Internet Storm Center
Sign In
Sign Up
Watch ISC TV. Great for NOCs, SOCs and Living Rooms:
https://isctv.sans.edu
Handler on Duty:
Jesse La Grew
Threat Level:
green
Date
Author
Title
DOMAIN NAME
2014-07-09
Daniel Wesemann
Who owns your typo?
2013-12-21
Guy Bruneau
Strange DNS Queries - Request for Packets
2012-03-13
Lenny Zeltser
Please transfer this email to your CEO or appropriate person, thanks
DOMAIN
2022-10-07/a>
Xavier Mertens
Powershell Backdoor with DGA Capability
2022-06-21/a>
Johannes Ullrich
Experimental New Domain / Domain Age API
2022-02-24/a>
Xavier Mertens
Ukraine & Russia Situation From a Domain Names Perspective
2021-09-02/a>
Xavier Mertens
Attackers Will Always Abuse Major Events in our Lifes
2021-07-24/a>
Bojan Zdrnja
Active Directory Certificate Services (ADCS - PKI) domain admin vulnerability
2020-03-28/a>
Didier Stevens
Covid19 Domain Classifier
2020-03-27/a>
Johannes Ullrich
Help us classify Covid19 related domains https://isc.sans.edu/covidclassifier.html (login required)
2019-07-17/a>
Xavier Mertens
Analyzis of DNS TXT Records
2019-04-24/a>
Rob VandenBrink
Where have all the Domain Admins gone? Rooting out Unwanted Domain Administrators
2019-03-27/a>
Xavier Mertens
Running your Own Passive DNS Service
2017-12-13/a>
Xavier Mertens
Tracking Newly Registered Domains
2017-11-16/a>
Xavier Mertens
Suspicious Domains Tracking Dashboard
2017-07-05/a>
Didier Stevens
Selecting domains with random names
2017-05-20/a>
Xavier Mertens
Typosquatting: Awareness and Hunting
2014-07-09/a>
Daniel Wesemann
Who owns your typo?
2014-01-30/a>
Johannes Ullrich
New gTLDs appearing in the root zone
2013-12-21/a>
Guy Bruneau
Strange DNS Queries - Request for Packets
2012-03-13/a>
Lenny Zeltser
Please transfer this email to your CEO or appropriate person, thanks
2009-05-02/a>
Rick Wanner
More Swine/Mexican/H1N1 related domains
2009-04-27/a>
Johannes Ullrich
Swine Flu (Mexican Flu) related domains
NAME
2022-06-03/a>
Xavier Mertens
Sandbox Evasion... With Just a Filename!
2022-02-24/a>
Xavier Mertens
Ukraine & Russia Situation From a Domain Names Perspective
2021-04-24/a>
Guy Bruneau
Base64 Hashes Used in Web Scanning
2020-12-05/a>
Guy Bruneau
Is IP 91.199.118.137 testing Access to aahwwx.52host.xyz?
2020-03-21/a>
Guy Bruneau
Honeypot - Scanning and Targeting Devices & Services
2015-01-27/a>
Johannes Ullrich
New Critical GLibc Vulnerability CVE-2015-0235 (aka GHOST)
2014-07-09/a>
Daniel Wesemann
Who owns your typo?
2013-12-21/a>
Guy Bruneau
Strange DNS Queries - Request for Packets
2012-03-13/a>
Lenny Zeltser
Please transfer this email to your CEO or appropriate person, thanks
2011-09-04/a>
Lorna Hutcheson
Several Sites Defaced
2008-05-19/a>
Maarten Van Horenbeeck
Route filtering and its impact on the DNS fabric
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Forums
Auditing
Diary Discussions
Forensics
General Discussions
Industry News
Network Security
Penetration Testing
Software Security
Contact Us
Contact Us
About Us
Handlers
Slack Channel
Mastodon
Twitter
Have you heard our daily podcast covering the latest
information security threats
?