| 2021-11-21 | Didier Stevens | Backdooring PAM |
| 2021-09-20 | Johannes Ullrich | #OMIGOD Exploits Captured in the Wild. Researchers responsible for half of scans for related ports. |
| 2020-07-19 | Guy Bruneau | Scanning Activity for ZeroShell Unauthenticated Access |
| 2020-07-11 | Guy Bruneau | Scanning Home Internet Facing Devices to Exploit |
| 2019-06-18 | Johannes Ullrich | What You Need To Know About TCP "SACK Panic" |
| 2018-10-26 | Xavier Mertens | Dissecting Malicious Office Documents with Linux |
| 2018-10-17 | Russ McRee | RedHunt Linux - Adversary Emulation, Threat Hunting & Intelligence |
| 2018-08-05 | Didier Stevens | Video: Maldoc analysis with standard Linux tools |
| 2017-10-18 | Renato Marinho | Baselining Servers to Detect Outliers |
| 2017-06-14 | Xavier Mertens | Systemd Could Fallback to Google DNS? |
| 2016-07-27 | Xavier Mertens | Analyze of a Linux botnet client source code |
| 2016-05-18 | Russ McRee | Resources: Windows Auditing & Monitoring, Linux 2FA |
| 2016-05-08 | Jim Clausing | Guest Diary: Linux Capabilities - A friend and foe |
| 2016-03-28 | Xavier Mertens | Improving Bash Forensics Capabilities |
| 2014-11-25 | Adrien de Beaupre | Less is, umm, less? |
| 2014-08-16 | Lenny Zeltser | Web Server Attack Investigation - Installing a Bot and Reverse Shell via a PHP Vulnerability |
| 2014-03-07 | Tom Webb | Linux Memory Dump with Rekall |
| 2013-12-24 | Daniel Wesemann | Unfriendly crontab additions |
| 2013-05-14 | Swa Frantzen | CVE-2013-2094: Linux privilege escalation |
| 2011-08-31 | Johannes Ullrich | Kernel.org Compromise |
| 2011-07-31 | Daniel Wesemann | Anatomy of a Unix breach |
| 2011-06-01 | Johannes Ullrich | Enabling Privacy Enhanced Addresses for IPv6 |
| 2011-05-01 | Deborah Hale | Droid MarketPlace Has a New App |
| 2010-09-17 | Robert Danford | Circa 2007 Linux Kernel Vulnerability Resurfaces (Was CVE-2007-4573, Now CVE-2010-3301) |
| 2009-07-17 | Bojan Zdrnja | A new fascinating Linux kernel vulnerability |
| 2008-07-31 | Swa Frantzen | Linus - Linux and Security - follow-up |
| 2008-07-29 | Swa Frantzen | Linus - Linux and Security |
| 2008-06-10 | Swa Frantzen | Linux ASN.1 BER kernel buffer overflow |
| 2008-05-13 | Swa Frantzen | OpenSSH: Predictable PRNG in debian and ubuntu Linux |
https://www.sans.edu
