Internet Storm Center
Sign In
Sign Up
Participate: Learn more about our honeypot network
https://isc.sans.edu/tools/honeypot/
Handler on Duty:
Jesse La Grew
Threat Level:
green
Date
Author
Title
DRIVE BY DOWNLOADS
2014-02-05
Johannes Ullrich
To Merrillville or Sochi: How Dangerous is it to travel?
DRIVE
2021-09-15/a>
Brad Duncan
Hancitor campaign abusing Microsoft's OneDrive
2018-06-16/a>
Russ McRee
Anomaly Detection & Threat Hunting with Anomalize
2016-07-03/a>
Guy Bruneau
Is Data Privacy part of your Company's Culture?
2014-02-05/a>
Johannes Ullrich
To Merrillville or Sochi: How Dangerous is it to travel?
2013-08-14/a>
Johannes Ullrich
Imaging LUKS Encrypted Drives
2010-03-24/a>
Johannes Ullrich
".sys" Directories Delivering Driveby Downloads
2010-01-06/a>
Guy Bruneau
Secure USB Flaw Exposed
BY
2024-02-12/a>
Johannes Ullrich
Exploit against Unnamed "Bytevalue" router vulnerability included in Mirai Bot
2023-08-17/a>
Jesse La Grew
Command Line Parsing - Are These Really Unique Strings?
2022-09-22/a>
Xavier Mertens
RAT Delivered Through FODHelper
2022-06-28/a>
Johannes Ullrich
Possible Scans for HiByMusic Devices
2022-06-04/a>
Guy Bruneau
Spam Email Contains a Very Large ISO file
2022-05-20/a>
Xavier Mertens
A 'Zip Bomb' to Bypass Security Controls & Sandboxes
2021-06-15/a>
Johannes Ullrich
Multi Perimeter Device Exploit Mirai Version Hunting For Sonicwall, DLink, Cisco and more
2020-12-29/a>
Jan Kopriva
Want to know what's in a folder you don't have a permission to access? Try asking your AV solution...
2020-11-25/a>
Xavier Mertens
Live Patching Windows API Calls Using PowerShell
2020-10-14/a>
Xavier Mertens
Nicely Obfuscated Python RAT
2020-04-04/a>
Didier Stevens
New Bypass Technique or Corrupt Word Document?
2019-12-26/a>
Xavier Mertens
Bypassing UAC to Install a Cryptominer
2019-12-14/a>
Didier Stevens
(Lazy) Sunday Maldoc Analysis: A Bit More ...
2019-11-08/a>
Xavier Mertens
Microsoft Apps Diverted from Their Main Use
2019-07-25/a>
Rob VandenBrink
When Users Attack! Users (and Admins) Thwarting Security Controls
2017-03-05/a>
Didier Stevens
Another example of maldoc string obfuscation, with extra bonus: UAC bypass
2016-12-13/a>
Xavier Mertens
UAC Bypass in JScript Dropper
2016-11-16/a>
Xavier Mertens
Example of Getting Analysts & Researchers Away
2015-06-16/a>
John Bambenek
CVE-2014-4114 and an Interesting AV Bypass Technique
2015-01-27/a>
Johannes Ullrich
New Critical GLibc Vulnerability CVE-2015-0235 (aka GHOST)
2014-07-28/a>
Guy Bruneau
Management and Control of Mobile Device Security
2014-03-13/a>
Daniel Wesemann
Identification and authentication are hard ... finding out intention is even harder
2014-02-05/a>
Johannes Ullrich
To Merrillville or Sochi: How Dangerous is it to travel?
2013-09-18/a>
Rob VandenBrink
Cisco DCNM Update Released
2013-06-27/a>
Tony Carothers
Ruby Update for SSL Vulnerability
2013-01-09/a>
Rob VandenBrink
SQL Injection Flaw in Ruby on Rails
2012-05-08/a>
Bojan Zdrnja
Windows Firewall Bypass Vulnerability and NetBIOS NS
2010-03-24/a>
Johannes Ullrich
".sys" Directories Delivering Driveby Downloads
2008-04-22/a>
donald smith
Symantec decomposer rar bypass allowed malicious content.
DOWNLOADS
2014-02-05/a>
Johannes Ullrich
To Merrillville or Sochi: How Dangerous is it to travel?
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
Make the web a better place by
sharing the SANS Internet Storm Center
with others
