Internet Storm Center
Sign In
Sign Up
SANS Network Security: Las Vegas Sept 4-9.
Handler on Duty:
Johannes Ullrich
Threat Level:
green
Date
Author
Title
2022-04-20
Brad Duncan
"aa" distribution Qakbot (Qbot) infection with DarkVNC traffic
2021-12-02
Brad Duncan
TA551 (Shathak) pushes IcedID (Bokbot)
2021-09-01
Brad Duncan
STRRAT: a Java-based RAT that doesn't care if you have Java
2021-03-03
Brad Duncan
Qakbot infection with Cobalt Strike
2021-02-03
Brad Duncan
Excel spreadsheets push SystemBC malware
2021-01-26
Brad Duncan
TA551 (Shathak) Word docs push Qakbot (Qbot)
2021-01-20
Brad Duncan
Qakbot activity resumes after holiday break
2021-01-13
Brad Duncan
Hancitor activity resumes after a hoilday break
2020-12-09
Brad Duncan
Recent Qakbot (Qbot) activity
2020-10-26
Didier Stevens
Excel 4 Macros: "Abnormal Sheet Visibility"
2020-10-14
Brad Duncan
More TA551 (Shathak) Word docs push IcedID (Bokbot)
2020-08-07
Brad Duncan
TA551 (Shathak) Word docs push IcedID (Bokbot)
2020-07-15
Brad Duncan
Word docs with macros for IcedID (Bokbot)
2020-07-10
Brad Duncan
Excel spreasheet macro kicks off Formbook infection
2020-06-10
Brad Duncan
Job application-themed malspam pushes ZLoader
2020-06-01
Didier Stevens
XLMMacroDeobfuscator: An Update
2020-05-20
Brad Duncan
Microsoft Word document with malicious macro pushes IcedID (Bokbot)
2020-04-05
Guy Bruneau
Maldoc XLS Invoice with Excel 4 Macros
2020-03-29
Didier Stevens
Obfuscated Excel 4 Macros
2020-03-09
Didier Stevens
Malicious Spreadsheet With Data Connection and Excel 4 Macros
2020-02-24
Didier Stevens
Maldoc: Excel 4 Macros and VBA, Devil and Angel?
2020-02-23
Didier Stevens
Maldoc: Excel 4 Macros in OOXML Format
2019-06-18
Brad Duncan
Malspam with password-protected Word docs pushing Dridex
2019-03-17
Didier Stevens
Video: Maldoc Analysis: Excel 4.0 Macro
2019-03-16
Didier Stevens
Maldoc: Excel 4.0 Macros
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
Follow updates by subscribing to the handler's
diary RSS feed