Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: Diaries by Keyword Diaries by Keyword

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title

FEDCOURTS AU

2016-07-08Mark HofmanMalware being distributed pretending to be from AU Fedcourts

FEDCOURTS

2016-07-08/a>Mark HofmanMalware being distributed pretending to be from AU Fedcourts

AU

2020-02-16/a>Guy BruneauSOAR or not to SOAR?
2019-12-22/a>Didier StevensExtracting VBA Macros From .DWG Files
2019-12-16/a>Didier StevensMalicious .DWG Files?
2019-11-29/a>Russ McReeISC Snapshot: Search with SauronEye
2019-11-09/a>Guy BruneauFake Netflix Update Request by Text
2019-09-27/a>Xavier MertensNew Scans for Polycom Autoconfiguration Files
2019-09-17/a>Rob VandenBrinkInvestigating Gaps in your Windows Event Logs
2019-05-01/a>Xavier MertensAnother Day, Another Suspicious UDF File
2019-01-30/a>Russ McReeCR19-010: The United States vs. Huawei
2018-10-23/a>Xavier MertensDiving into Malicious AutoIT Code
2018-10-22/a>Xavier MertensMalicious Powershell using a Decoy Picture
2018-08-21/a>Xavier MertensMalicious DLL Loaded Through AutoIT
2018-06-04/a>Rob VandenBrinkDigging into Authenticode Certificates
2018-01-03/a>John BambenekPhishing to Rural America Leads to Six-figure Wire Fraud Losses
2017-09-11/a>Russ McReeWindows Auditing with WINspect
2017-09-02/a>Xavier MertensAutoIT based malware back in the wild
2017-08-25/a>Xavier MertensMalicious AutoIT script delivered in a self-extracting RAR file
2017-07-30/a>Guy BruneauText Banking Scams
2017-07-08/a>Xavier MertensA VBScript with Obfuscated Base64 Data
2017-05-03/a>Bojan ZdrnjaOAUTH phishing against Google Docs ? beware!
2017-03-04/a>Xavier MertensHow your pictures may affect your website reputation
2016-11-25/a>Xavier MertensFree Software Quick Security Checklist
2016-09-15/a>Xavier MertensIn Need of a OTP Manager Soon?
2016-07-08/a>Mark HofmanMalware being distributed pretending to be from AU Fedcourts
2016-05-18/a>Russ McReeResources: Windows Auditing & Monitoring, Linux 2FA
2016-02-26/a>Xavier MertensQuick Audit of *NIX Systems
2016-02-03/a>Xavier MertensAutomating Vulnerability Scans
2015-09-08/a>Lenny ZeltserA Close Look at PayPal Overpayment Scams That Target Craigslist Sellers
2015-09-01/a>Daniel WesemannHow to hack
2015-07-17/a>Didier StevensAutoruns and VirusTotal
2015-06-26/a>Daniel WesemannCisco default credentials - again!
2015-03-07/a>Guy BruneauShould it be Mandatory to have an Independent Security Audit after a Breach?
2014-11-04/a>Daniel Wesemann20$ is 999999 Euro
2014-09-27/a>Guy BruneauWhat has Bash and Heartbleed Taught Us?
2014-05-30/a>Johannes UllrichFake Australian Electric Bill Leads to Cryptolocker
2014-03-13/a>Daniel WesemannIdentification and authentication are hard ... finding out intention is even harder
2014-01-10/a>Basil Alawi S.TaherWindows Autorun-3
2014-01-08/a>Kevin ShorttIntercepted Email Attempts to Steal Payments
2013-12-20/a>Daniel Wesemannauthorized key lime pie
2013-09-18/a>Rob VandenBrinkCisco DCNM Update Released
2013-08-21/a>Rob VandenBrinkFibre Channel Reconnaissance - Reloaded
2013-06-21/a>Guy BruneauSysinternals Updates for Autoruns, Strings & ZoomIt http://blogs.technet.com/b/sysinternals/archive/2013/06/20/updates-autoruns-v11-61-strings-v2-52-zoomit-v4-5.aspx
2013-06-20/a>Guy BruneauHP iLO3/iLO4 Remote Unauthorized Access with Single-Sign-On
2013-04-15/a>Rob VandenBrinkOops - You Mean That Deleted Server was a Certificate Authority?
2013-03-28/a>John BambenekWhere Were You During the Great DDoS Cybergeddon of 2013?
2013-03-23/a>Guy BruneauApple ID Two-step Verification Now Available in some Countries
2013-03-18/a>Kevin ShorttSpamhaus DDOS
2013-03-05/a>Mark HofmanIPv6 Focus Month: Device Defaults
2013-02-19/a>Johannes UllrichEDUCAUSE Breach
2013-02-14/a>Bojan ZdrnjaAuditd is your friend
2012-09-05/a>Rob VandenBrinkAuditing a Network for VOIP Call Quality Metrics
2012-08-14/a>Rick WannerMicrosoft August 2012 Black Tuesday Update - Overview
2012-07-12/a>Rob VandenBrinkToday at SANSFIRE - Dude Your Car is PWND !
2012-03-03/a>Jim ClausingNew automated sandbox for Android malware
2012-01-13/a>Guy BruneauSysinternals Updates - http://blogs.technet.com/b/sysinternals/archive/2012/01/13/updates-autoruns-v11-21-coreinfo-v3-03-portmon-v-3-03-process-explorer-v15-12-mark-s-blog-and-mark-at-rsa-2012.aspx
2011-09-19/a>Guy BruneauMS Security Advisory Update - Fraudulent DigiNotar Certificates
2011-09-08/a>Rob VandenBrinkWhen Good CA's go Bad: Other Things to Check in Your Datacenter
2011-05-30/a>Johannes UllrichAllied Telesis Passwords Leaked
2011-05-18/a>Bojan ZdrnjaAndroid, HTTP and authentication tokens
2010-12-15/a>Manuel Humberto Santander PelaezHP StorageWorks P2000 G3 MSA hardcoded user
2010-09-28/a>Daniel WesemannSupporting the economy (in Russia and Ukraine)
2010-09-21/a>Johannes UllrichImplementing two Factor Authentication on the Cheap
2010-06-17/a>Deborah HaleInternet Fraud Alert Kicks Off Today
2010-06-15/a>Manuel Humberto Santander PelaezMastercard delivering cards with OTP device included
2010-05-15/a>Deborah HaleOnboard Computers Subject to Attack?
2010-05-03/a>Daniel WesemannSocial engineering via paper mail
2010-04-09/a>Mark HofmanAdobe launch issue response/work around.
2010-04-06/a>Daniel WesemannApplication Logs
2010-03-10/a>Rob VandenBrinkMicrosoft re-release of KB973811 - attacks on Extended Protection for Authentication
2009-11-25/a>Jim ClausingUpdates to my GREM Gold scripts and a new script
2009-11-05/a>Swa FrantzenInsider threat: The snapnames case
2009-10-02/a>Stephen HallNew SysInternal fun for the weekend
2009-08-19/a>Daniel WesemannChecking your protection
2009-08-16/a>Mari NicholsSurviving a third party onsite audit
2009-05-31/a>Tony CarothersL0phtcrack is Back!
2009-05-25/a>Jim ClausingNTPD autokey vulnerability
2009-05-11/a>Mari NicholsSysinternals Updates 3 Applications
2009-04-22/a>Jason LamOAuth vulnerability
2009-03-20/a>Stephen HallMaking the most of your runbooks
2009-02-25/a>donald smithAutoRun disabling patch released
2009-01-20/a>Adrien de BeaupreObamamania
2009-01-15/a>Bojan ZdrnjaConficker's autorun and social engineering
2008-12-25/a>Maarten Van HorenbeeckMerry Christmas, and beware of digital hitchhikers!
2008-11-05/a>donald smithhacking the election
2008-10-20/a>Johannes UllrichFraudulent ATM Reactivation Phone Calls.
2008-05-07/a>Jim ClausingMore on automated exploit generation
2008-04-18/a>John BambenekThe Patch Window is Gone: Automated Patch-Based Exploit Generation
2008-03-30/a>Mark HofmanMail Anyone?