Diaries by Keyword - SANS Internet Storm Center

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Handler on Duty: Jim Clausing

Threat Level: green

Date	Author	Title
2022-01-01	Didier Stevens	Expect Regressions
2021-07-30	Xavier Mertens	Infected With a .reg File
2021-05-02	Didier Stevens	PuTTY And FileZilla Use The Same Fingerprint Registry Keys
2020-03-27	Xavier Mertens	Malicious JavaScript Dropping Payload in the Registry
2018-01-12	Bojan Zdrnja	Those pesky registry keys required by critical security patches
2017-12-13	Xavier Mertens	Tracking Newly Registered Domains
2017-11-15	Xavier Mertens	If you want something done right, do it yourself!
2017-09-18	Xavier Mertens	Getting some intelligence from malspam
2017-06-17	Guy Bruneau	Mapping Use Cases to Logs. Which Logs are the Most Important to Collect?
2017-03-19	Xavier Mertens	Searching for Base64-encoded PE Files
2016-05-22	Pasquale Stirparo	The strange case of WinZip MRU Registry key
2014-11-04	Daniel Wesemann	Whois someone else?
2014-02-09	Basil Alawi S.Taher	Mandiant Highlighter 2
2013-07-21	Guy Bruneau	Why use Regular Expressions?
2013-07-10	Johannes Ullrich	.NL Registrar Compromisse
2012-05-06	Jim Clausing	Tool updates and Win 8
2011-01-24	Rob VandenBrink	Where have all the COM Ports Gone? - How enumerating COM ports led to me finding a “misplaced” Microsoft tool
2011-01-12	Richard Porter	Yet Another Data Broker? AOL Lifestream.
2009-03-01	Jim Clausing	Cool combination of tools
2008-08-15	Jim Clausing	OMFW 2008 reflections