Diaries by Keyword - SANS Internet Storm Center

Participate: Learn more about our honeypot network
https://isc.sans.edu/tools/honeypot/

Handler on Duty: Jesse La Grew

Threat Level: green

Date	Author	Title
CYBER ATTACKS
2013-08-19	Guy Bruneau	Business Risks and Cyber Attacks
CYBER
2024-02-18/a>	Guy Bruneau	Mirai-Mirai On The Wall... [Guest Diary]
2023-11-22/a>	Guy Bruneau	CVE-2023-1389: A New Means to Expand Botnets
2023-10-29/a>	Guy Bruneau	Spam or Phishing? Looking for Credentials & Passwords
2023-10-18/a>	Jesse La Grew	Hiding in Hex
2023-09-28/a>	Didier Stevens	IPv4 Addresses in Little Endian Decimal Format
2023-05-28/a>	Guy Bruneau	We Can no Longer Ignore the Cost of Cybersecurity
2023-03-26/a>	Didier Stevens	CyberChef Version 10 Released
2022-12-18/a>	Guy Bruneau	Infostealer Malware with Double Extension
2022-12-17/a>	Didier Stevens	CyberChef & Entropy
2022-12-11/a>	Didier Stevens	Quickie: CyberChef Sorting By String Length
2022-11-11/a>	Didier Stevens	Update: IPv4 Address Representations
2022-09-17/a>	Didier Stevens	Video: Analyzing Obfuscated VBS with CyberChef
2022-03-26/a>	Guy Bruneau	Is buying Cyber Insurance a Must Now?
2022-02-24/a>	Xavier Mertens	Ukraine & Russia Situation From a Domain Names Perspective
2021-09-25/a>	Didier Stevens	Strings Analysis: VBA & Excel4 Maldoc
2021-09-25/a>	Didier Stevens	Video: Strings Analysis: VBA & Excel4 Maldoc
2021-07-18/a>	Didier Stevens	Video: CyberChef BASE85 Decoding
2021-04-03/a>	Didier Stevens	Video: YARA and CyberChef
2021-01-23/a>	Didier Stevens	CyberChef: Analyzing OOXML Files for URLs
2021-01-15/a>	Guy Bruneau	Obfuscated DNS Queries
2021-01-10/a>	Didier Stevens	Maldoc Analysis With CyberChef
2020-08-03/a>	Johannes Ullrich	A Word of Caution: Helping Out People Being Stalked Online
2020-05-29/a>	Johannes Ullrich	The Impact of Researchers on Our Data
2020-01-25/a>	Russell Eubanks	Visibility Gap of Your Security Tools
2019-10-27/a>	Guy Bruneau	Unusual Activity with Double Base64 Encoding
2019-08-25/a>	Guy Bruneau	Are there any Advantages of Buying Cyber Security Insurance?
2019-06-04/a>	Russ McRee	ISC snapshot: r-cyber with rud.is
2018-10-16/a>	Didier Stevens	CyberChef: BASE64/XOR Recipe
2018-06-23/a>	Russell Eubanks	Creative Hiring From Non-Traditional Places
2018-01-23/a>	John Bambenek	Life after GDPR: Implications for Cybersecurity
2017-05-28/a>	Guy Bruneau	CyberChef a Must Have Tool in your Tool bag!
2016-10-02/a>	Guy Bruneau	Is there an Infosec Cybersecurity Talent Shortage?
2016-01-05/a>	Guy Bruneau	What are you Concerned the Most in 2016?
2015-12-12/a>	Russell Eubanks	What Signs Are You Missing?
2015-12-05/a>	Guy Bruneau	Cyber Threat Information Sharing Survey Looking for your Feedback - https://www.harrishealth.org/cybergrantsurvey
2015-10-17/a>	Russell Eubanks	CIS Critical Security Controls - Version 6.0
2015-05-30/a>	Russell Eubanks	Weekend Learning - Spoofer Project
2014-08-23/a>	Guy Bruneau	NSS Labs Cyber Resilience Report
2013-10-01/a>	Adrien de Beaupre	CSAM! Send us your logs!
2013-08-19/a>	Guy Bruneau	Business Risks and Cyber Attacks
2013-04-28/a>	Russ McRee	SANS's Alan Paller discusses the threat of cyberterrorism on CNN
2013-03-28/a>	John Bambenek	Where Were You During the Great DDoS Cybergeddon of 2013?
2012-11-26/a>	John Bambenek	Online Shopping for the Holidays? Tips, News and a Fair Warning
2012-10-30/a>	Mark Hofman	Cyber Security Awareness Month - Day 30 - DSD 35 mitigating controls
2012-10-29/a>	Kevin Shortt	Cyber Security Awareness Month - Day 29 - Clear Desk: The Unacquainted Standard
2012-10-26/a>	Russ McRee	Cyber Security Awareness Month - Day 26 - Attackers use trusted domain to propagate Citadel Zeus variant
2012-10-25/a>	Richard Porter	Cyber Security Awareness Month - Day 25 - Pro Audio & Video Packets on the Wire
2012-10-24/a>	Russ McRee	Cyber Security Awareness Month - Day 24 - A Standard for Information Security Incident Management - ISO 27035
2012-10-23/a>	Rob VandenBrink	Cyber Security Awareness Month - Day 23: Character Encoding Standards - ASCII and Successors
2012-10-21/a>	Johannes Ullrich	Cyber Security Awareness Month - Day 22: Connectors
2012-10-19/a>	Johannes Ullrich	Cyber Security Awareness Month - Day 19: Standard log formats and CEE.
2012-10-18/a>	Rob VandenBrink	Cyber Security Awareness Month - Day 18 - Vendor Standards: The vSphere Hardening Guide
2012-10-17/a>	Rob VandenBrink	Cyber Security Awareness Month - Day 17 - A Standard for Risk Management - ISO 27005
2012-10-16/a>	Richard Porter	CyberAwareness Month - Day 15, Standards Body Soup (pt2), Same Soup Different Cook.
2012-10-16/a>	Johannes Ullrich	Cyber Security Awareness Month - Day 16: W3C and HTML
2012-10-14/a>	Pedro Bueno	Cyber Security Awareness Month - Day 14 - Poor Man's File Analysis System - Part 1
2012-10-13/a>	Guy Bruneau	New Poll - Cyber Security Awareness Month Activities 2012 - https://isc.sans.edu/poll.html
2012-10-12/a>	Mark Hofman	Cyber Security Awareness Month - Day 12 PCI DSS
2012-10-11/a>	Rob VandenBrink	Cyber Security Awareness Month - Day 11 - Vendor Agnostic Standards (Center for Internet Security)
2012-10-10/a>	Kevin Shortt	Cyber Security Awareness Month - Day 10 - Standard Sudo - Part Two
2012-10-09/a>	Johannes Ullrich	Cyber Security Awreness Month - Day 9 - Request for Comment (RFC)
2012-10-08/a>	Mark Hofman	Cyber Security Awareness Month - Day 8 ISO 27001
2012-10-07/a>	Tony Carothers	Cyber Security Awareness Month - Day 7 - Rollup Review of CSAM Week 1
2012-10-06/a>	Manuel Humberto Santander Pelaez	Cyber Security Awareness Month - Day 6 - NERC: The standard that enforces security on power SCADA
2012-10-05/a>	Johannes Ullrich	Cyber Security Awareness Month - Day 5: Standards Body Soup, So many Flavors in the bowl.
2012-10-04/a>	Johannes Ullrich	Cyber Security Awareness Month - Day 4: Crypto Standards
2012-10-03/a>	Kevin Shortt	Cyber Security Awareness Month - Day 3 - Standard Sudo - Part One
2012-10-02/a>	Russ McRee	Cyber Security Awareness Month - Day 2 - PCI Security Standard: Mobile Payment Acceptance Security Guidelines
2012-10-01/a>	Johannes Ullrich	Cyber Security Awareness Month
2011-10-29/a>	Richard Porter	The Sub Critical Control? Evidence Collection
2011-10-28/a>	Russ McRee	Critical Control 19: Data Recovery Capability
2011-10-28/a>	Daniel Wesemann	Critical Control 20: Security Skills Assessment and Training to fill Gaps
2011-10-27/a>	Mark Baggett	Critical Control 18: Incident Response Capabilities
2011-10-26/a>	Rick Wanner	Critical Control 17:Penetration Tests and Red Team Exercises
2011-10-17/a>	Rob VandenBrink	Critical Control 11: Account Monitoring and Control
2011-10-13/a>	Guy Bruneau	Critical Control 10: Continuous Vulnerability Assessment and Remediation
2011-10-12/a>	Kevin Shortt	Critical Control 8 - Controlled Use of Administrative Privileges
2011-10-11/a>	Swa Frantzen	Critical Control 7 - Application Software Security
2011-10-10/a>	Jim Clausing	Critical Control 6 - Maintenance, Monitoring, and Analysis of Security Audit Logs
2011-10-07/a>	Mark Hofman	Critical Control 5 - Boundary Defence
2011-10-04/a>	Rob VandenBrink	Critical Control 2 - Inventory of Authorized and Unauthorized Software
2011-10-04/a>	Johannes Ullrich	Critical Control 3 - Secure Configurations for Hardware and Software on Laptops, Workstations and Servers
2011-10-03/a>	Mark Hofman	Critical Control 1 - Inventory of Authorized and Unauthorized Devices
2011-10-03/a>	Mark Baggett	What are the 20 Critical Controls?
2011-10-03/a>	Tom Liston	Security 101 : Security Basics in 140 Characters Or Less
2011-10-02/a>	Mark Hofman	Cyber Security Awareness Month Day 1/2 - Schedule
2011-10-02/a>	Mark Hofman	Cyber Security Awareness Month Day 1/2 - Introduction to the controls
2011-09-21/a>	Mark Hofman	October 2011 Cyber Security Awareness Month
2011-05-14/a>	Guy Bruneau	Websense Study Claims Canada Next Hotbed for Cybercrime Web Hosting Activity
2010-10-31/a>	Marcus Sachs	Cyber Security Awareness Month - Day 31 - Tying it all together
2010-10-30/a>	Guy Bruneau	Cyber Security Awareness Month - Day 30 - Role of the network team
2010-10-29/a>	Manuel Humberto Santander Pelaez	Cyber Security Awareness Month - Day 29- Role of the office geek
2010-10-28/a>	Rick Wanner	Cyber Security Awareness Month - Day 27 - Social Media use in the office
2010-10-28/a>	Tony Carothers	Cyber Security Awareness Month - Day 28 - Role of the employee
2010-10-26/a>	Pedro Bueno	Cyber Security Awareness Month - Day 26 - Sharing Office Files
2010-10-25/a>	Kevin Shortt	Cyber Security Awareness Month - Day 25 - Using Home Computers for Work
2010-10-24/a>	Swa Frantzen	Cyber Security Awarenes Month - Day 24 - Using work computers at home
2010-10-23/a>	Mark Hofman	Cyber Security Awareness Month - Day 23 - The Importance of compliance
2010-10-22/a>	Daniel Wesemann	Cyber Security Awareness Month - Day 22 - Security of removable media
2010-10-21/a>	Chris Carboni	Cyber Security Awareness Month - Day 21 - Impossible Requests from the Boss
2010-10-20/a>	Jim Clausing	Cyber Security Awareness Month - Day 20 - Securing Mobile Devices
2010-10-19/a>	Rob VandenBrink	Cyber Security Awareness Month - Day 19 - Remote Access Tools
2010-10-19/a>	Rob VandenBrink	Cyber Security Awareness Month - Day 19 - Remote User VPN Tunnels - to Split or not to Split?
2010-10-19/a>	Rob VandenBrink	Cyber Security Awareness Month - Day 19 - VPN Architectures – SSL or IPSec?
2010-10-19/a>	Rob VandenBrink	Cyber Security Awareness Month - Day 19 - Remote User VPN Access – Are things getting too easy, or too hard?
2010-10-19/a>	Rob VandenBrink	Cyber Security Awareness Month - Day 19 - VPN and Remote Access Tools
2010-10-18/a>	Manuel Humberto Santander Pelaez	Cyber Security Awareness Month - Day 18 - What you should tell your boss when there's a crisis
2010-10-17/a>	Stephen Hall	Cyber Security Awareness Month - Day 17 - What a boss should and should not have access to
2010-10-15/a>	Marcus Sachs	Cyber Security Awareness Month - Day 15 - What Teachers Need to Know About Their Students
2010-10-15/a>	Guy Bruneau	Cyber Security Awareness Month - Day 16 - Securing a donated computer
2010-10-14/a>	Johannes Ullrich	Cyber Security Awareness Month - Day 14 - Securing a public computer
2010-10-13/a>	Deborah Hale	Cyber Security Awareness Month - Day 13 - Online Bullying
2010-10-12/a>	Scott Fendley	Cyber Security Awareness Month - Day 12 - Protecting and Managing Your Digital Identity On Social Media Sites
2010-10-11/a>	Rick Wanner	Cyber Security Awareness Month - Day 11 - Safe Browsing for Teens
2010-10-10/a>	Kevin Liston	Cyber Security Awareness Month - Day 10 - Safe browsing for pre-teens
2010-10-09/a>	Kevin Shortt	Cyber Security Awareness Month - Day 9 - Disposal of an Old Computer
2010-10-08/a>	Rick Wanner	Cyber Security Awareness Month - Day 8 - Patch Management and System Updates
2010-10-06/a>	Rob VandenBrink	Cyber Security Awareness Month - Day 7 - Remote Access and Monitoring Tools
2010-10-06/a>	Marcus Sachs	Cyber Security Awareness Month - Day 6 - Computer Monitoring Tools
2010-10-05/a>	Rick Wanner	Cyber Security Awareness Month - Day 5 - Sites you should stay away from
2010-10-04/a>	Daniel Wesemann	Cyber Security Awareness Month - Day 4 - Managing EMail
2010-10-03/a>	Adrien de Beaupre	Canada's Cyber Security Strategy released today
2010-10-03/a>	Adrien de Beaupre	Cyber Security Awareness Month - Day 3 - Recognizing phishing and online scams
2010-10-02/a>	Mark Hofman	Cyber Security Awareness Month - Day 2 - Securing the Family Network
2010-10-01/a>	Marcus Sachs	Cyber Security Awareness Month - 2010
2010-10-01/a>	Marcus Sachs	Cyber Security Awareness Month - Day 1 - Securing the Family PC
2010-09-25/a>	Rick Wanner	Guest Diary: Andrew Hunt - Visualizing the Hosting Patterns of Modern Cybercriminals
2010-08-08/a>	Marcus Sachs	Thinking about Cyber Security Awareness Month in October
2010-03-23/a>	John Bambenek	The Top 10 Riskiest US Cities for Cybercrime
2010-03-07/a>	Mari Nichols	DHS issues Cybersecurity challenge
2010-01-12/a>	Johannes Ullrich	Baidu defaced - Domain Registrar Tampering
2009-10-29/a>	Kyle Haugsness	Cyber Security Awareness Month - Day 29 - dns port 53
2009-10-28/a>	Johannes Ullrich	Cyber Security Awareness Month - Day 28 - ntp (123/udp)
2009-10-25/a>	Lorna Hutcheson	Cyber Security Awareness Month - Day 25 - Port 80 and 443
2009-10-22/a>	Adrien de Beaupre	Cyber Security Awareness Month - Day 22 port 502 TCP - Modbus
2009-10-21/a>	Pedro Bueno	Cyber Security Awareness Month - Day 21 - Port 135
2009-10-19/a>	Daniel Wesemann	Cyber Security Awareness Month - Day 19 - ICMP
2009-10-18/a>	Mari Nichols	Computer Security Awareness Month - Day 18 - Telnet an oldie but a goodie
2009-10-16/a>	Adrien de Beaupre	Cyber Security Awareness Month - Day 16 - Port 1521 - Oracle TNS Listener
2009-10-11/a>	Mark Hofman	Cyber Security Awareness Month - Day 12 Ports 161/162 Simple Network Management Protocol (SNMP)
2009-10-09/a>	Rob VandenBrink	Cyber Security Awareness Month - Day 9 - Port 3389/tcp (RDP)
2009-10-06/a>	Adrien de Beaupre	Cyber Security Awareness Month - Day 6 ports 67&68 udp - bootp and dhcp
2009-10-05/a>	Adrien de Beaupre	Cyber Security Awareness Month - Day 5 port 31337
2009-10-02/a>	Stephen Hall	Cyber Security Awareness Month - Day 2 - Port 0
2009-07-09/a>	John Bambenek	Latest Updates on Ongoing DDoS on Governmental/Commercial Websites in USA and S. Korea
2009-05-30/a>	John Bambenek	Embedded Devices: An Avenue for Cyberterrorism?
2009-05-20/a>	Pedro Bueno	Cyber Warfare and Kylin thoughts
2009-03-08/a>	Marcus Sachs	Behind the Estonia Cyber Attacks
2008-09-21/a>	Mari Nichols	You still have time!
ATTACKS
2024-01-08/a>	Jesse La Grew	What is that User Agent?
2022-08-10/a>	Johannes Ullrich	And Here They Come Again: DNS Reflection Attacks
2021-02-01/a>	Rob VandenBrink	Taking a Shot at Reverse Shell Attacks, CNC Phone Home and Data Exfil from Servers
2019-08-25/a>	Guy Bruneau	Are there any Advantages of Buying Cyber Security Insurance?
2016-11-02/a>	Rob VandenBrink	What Does a Pentest Look Like?
2016-06-03/a>	Tom Liston	MySQL is YourSQL
2015-02-19/a>	Daniel Wesemann	DNS-based DDoS
2014-02-26/a>	Russ McRee	Ongoing NTP Amplification Attacks
2014-02-17/a>	Chris Mohan	NTP reflection attacks continue
2013-08-19/a>	Guy Bruneau	Business Risks and Cyber Attacks
2013-07-27/a>	Scott Fendley	Defending Against Web Server Denial of Service Attacks
2011-12-28/a>	Daniel Wesemann	Hash collisions vulnerability in web servers
2010-08-16/a>	Raul Siles	DDOS: State of the Art
2010-08-13/a>	Tom Liston	The Strange Case of Doctor Jekyll and Mr. ED
2010-01-29/a>	Johannes Ullrich	Analyzing isc.sans.org weblogs, part 2, RFI attacks
2009-02-25/a>	Swa Frantzen	Targeted link diversion attempts
2009-01-18/a>	Maarten Van Horenbeeck	Targeted social engineering
2008-12-03/a>	Andre Ludwig	New ISC Poll! Has your organization suffered a DDoS (Distributed Denial of Service) attack in the last year?

CYBER ATTACKS

CYBER

ATTACKS