patch Tuesday Advance Notification: 13 Bulletins coming http://www.microsoft.com/technet/security/Bulletin/MS11-aug.mspx |
| 2011-08-05/a> | donald smith | New Mac Trojan: BASH/QHost.WB |
| 2011-07-05/a> | Raul Siles | Two DoS remotely exploitable vulnerabilities affect BIND 9: http://www.isc.org/advisories/bind Updgrade to 9.8.0-P4. |
| 2011-06-28/a> | Johannes Ullrich | DNSSEC Tips |
| 2011-06-03/a> | Guy Bruneau | New Poll: How are you dealing with Malicious Domains? |
| 2011-05-09/a> | Johannes Ullrich | Patch for BIND 9.8.0 DoS Vulnerability |
| 2011-04-14/a> | Johannes Ullrich | dshield.org now DNSSEC signed via .org |
| 2011-04-05/a> | Mark Hofman | DNS.be DDOS |
| 2011-01-26/a> | Bojan Zdrnja | Google Chrome and (weird) DNS requests |
| 2010-11-25/a> | Bojan Zdrnja | Secunia's DNS/domain hijacked? |
| 2010-11-13/a> | Guy Bruneau | Register.com DNS Issues |
| 2010-11-04/a> | Johannes Ullrich | DNSSEC Progress for .com and .net |
| 2010-10-03/a> | Adrien de Beaupre | H went down. |
| 2010-09-25/a> | Rick Wanner | Guest Diary: Andrew Hunt - Visualizing the Hosting Patterns of Modern Cybercriminals |
| 2010-08-07/a> | Stephen Hall | DnsMadeEasy under a "quite large and unique" ddos. |
| 2010-07-29/a> | Rob VandenBrink | NoScript 2.0 released |
| 2010-06-19/a> | Guy Bruneau | DNS Sinkhole ISO Available for Download |
| 2010-05-12/a> | Johannes Ullrich | .de TLD Outage |
| 2010-05-04/a> | Rick Wanner | DNSSEC...not a bang but a whimper? |
| 2010-02-26/a> | Rick Wanner | New version of dnsmap |
| 2010-01-19/a> | Jim Clausing | 49Gbps DDoS, IPv4 exhaustion, and DNSSEC, oh my! |
| 2010-01-12/a> | Johannes Ullrich | Baidu defaced - Domain Registrar Tampering |
| 2010-01-11/a> | Johannes Ullrich | the (large) domain registrar "eNom" appears to have problems with its DNS servers according to some user reports. |
| 2010-01-10/a> | Guy Bruneau | Easy DNS BIND Sinkhole Setup |
| 2009-12-15/a> | Johannes Ullrich | Important BIND name server updates - DNSSEC |
| 2009-11-25/a> | Jim Clausing | Updates to my GREM Gold scripts and a new script |
| 2009-11-24/a> | John Bambenek | BIND Security Advisory (DNSSEC only) |
| 2009-11-02/a> | Daniel Wesemann | IDN ccTLDs |
| 2009-10-29/a> | Kyle Haugsness | Cyber Security Awareness Month - Day 29 - dns port 53 |
| 2009-07-29/a> | Bojan Zdrnja | BIND 9 DoS attacks in the wild |
| 2009-04-26/a> | Johannes Ullrich | Odd DNS Resolution for Google via OpenDNS |
| 2009-03-21/a> | Stephen Hall | Updates to ISC BIND |
| 2009-01-31/a> | Swa Frantzen | DNS DDoS - let's use a long term solution |
| 2009-01-18/a> | Daniel Wesemann | DNS queries for "." |
| 2009-01-08/a> | Kyle Haugsness | BIND OpenSSL follow-up |
| 2009-01-07/a> | William Salusky | BIND 9.x security patch - resolves potentially new DNS poisoning vector |
| 2008-12-04/a> | Bojan Zdrnja | Rogue DHCP servers |
| 2008-11-25/a> | Andre Ludwig | OS X Dns Changers part three |
| 2008-11-25/a> | Andre Ludwig | Tmobile G1 handsets having DNS problems? |
| 2008-10-17/a> | Patrick Nolan | Day 17 - Containing a DNS Hijacking |
| 2008-10-08/a> | Johannes Ullrich | Domaincontrol (GoDaddy) Nameservers DNS Poisoning |
| 2008-08-14/a> | Johannes Ullrich | DNSSEC for DShield.org |
| 2008-08-05/a> | Daniel Wesemann | Watching those DNS logs |
| 2008-08-02/a> | Swa Frantzen | BIND: -P2 patches are released |
| 2008-07-25/a> | Swa Frantzen | DNS bug - observations |
| 2008-07-24/a> | Kyle Haugsness | DNS cache poisoning vulnerability details confirmed |
| 2008-07-22/a> | Swa Frantzen | Dan Kaminsky's DNS bug: revealed? - Patch! |
| 2008-07-09/a> | Marcus Sachs | DNS Vulnerability Found by a GSEC Student Three Years Ago! |
| 2008-07-08/a> | Johannes Ullrich | Mulitple Vendors DNS Spoofing Vulnerability |
| 2008-05-19/a> | Maarten Van Horenbeeck | Route filtering and its impact on the DNS fabric |
| 2008-04-30/a> | Bojan Zdrnja | (Minor) evolution in Mac DNS changer malware |
| 2008-03-23/a> | Johannes Ullrich | Finding hidden gems (easter eggs) in your logs (packet challenge!) |
EXTENSION |
| 2017-10-27/a> | Renato Marinho | "Catch-All" Google Chrome Malicious Extension Steals All Posted Data |
| 2017-10-24/a> | Xavier Mertens | Stop relying on file extensions |
| 2017-09-06/a> | Adrien de Beaupre | Modern Web Application Penetration Testing , Hash Length Extension Attacks |
| 2017-08-29/a> | Renato Marinho | Second Google Chrome Extension Banker Malware in Two Weeks |
| 2017-08-15/a> | Renato Marinho | (Banker(GoogleChromeExtension)).targeting("Brazil") |
| 2012-02-23/a> | donald smith | DNS-Changer "clean DNS" extension requested |
| 2011-08-14/a> | Guy Bruneau | FireCAT 2.0 Released |
GHOSTCLICK |
| 2012-02-23/a> | donald smith | DNS-Changer "clean DNS" extension requested |
