Diaries by Keyword - SANS Internet Storm Center

Handler on Duty: Didier Stevens

Threat Level: green

Date	Author	Title
2023-04-27	Johannes Ullrich	SANS.edu Research Journal: Volume 3
2023-03-29	Didier Stevens	Extracting Multiple Streams From OLE Files
2023-03-07	Johannes Ullrich	Hackers Love This VSCode Extension: What You Can Do to Stay Safe
2023-02-26	Didier Stevens	oledump & MSI Files
2022-07-24	Didier Stevens	Video: Maldoc: non-ASCII VBA Identifiers
2022-07-21	Didier Stevens	Maldoc: non-ASCII VBA Identifiers
2022-06-15	Johannes Ullrich	Terraforming Honeypots. Installing DShield Sensors in the Cloud
2022-06-02	Johannes Ullrich	Quick Answers in Incident Response: RECmd.exe
2022-05-14	Didier Stevens	Quick Analysis Of Phishing MSG
2022-03-05	Didier Stevens	oledump's Extra Option
2021-07-03	Didier Stevens	Finding Strings With oledump.py
2021-06-28	Didier Stevens	CFBF Files Strings Analysis
2021-06-20	Didier Stevens	Video: oledump Cheat Sheet
2020-12-06	Didier Stevens	oledump's Indicators (video)
2020-11-15	Didier Stevens	oledump's ! Indicator
2020-11-08	Didier Stevens	Quick Tip: Extracting all VBA Code from a Maldoc
2020-10-11	Didier Stevens	Analyzing MSG Files With plugin_msg_summary
2020-02-16	Guy Bruneau	SOAR or not to SOAR?
2019-12-23	Didier Stevens	New oledump.py plugin: plugin_version_vba
2019-08-14	Brad Duncan	Recent example of MedusaHTTP malware
2019-05-10	Xavier Mertens	DSSuite - A Docker Container with Didier's Tools
2018-05-07	Xavier Mertens	Adding Persistence Via Scheduled Tasks
2016-08-19	Xavier Mertens	Data Classification For the Masses
2015-07-12	Didier Stevens	Jump List Files Are OLE Files
2015-02-19	Daniel Wesemann	Macros? Really?!
2014-07-05	Guy Bruneau	Malware Analysis with pedump
2013-02-19	Johannes Ullrich	EDUCAUSE Breach
2012-07-14	Tony Carothers	User Awareness and Education
2012-07-02	Dan Goldberg	Storms of June 29th 2012 in Mid Atlantic region of the USA
2010-11-01	Manuel Humberto Santander Pelaez	Checkpoint UTM-1 edge VPN boxes worldwide did an unscheduled reboot
2010-05-07	Rob VandenBrink	Security Awareness – Many Audiences, Many Messages (Part 2)
2010-02-28	Mari Nichols	Disasters take practice
2010-01-23	Lorna Hutcheson	The necessary evils: Policies, Processes and Procedures
2009-12-19	Deborah Hale	Educationing Our Communities
2009-11-13	Deborah Hale	It's Never Too Early To Start Teaching Them
2008-09-07	Daniel Wesemann	Staying current, but not too current
2008-08-03	Deborah Hale	Securing A Network - Lessons Learned