Internet Storm Center
Sign In
Sign Up
SANS Network Security: Las Vegas Sept 4-9.
Handler on Duty:
Guy Bruneau
Threat Level:
green
Date
Author
Title
FAKE SITE
2021-08-04
Yee Ching Tok
Pivoting and Hunting for Shenanigans from a Reported Phishing Domain
FAKE
2024-01-24/a>
Johannes Ullrich
How Bad User Interfaces Make Security Tools Harmful
2022-03-02/a>
Johannes Ullrich
The More Often Something is Repeated, the More True It Becomes: Dealing with Social Media
2022-01-03/a>
Xavier Mertens
McAfee Phishing Campaign with a Nice Fake Scan
2021-08-04/a>
Yee Ching Tok
Pivoting and Hunting for Shenanigans from a Reported Phishing Domain
2020-04-18/a>
Guy Bruneau
Maldoc Falsely Represented as DOCX Invoice Redirecting to Fake Apple Store
2020-02-05/a>
Brad Duncan
Fake browser update pages are "still a thing"
2019-04-07/a>
Guy Bruneau
Fake Office 365 Payment Information Update
2019-04-02/a>
Johannes Ullrich
Fake AV is Back: LaCie Network Drives Used to Spread Malware
2019-03-21/a>
Xavier Mertens
New Wave of Extortion Emails: Central Intelligence Agency Case
2017-07-07/a>
Renato Marinho
DDoS Extortion E-mail: Yet Another Bluff?
2016-05-12/a>
Xavier Mertens
Another Day, Another Wave of Phishing Emails
2015-09-28/a>
Johannes Ullrich
"Transport of London" Malicious E-Mail
2014-02-21/a>
Johannes Ullrich
UPS Malware Spam Using Fake SPF Headers
2013-04-29/a>
Adam Swanger
Report Fake Tech Support Calls submission form reminder
2013-04-16/a>
John Bambenek
Fake Boston Marathon Scams Update
2013-01-03/a>
Manuel Humberto Santander Pelaez
New year and new CA compromised
2012-12-06/a>
Daniel Wesemann
Fake tech support calls - revisited
2012-10-03/a>
Kevin Shortt
Fake Support Calls Reported
2012-06-19/a>
Daniel Wesemann
Vulnerabilityqueerprocessbrittleness
2011-07-25/a>
Bojan Zdrnja
When the FakeAV coder(s) fail
2011-07-21/a>
Daniel Wesemann
Down the FakeAV rabbit hole
2011-05-19/a>
Daniel Wesemann
Fake AV Bingo
2011-05-04/a>
Bojan Zdrnja
More on Google image poisoning
2011-01-18/a>
Daniel Wesemann
Yet another rogue anti-virus
2010-11-11/a>
Daniel Wesemann
Fake AV scams via Skype Chat
2010-02-27/a>
Johannes Ullrich
Search Engine Poisoning: Chile Earthquake
2010-02-15/a>
Johannes Ullrich
Various Olympics Related Dangerous Google Searches
2010-02-08/a>
Adrien de Beaupre
When is a 0day not a 0day? Fake OpenSSh exploit, again.
2010-01-08/a>
Rob VandenBrink
Microsoft OfficeOnline, Searching for Trust and Malware
2009-09-17/a>
Bojan Zdrnja
Why is Rogue/Fake AV so successful?
2009-09-04/a>
Adrien de Beaupre
Fake anti-virus
2009-02-06/a>
Adrien de Beaupre
Fake stimulus payments
2008-09-15/a>
donald smith
Fake antivirus 2009 and search engine results
SITE
2023-12-11/a>
Rob VandenBrink
What is sitemap.xml, and Why a Pentester Should Care
2021-08-04/a>
Yee Ching Tok
Pivoting and Hunting for Shenanigans from a Reported Phishing Domain
2021-06-24/a>
Xavier Mertens
Do you Like Cookies? Some are for sale!
2018-11-17/a>
Xavier Mertens
Quickly Investigating Websites with Lookyloo
2017-07-19/a>
Xavier Mertens
Bots Searching for Keys & Config Files
2017-04-07/a>
Xavier Mertens
Tracking Website Defacers with HTTP Referers
2017-01-14/a>
Xavier Mertens
Backup Files Are Good but Can Be Evil
2016-01-29/a>
Xavier Mertens
Scripting Web Categorization
2014-08-09/a>
Adrien de Beaupre
Complete application ownage via Multi-POST XSRF
2014-06-11/a>
Daniel Wesemann
Gimme your keys!
2013-02-22/a>
Johannes Ullrich
When web sites go bad: bible . org compromise
2013-02-11/a>
John Bambenek
Is This Chinese Registrar Really Trying to XSS Me?
2013-02-04/a>
Russ McRee
An expose of a recent SANS GIAC XSS vulnerability
2013-01-25/a>
Johannes Ullrich
Vulnerability Scans via Search Engines (Request for Logs)
2011-08-24/a>
Rob VandenBrink
Citrix Access Gateway Cross Site Scripting vulnerability and fix ==> http://support.citrix.com/article/CTX129971
2010-08-13/a>
Tom Liston
The Strange Case of Doctor Jekyll and Mr. ED
2010-04-26/a>
Raul Siles
Vulnerable Sites Database
2009-08-18/a>
Deborah Hale
Domain tcpdump.org unavailable
2009-08-18/a>
Deborah Hale
Website compromises - what's happening?
2009-05-27/a>
donald smith
Host file black lists
2009-05-05/a>
Bojan Zdrnja
Every dot matters
2008-08-02/a>
Maarten Van Horenbeeck
Issues affecting sites using Sitemeter [resolved]
2008-06-07/a>
Jim Clausing
Followup to 'How do you monitor your website?'
2008-04-24/a>
donald smith
Hundreds of thousands of SQL injections
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
Learn
about the Internet Storm Center
and our
volunteer InfoSec handlers