Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Diaries by Keyword - SANS Internet Storm Center Diaries by Keyword

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title

LOAD BALANCER

2022-05-25Rob VandenBrinkUsing NMAP to Assess Hosts in Load Balanced Clusters

LOAD

2022-05-25/a>Rob VandenBrinkUsing NMAP to Assess Hosts in Load Balanced Clusters
2022-05-23/a>Johannes UllrichAttacker Scanning for jQuery-File-Upload
2022-03-24/a>Xavier MertensMalware Delivered Through Free Sharing Tool
2022-02-11/a>Xavier MertensCinaRAT Delivered Through HTML ID Attributes
2021-11-19/a>Xavier MertensDownloader Disguised as Excel Add-In (XLL)
2021-11-04/a>Brad DuncanOctober 2021 Forensic Contest: Answers and Analysis
2021-09-08/a>Brad Duncan"Stolen Images Evidence" Campaign Continues Pushing BazarLoader Malware
2021-08-11/a>Brad DuncanTA551 (Shathak) continues pushing BazarLoader, infections lead to Cobalt Strike
2021-07-29/a>Xavier MertensMalicious Content Delivered Through archive.org
2021-05-18/a>Xavier MertensFrom RunDLL32 to JavaScript then PowerShell
2021-02-24/a>Brad DuncanMalspam pushes GuLoader for Remcos RAT
2020-10-22/a>Jan KoprivaBazarLoader phishing lures: plan a Halloween party, get a bonus and be fired in the same afternoon
2020-06-10/a>Brad DuncanJob application-themed malspam pushes ZLoader
2020-05-24/a>Didier StevensZloader Maldoc Analysis With xlm-deobfuscator
2020-04-10/a>Xavier MertensPowerShell Sample Extracting Payload From SSL
2020-04-08/a>Brad DuncanGerman malspam pushes ZLoader malware
2019-12-05/a>Jan KoprivaE-mail from Agent Tesla
2019-11-08/a>Xavier MertensMicrosoft Apps Diverted from Their Main Use
2019-07-05/a>Didier StevensA "Stream O" Maldoc
2019-07-02/a>Xavier MertensMalicious Script With Multiple Payloads
2019-07-01/a>Didier StevensMaldoc: Payloads in User Forms
2018-11-18/a>Guy BruneauMultipurpose PCAP Analysis Tool
2018-11-05/a>Johannes UllrichStruts 2.3 Vulnerable to Two Year old File Upload Flaw
2018-03-12/a>Xavier MertensPayload delivery via SMB
2018-01-26/a>Xavier MertensInvestigating Microsoft BITS Activity
2017-02-10/a>Brad DuncanHancitor/Pony malspam
2014-02-05/a>Johannes UllrichTo Merrillville or Sochi: How Dangerous is it to travel?
2010-03-24/a>Johannes Ullrich".sys" Directories Delivering Driveby Downloads
2009-12-28/a>Johannes Ullrich8 Basic Rules to Implement Secure File Uploads http://jbu.me/48 (inspired by IIS ; bug)
2009-03-17/a>Johannes UllrichIdentifying applications using UDP payload
2008-07-11/a>Jim ClausingHandling the load

BALANCER

2022-05-25/a>Rob VandenBrinkUsing NMAP to Assess Hosts in Load Balanced Clusters