OFFICE WEB OBJECTS |
| 2009-07-13 | Adrien de Beaupre | Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution |
OFFICE |
| 2020-02-21/a> | Xavier Mertens | Quick Analysis of an Encrypted Compound Document Format |
| 2019-12-28/a> | Didier Stevens | Corrupt Office Documents |
| 2019-12-09/a> | Didier Stevens | (Lazy) Sunday Maldoc Analysis |
| 2019-04-07/a> | Guy Bruneau | Fake Office 365 Payment Information Update |
| 2019-04-01/a> | Didier Stevens | Analysis of PDFs Created with OpenOffice/LibreOffice |
| 2018-12-13/a> | Xavier Mertens | Phishing Attack Through Non-Delivery Notification |
| 2018-10-10/a> | Xavier Mertens | New Campaign Using Old Equation Editor Vulnerability |
| 2018-09-04/a> | Rob VandenBrink | Let's Trade: You Read My Email, I'll Read Your Password! |
| 2018-05-25/a> | Xavier Mertens | Antivirus Evasion? Easy as 1,2,3 |
| 2018-05-01/a> | Xavier Mertens | Diving into a Simple Maldoc Generator |
| 2017-12-16/a> | Xavier Mertens | Microsoft Office VBA Macro Obfuscation via Metadata |
| 2017-11-15/a> | Xavier Mertens | If you want something done right, do it yourself! |
| 2017-04-28/a> | Xavier Mertens | Another Day, Another Obfuscation Technique |
| 2017-01-31/a> | Johannes Ullrich | Malicious Office files using fileless UAC bypass to drop KEYBASE malware |
| 2016-09-30/a> | Xavier Mertens | Another Day, Another Malicious Behaviour |
| 2016-07-19/a> | Didier Stevens | Office Maldoc: Let's Focus on the VBA Macros Later... |
| 2016-01-24/a> | Didier Stevens | Obfuscated MIME Files |
| 2015-02-20/a> | Tom Webb | Fast analysis of a Tax Scam |
| 2015-02-19/a> | Daniel Wesemann | Macros? Really?! |
| 2014-07-10/a> | Rob VandenBrink | Certificate Errors in Office 365 Today |
| 2014-06-22/a> | Russ McRee | OfficeMalScanner helps identify the source of a compromise |
| 2013-11-05/a> | Daniel Wesemann | TIFF images in MS-Office documents used in targeted attacks |
| 2012-09-14/a> | Lenny Zeltser | Analyzing Malicious RTF Files Using OfficeMalScanner's RTFScan |
| 2012-06-04/a> | Lenny Zeltser | Decoding Common XOR Obfuscation in Malicious Code |
| 2011-01-28/a> | Guy Bruneau | OpenOffice Security Fixes |
| 2010-10-26/a> | Pedro Bueno | Cyber Security Awareness Month - Day 26 - Sharing Office Files |
| 2010-06-05/a> | Guy Bruneau | OpenOffice.org 3.2.1 Fixes Bugs and Vulnerabilities |
| 2010-02-22/a> | Rob VandenBrink | Multiple Security Updates for OpenOffice ==> http://www.openoffice.org/security/bulletin.html |
| 2010-01-08/a> | Rob VandenBrink | Microsoft OfficeOnline, Searching for Trust and Malware |
| 2009-07-16/a> | Bojan Zdrnja | OWC exploits used in SQL injection attacks |
| 2009-07-13/a> | Adrien de Beaupre | Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution |
WEB |
| 2020-08-10/a> | Bojan Zdrnja | Scoping web application and web service penetration tests |
| 2020-07-24/a> | Xavier Mertens | Compromized Desktop Applications by Web Technologies |
| 2019-11-22/a> | Xavier Mertens | Abusing Web Filters Misconfiguration for Reconnaissance |
| 2019-09-24/a> | Xavier Mertens | Huge Amount of remotewebaccess.com Sites Found in Certificate Transparency Logs |
| 2019-08-28/a> | Johannes Ullrich | [Guest Diary] Open Redirect: A Small But Very Common Vulnerability |
| 2019-08-01/a> | Johannes Ullrich | What is Listening On Port 9527/TCP? |
| 2019-06-19/a> | Johannes Ullrich | Critical Actively Exploited WebLogic Flaw Patched CVE-2019-2729 |
| 2019-04-28/a> | Johannes Ullrich | Update about Weblogic CVE-2019-2725 (Exploits Used in the Wild, Patch Status) |
| 2019-04-25/a> | Rob VandenBrink | Unpatched Vulnerability Alert - WebLogic Zero Day |
| 2019-02-02/a> | Guy Bruneau | Scanning for WebDAV PROPFIND Exploiting CVE-2017-7269 |
| 2018-11-17/a> | Xavier Mertens | Quickly Investigating Websites with Lookyloo |
| 2018-07-20/a> | Kevin Liston | Weblogic Exploit Code Made Public (CVE-2018-2893) |
| 2018-05-03/a> | Renato Marinho | WebLogic Exploited in the Wild (Again) |
| 2018-04-30/a> | Remco Verhoef | Another approach to webapplication fingerprinting |
| 2018-01-08/a> | Johannes Ullrich | A Story About PeopleSoft: How to Make $250k Without Leaving Home. |
| 2017-09-14/a> | Xavier Mertens | Another webshell, another backdoor! |
| 2017-07-19/a> | Xavier Mertens | Bots Searching for Keys & Config Files |
| 2017-06-01/a> | Xavier Mertens | Sharing Private Data with Webcast Invitations |
| 2017-05-12/a> | Xavier Mertens | When Bad Guys are Pwning Bad Guys... |
| 2017-04-07/a> | Xavier Mertens | Tracking Website Defacers with HTTP Referers |
| 2017-04-02/a> | Guy Bruneau | IPFire - A Household Multipurpose Security Gateway |
| 2017-02-28/a> | Xavier Mertens | Analysis of a Simple PHP Backdoor |
| 2017-01-24/a> | Johannes Ullrich | Critical Vulnerability in Cisco WebEx Chrome Plugin |
| 2017-01-14/a> | Xavier Mertens | Backup Files Are Good but Can Be Evil |
| 2016-07-13/a> | Xavier Mertens | The Power of Web Shells |
| 2016-01-29/a> | Xavier Mertens | Scripting Web Categorization |
| 2015-06-25/a> | Bojan Zdrnja | Web security subtleties and exploitation of combined vulnerabilities |
| 2015-04-23/a> | Bojan Zdrnja | When automation does not help |
| 2015-04-14/a> | Johannes Ullrich | Odd POST Request To Web Honeypot |
| 2014-08-16/a> | Lenny Zeltser | Web Server Attack Investigation - Installing a Bot and Reverse Shell via a PHP Vulnerability |
| 2014-08-09/a> | Adrien de Beaupre | Complete application ownage via Multi-POST XSRF |
| 2014-06-11/a> | Daniel Wesemann | Gimme your keys! |
| 2014-06-10/a> | Daniel Wesemann | Sampling Bias |
| 2014-04-24/a> | Rob VandenBrink | Apple IOS updates to 7.1.1, OSX Security update 2014-002, Airport Updates - http://support.apple.com/kb/HT1222, http://support.apple.com/kb/HT6208, http://support.apple.com/kb/HT6207, http://support.apple.com/kb/HT6203 |
| 2014-04-11/a> | Guy Bruneau | Heartbleed Fix Available for Download for Cisco Products |
| 2014-04-07/a> | Johannes Ullrich | Attack or Bad Link? Your Guess? |
| 2014-01-17/a> | Russ McRee | Massive RFI scans likely a free web app vuln scanner rather than bots |
| 2014-01-13/a> | Johannes Ullrich | Special Webcast today: HTML5, Risky Business or Hidden Security Toolchest? https://www.sans.org/webcasts/html5-risky-business-hidden-security-tool-chest-mobile-web-app-authentication-97650 |
| 2014-01-11/a> | Guy Bruneau | tcpflow 1.4.4 and some of its most Interesting Features |
| 2013-12-24/a> | Daniel Wesemann | Unfriendly crontab additions |
| 2013-11-02/a> | Rick Wanner | Protecting Your Family's Computers |
| 2013-10-04/a> | Pedro Bueno | CSAM: WebHosting BruteForce logs |
| 2013-09-05/a> | Rob VandenBrink | What's Next for IPS? |
| 2013-07-27/a> | Scott Fendley | Defending Against Web Server Denial of Service Attacks |
| 2013-06-25/a> | Bojan Zdrnja | The race for resources |
| 2013-06-10/a> | Johannes Ullrich | When Google isn't Google |
| 2013-04-08/a> | Johannes Ullrich | Cleaning Up After the Leak: Hiding exposed web content |
| 2013-03-26/a> | Daniel Wesemann | How your Webhosting Account is Getting Abused |
| 2013-02-25/a> | Johannes Ullrich | Punkspider enumerates web application vulnerabilities |
| 2013-02-22/a> | Johannes Ullrich | When web sites go bad: bible . org compromise |
| 2013-01-25/a> | Johannes Ullrich | Vulnerability Scans via Search Engines (Request for Logs) |
| 2012-10-26/a> | Adam Swanger | Securing the Human Special Webcast - October 30, 2012 |
| 2012-09-08/a> | Guy Bruneau | Webmin Input Validation Vulnerabilities |
| 2012-08-13/a> | Rick Wanner | Interesting scan for medical certification information... |
| 2012-07-23/a> | Johannes Ullrich | Most Anti-Privacy Web Browsing Tool Ever? |
| 2012-03-11/a> | Johannes Ullrich | An Analysis of Jester's QR Code Attack. (Guest Diary) |
| 2011-12-28/a> | Daniel Wesemann | Hash collisions vulnerability in web servers |
| 2011-11-01/a> | Russ McRee | Secure languages & frameworks |
| 2011-10-12/a> | Adam Swanger | We are experiencing technical issues with the webcast. The webcast will start as soon as these issues are resolved. |
| 2011-08-16/a> | Johannes Ullrich | What are the most dangerous web applications and how to secure them? |
| 2011-07-28/a> | Johannes Ullrich | Announcing: The "404 Project" |
| 2011-07-05/a> | Raul Siles | Helping Developers Understand Security - Spot the Vuln |
| 2011-05-17/a> | Johannes Ullrich | A Couple Days of Logs: Looking for the Russian Business Network |
| 2011-05-14/a> | Guy Bruneau | Websense Study Claims Canada Next Hotbed for Cybercrime Web Hosting Activity |
| 2011-05-11/a> | Swa Frantzen | Time to disable WebGL ? |
| 2011-04-10/a> | Raul Siles | Recent security enhancements in web browsers (e.g. Google Chrome) |
| 2011-04-01/a> | John Bambenek | LizaMoon Mass SQL-Injection Attack Infected at least 500k Websites |
| 2011-02-28/a> | Deborah Hale | Possible Botnet Scanning |
| 2011-02-01/a> | Lenny Zeltser | The Importance of HTTP Headers When Investigating Malicious Sites |
| 2010-12-18/a> | Raul Siles | Google Chrome (Stable and Beta) have been updated to 8.0.552.224 for all platforms (Chrome OS too). http://bit.ly/fW04cr |
| 2010-12-12/a> | Raul Siles | New trend regarding web application vulnerabilities? |
| 2010-12-02/a> | Kevin Johnson | Robert Hansen and our happiness |
| 2010-11-18/a> | Chris Carboni | All of your pages are belonging to us |
| 2010-08-16/a> | Raul Siles | Blind Elephant: A New Web Application Fingerprinting Tool |
| 2010-08-15/a> | Manuel Humberto Santander Pelaez | Python to test web application security |
| 2010-08-13/a> | Tom Liston | The Strange Case of Doctor Jekyll and Mr. ED |
| 2010-07-25/a> | Rick Wanner | Updated version of Mandiant's Web Historian |
| 2010-07-21/a> | Adrien de Beaupre | Update on .LNK vulnerability |
| 2010-07-20/a> | Manuel Humberto Santander Pelaez | LNK vulnerability now with Metasploit module implementing the WebDAV method |
| 2010-06-23/a> | Scott Fendley | Opera Browser Update |
| 2010-06-15/a> | Manuel Humberto Santander Pelaez | iPhone 4 Order Security Breach Exposes Private Information |
| 2010-04-26/a> | Raul Siles | Vulnerable Sites Database |
| 2010-04-13/a> | Adrien de Beaupre | Web App Testing Tools |
| 2010-03-24/a> | Johannes Ullrich | ".sys" Directories Delivering Driveby Downloads |
| 2010-03-21/a> | Scott Fendley | Skipfish - Web Application Security Tool |
| 2010-03-08/a> | Raul Siles | Samurai WTF 0.8 |
| 2010-02-06/a> | Guy Bruneau | Oracle WebLogic Server Security Alert |
| 2010-02-03/a> | Johannes Ullrich | Anatomy of a Form Spam Campaign (in progress against isc.sans.org right now) https://blogs.sans.org/appsecstreetfighter/ |
| 2010-01-29/a> | Johannes Ullrich | Analyzing isc.sans.org weblogs, part 2, RFI attacks |
| 2010-01-25/a> | William Salusky | "Bots and Spiders and Crawlers, be gone!" - or - "New Open Source WebAppSec tools, Huzzah!" |
| 2010-01-20/a> | Johannes Ullrich | Weathering the Storm Part 1: An analysis of our SANS ISC weblogs http://appsecstreetfighter.com |
| 2010-01-08/a> | Rob VandenBrink | Microsoft OfficeOnline, Searching for Trust and Malware |
| 2009-12-28/a> | Johannes Ullrich | 8 Basic Rules to Implement Secure File Uploads http://jbu.me/48 (inspired by IIS ; bug) |
| 2009-10-26/a> | Johannes Ullrich | Web honeypot Update |
| 2009-10-20/a> | Raul Siles | WASC 2008 Statistics |
| 2009-10-09/a> | Rob VandenBrink | THAWTE to discontinue free Email Certificate Services and Web of Trust Service |
| 2009-09-18/a> | Jason Lam | Results from Webhoneypot project |
| 2009-09-16/a> | Raul Siles | Review the security controls of your Web Applications... all them! |
| 2009-08-18/a> | Deborah Hale | Domain tcpdump.org unavailable |
| 2009-08-18/a> | Deborah Hale | Website compromises - what's happening? |
| 2009-08-17/a> | Adrien de Beaupre | YAMWD: Yet Another Mass Web Defacement |
| 2009-08-01/a> | Deborah Hale | Website Warnings |
| 2009-07-13/a> | Adrien de Beaupre | Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution |
| 2009-07-05/a> | Bojan Zdrnja | More on ColdFusion hacks |
| 2009-06-11/a> | Jason Lam | Dshield Web Honeypot going beta |
| 2009-05-27/a> | donald smith | WebDAV write-up |
| 2009-05-26/a> | Jason Lam | A new Web application security blog |
| 2009-05-24/a> | Raul Siles | IIS admins, help finding WebDAV remotely using nmap |
| 2009-05-21/a> | Adrien de Beaupre | IIS admins, help finding WebDAV |
| 2009-05-20/a> | Tom Liston | Web Toolz |
| 2009-05-05/a> | Bojan Zdrnja | Every dot matters |
| 2009-04-21/a> | Bojan Zdrnja | Web application vulnerabilities |
| 2009-03-26/a> | Mark Hofman | Webhoneypot fun |
| 2009-02-17/a> | Jason Lam | DShield Web Honeypot - Alpha Preview Release |
| 2009-01-12/a> | William Salusky | Web Application Firewalls (WAF) - Have you deployed WAF technology? |
| 2008-12-01/a> | Jason Lam | Call for volunteers - Web Honeypot Project |
| 2008-11-20/a> | Jason Lam | Large quantity SQL Injection mitigation |
| 2008-09-08/a> | Raul Siles | Quick Analysis of the 2007 Web Application Security Statistics |
| 2008-08-19/a> | Johannes Ullrich | A morning stroll through my web logs |
| 2008-08-15/a> | Jim Clausing | WebEx ActiveX buffer overflow |
| 2008-06-07/a> | Jim Clausing | Followup to 'How do you monitor your website?' |
| 2008-04-24/a> | donald smith | Hundreds of thousands of SQL injections |
| 2006-09-30/a> | Swa Frantzen | Yellow: WebViewFolderIcon setslice exploit spreading |
OBJECTS |
| 2017-08-18/a> | Guy Bruneau | tshark 2.4 New Feature - Command Line Export Objects |
| 2010-07-04/a> | Manuel Humberto Santander Pelaez | Interesting analysis of the PHP SplObjectStorage Vulnerability |
| 2009-07-13/a> | Adrien de Beaupre | Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution |
