Internet Storm Center
Sign In
Sign Up
Handler on Duty:
Guy Bruneau
Threat Level:
green
Date
Author
Title
2023-10-09
Didier Stevens
ZIP's DOSTIME & DOSDATE Formats
2023-06-24
Guy Bruneau
Email Spam with Attachment Modiloader
2023-06-22
Brad Duncan
Qakbot (Qbot) activity, obama271 distribution tag
2023-06-05
Johannes Ullrich
Brute Forcing Simple Archive Passwords
2023-05-18
Johannes Ullrich
A Quick Survey of .zip Domains: Your highest risk is running into Rick Astley.
2023-02-28
Brad Duncan
BB17 distribution Qakbot (Qbot) activity
2022-10-16
Didier Stevens
Video: Analysis of a Malicious HTML File (QBot)
2022-10-13
Didier Stevens
Analysis of a Malicious HTML File (QBot)
2022-07-09
Didier Stevens
7-Zip Editing & MoW
2022-07-04
Didier Stevens
7-Zip & MoW: "For Office files"
2022-07-03
Didier Stevens
7-Zip & MoW
2022-06-04
Guy Bruneau
Spam Email Contains a Very Large ISO file
2022-05-20
Xavier Mertens
A 'Zip Bomb' to Bypass Security Controls & Sandboxes
2022-04-20
Brad Duncan
"aa" distribution Qakbot (Qbot) infection with DarkVNC traffic
2022-02-18
Xavier Mertens
Remcos RAT Delivered Through Double Compressed Archive
2021-10-31
Didier Stevens
Video: Phishing ZIP With Malformed Filename
2021-10-24
Didier Stevens
Phishing ZIP With Malformed Filename
2021-09-08
Brad Duncan
"Stolen Images Evidence" Campaign Continues Pushing BazarLoader Malware
2021-08-13
Brad Duncan
Example of Danabot distributed through malspam
2021-07-26
Didier Stevens
Failed Malspam: Recovering The Password
2020-10-14
Brad Duncan
More TA551 (Shathak) Word docs push IcedID (Bokbot)
2020-08-07
Brad Duncan
TA551 (Shathak) Word docs push IcedID (Bokbot)
2020-05-13
Brad Duncan
Malspam with links to zip archives pushes Dridex malware
2020-05-03
Didier Stevens
ZIP & AES
2020-04-26
Didier Stevens
Video: Malformed .docm File
2020-04-08
Brad Duncan
German malspam pushes ZLoader malware
2020-04-04
Didier Stevens
New Bypass Technique or Corrupt Word Document?
2020-03-25
Brad Duncan
Recent Dridex activity
2020-01-22
Brad Duncan
German language malspam pushes Ursnif
2019-03-14
Didier Stevens
Tip: Ghidra & ZIP Files
2018-12-17
Didier Stevens
Password Protected ZIP with Maldoc
2017-08-26
Didier Stevens
Malware analysis: searching for dots
2016-11-22
Didier Stevens
Update:ZIP With Comment
2016-11-21
Didier Stevens
ZIP With Comment
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Domains
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
Make the web a better place by
sharing the SANS Internet Storm Center
with others
