Date Author Title
2024-01-02Johannes UllrichFingerprinting SSH Identification Strings
2023-10-03Tom WebbAre Local LLMs Useful in Incident Response?
2023-05-24Tom WebbIR Case/Alert Management
2023-01-26Tom WebbLive Linux IR with UAC
2022-06-02Johannes UllrichQuick Answers in Incident Response: RECmd.exe
2022-03-22Johannes UllrichStatement by President Biden: What you need to do (or not do)
2021-12-06Xavier MertensThe Importance of Out-of-Band Networks
2021-05-08Guy BruneauWho is Probing the Internet for Research Purposes?
2021-02-26Guy BruneauPretending to be an Outlook Version Update
2020-10-24Guy BruneauAn Alternative to Shodan, Censys with User-Agent CensysInspect/1.1
2020-09-17Xavier MertensSuspicious Endpoint Containment with OSSEC
2019-08-25Guy BruneauAre there any Advantages of Buying Cyber Security Insurance?
2017-12-05Tom WebbIR using the Hive Project.
2017-10-30Johannes UllrichCritical Patch For Oracle's Identity Manager
2017-09-17Guy BruneaurockNSM as a Incident Response Package
2017-06-17Guy BruneauMapping Use Cases to Logs. Which Logs are the Most Important to Collect?
2017-03-25Russell EubanksDistraction as a Service
2016-09-02Johannes UllrichApple Patches "Trident" Vulnerabilities in OS X / Safari
2016-08-24Tom WebbStay on Track During IR
2015-12-04Tom WebbAutomating Phishing Analysis using BRO
2015-04-27Richard PorterWhen Prevention Fails, Incident Response Begins
2015-03-07Guy BruneauShould it be Mandatory to have an Independent Security Audit after a Breach?
2014-12-24Rick WannerIncident Response at Sony
2014-09-12Chris MohanAre credential dumps worth reviewing?
2014-08-16Lenny ZeltserWeb Server Attack Investigation - Installing a Bot and Reverse Shell via a PHP Vulnerability
2014-08-10Basil Alawi S.TaherIncident Response with Triage-ir
2014-04-04Rob VandenBrinkDealing with Disaster - A Short Malware Incident Response
2014-03-22Guy BruneauHow the Compromise of a User Account Lead to a Spam Incident
2014-03-13Daniel WesemannIdentification and authentication are hard ... finding out intention is even harder
2014-01-23Chris MohanLearning from the breaches that happens to others Part 2
2014-01-22Chris MohanLearning from the breaches that happens to others
2013-12-10Rob VandenBrinkThose Look Just Like Hashes!
2013-05-08Chris MohanSyria drops from Internet 7th May 2013
2013-03-02Scott FendleyEvernote Security Issue
2012-12-18Dan GoldbergMitigating the impact of organizational change: a risk assessment
2012-12-13Johannes UllrichWhat if Tomorrow Was the Day?
2012-11-16Manuel Humberto Santander PelaezInformation Security Incidents are now a concern for colombian government
2012-04-23Russ McReeEmergency Operations Centers & Security Incident Management: A Correlation
2011-10-29Richard PorterThe Sub Critical Control? Evidence Collection
2011-10-28Russ McReeCritical Control 19: Data Recovery Capability
2011-10-27Mark BaggettCritical Control 18: Incident Response Capabilities
2011-09-13Swa FrantzenGlobalSign back in operation
2011-07-25Chris MohanMonday morning incident handler practice
2011-07-09Chris MohanSafer Windows Incident Response
2011-06-03Guy BruneauSonyPictures Site Compromised
2011-04-25Rob VandenBrinkSony PlayStation Network Outage - Day 5
2011-03-25Kevin ListonAPT Tabletop Exercise
2011-03-22Chris MohanRead only USB stick trick
2011-01-12Richard PorterHow Many Loyalty Cards do you Carry?
2010-10-18Manuel Humberto Santander PelaezCyber Security Awareness Month - Day 18 - What you should tell your boss when there's a crisis
2010-09-04Kevin ListonInvestigating Malicious Website Reports
2010-08-04Tom ListonIncident Reporting - Liston's "How-To" Guide
2010-03-21Chris CarboniResponding To The Unexpected
2010-01-22Mari NicholsPass-down for a Successful Incident Response
2009-10-31Rick WannerCyber Security Awareness Month - Day 31, ident
2009-06-11Rick WannerMIR-ROR Motile Incident Response - Respond Objectively Remediate
2009-05-01Adrien de BeaupreIncident Management
2009-04-16Adrien de BeaupreIncident Response vs. Incident Handling
2008-10-29Deborah HaleDay 29 - Should I Switch Software Vendors?
2008-03-12Joel EslerDon't use G-Archiver
2006-09-29Kevin ListonA Report from the Field