Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Diaries by Keyword - SANS Internet Storm Center Diaries by Keyword

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title
2022-05-09Xavier MertensOctopus Backdoor is Back with a New Embedded Obfuscated Bat File
2022-03-18Johannes UllrichScans for Movable Type Vulnerability (CVE-2021-20837)
2021-12-15Xavier MertensSimple but Undetected PowerShell Backdoor
2021-11-21Didier StevensBackdooring PAM
2021-11-08Xavier Mertens(Ab)Using Security Tools & Controls for the Bad
2021-07-02Xavier Mertens"inception.py"... Multiple Base64 Encodings
2021-05-28Xavier MertensMalicious PowerShell Hosted on script.google.com
2020-12-24Xavier MertensMalicious Word Document Delivering an Octopus Backdoor
2020-12-10Xavier MertensPython Backdoor Talking to a C2 Through Ngrok
2020-11-25Xavier MertensLive Patching Windows API Calls Using PowerShell
2020-07-11Guy BruneauScanning Home Internet Facing Devices to Exploit
2018-12-16Guy BruneauRandom Port Scan for Open RDP Backdoor
2018-06-13Xavier MertensA Bunch of Compromized Wordpress Sites
2018-03-05Xavier MertensMalicious Bash Script with Multiple Features
2017-09-18Xavier MertensCCleaner 5.33 compromised - http://www.piriform.com/news/release-announcements/2017/9/18/security-notification-for-ccleaner-v5336162-and-ccleaner-cloud-v1073191-for-32-bit-windows-users
2017-09-14Xavier MertensAnother webshell, another backdoor!
2017-05-12Xavier MertensWhen Bad Guys are Pwning Bad Guys...
2017-02-28Xavier MertensAnalysis of a Simple PHP Backdoor
2016-01-21Jim ClausingScanning for Fortinet ssh backdoor
2015-06-26Daniel WesemannCisco default credentials - again!
2014-07-08Johannes UllrichHardcoded Netgear Prosafe Switch Password
2014-07-02Johannes UllrichCisco Unified Communications Domain Manager Update
2014-01-10Basil Alawi S.TaherCisco Small Business Devices backdoor fix
2014-01-02Johannes UllrichScans Increase for New Linksys Backdoor (32764/TCP)
2013-12-24Daniel WesemannUnfriendly crontab additions
2013-12-16Tom WebbThe case of Minerd
2013-11-05Daniel WesemannIs your vacuum cleaner sending spam?
2012-05-18Johannes UllrichZTE Score M Android Phone backdoor
2011-07-04Deborah HaleVSFTP Backdoor in Source Code
2010-12-15Johannes UllrichOpenBSD IPSec "Backdoor"
2010-12-02Kevin JohnsonProFTPD distribution servers compromised
2010-08-30Adrien de BeaupreApple QuickTime potential vulnerability/backdoor
2009-10-05Adrien de BeaupreCyber Security Awareness Month - Day 5 port 31337