Date Author Title

100 IPS PER DOMAIN NAME

2013-12-21Guy BruneauStrange DNS Queries - Request for Packets

100

2013-12-21/a>Guy BruneauStrange DNS Queries - Request for Packets
2011-04-28/a>Chris MohanGathering and use of location information fears - or is it all a bit too late
2010-06-02/a>Mark HofmanOpenSSL version 1.0.0a released. This fixes a number of security issues. Don't forget a number of commercial appliances will be using this, so look for vendor updates soon.
2010-04-22/a>Guy BruneauMS10-025 Security Update has been Pulled
2010-04-16/a>G. N. WhiteMS10-021: Encountering A Failed WinXP Update
2010-03-03/a>Mark HofmanMS10-015 re-released
2010-02-19/a>Mark HofmanMS10-015 may cause Windows XP to blue screen (but only if you have malware on it)
2010-01-19/a>Jim ClausingThe IE saga continues, out-of-cycle patch coming soon
2010-01-15/a>Kevin ListonExploit code available for CVE-2010-0249
2006-10-10/a>Kyle HaugsnessMS06-063: Mailslot DoS (Server service)
2006-10-10/a>Johannes UllrichMS06-056: ASP.NET XSS Information Disclosure Vulnerability (moderate)
2006-10-10/a>Johannes UllrichMS06-061: XSLT/MSXML Buffer Overflow Code Execution Vulnerability (moderate)

IPS

2020-11-06/a>Johannes UllrichRediscovering Limitations of Stateful Firewalls: "NAT Slipstreaming" ? Implications, Detections and Mitigations
2020-07-28/a>Johannes UllrichAll I want this Tuesday: More Data
2017-10-25/a>Mark HofmanDUHK attack, continuing a week of named issues
2017-04-02/a>Guy BruneauIPFire - A Household Multipurpose Security Gateway
2014-04-03/a>Bojan ZdrnjaWatching the watchers
2013-12-21/a>Guy BruneauStrange DNS Queries - Request for Packets
2013-10-25/a>Rob VandenBrinkKaspersky flags TCPIP.SYS as Malware
2013-09-05/a>Rob VandenBrinkWhat's Next for IPS?
2012-12-06/a>Johannes UllrichHow to identify if you are behind a "Transparent Proxy"
2012-10-04/a>Johannes UllrichCyber Security Awareness Month - Day 4: Crypto Standards
2012-07-18/a>Rob VandenBrinkSnort Updated today
2011-12-21/a>Chris MohanThe off switch
2010-11-08/a>Manuel Humberto Santander PelaezNetwork Security Perimeter: How to choose the correct firewall and IPS for your environment?
2010-08-01/a>Manuel Humberto Santander PelaezEvation because IPS fails to validate TCP checksums?
2010-06-15/a>Manuel Humberto Santander PelaezTCP evasions for IDS/IPS
2009-03-24/a>G. N. WhitePSYB0T: A MIPS-device (mipsel) IRC Bot
2009-03-22/a>Mari NicholsDealing with Security Challenges
2008-06-18/a>Chris CarboniCisco Security Advisory

PER

2024-10-24/a>Johannes UllrichDevelopment Features Enabled in Prodcution
2024-10-09/a>Xavier MertensFrom Perfctl to InfoStealer
2024-06-20/a>Guy BruneauNo Excuses, Free Tools to Help Secure Authentication in Ubuntu Linux [Guest Diary]
2024-02-29/a>Jesse La Grew[Guest Diary] Dissecting DarkGate: Modular Malware Delivery and Persistence as a Service.
2023-06-24/a>Guy BruneauEmail Spam with Attachment Modiloader
2023-05-16/a>Jesse La GrewSignals Defense With Faraday Bags & Flipper Zero
2023-05-14/a>Guy BruneauVMware Aria Operations addresses multiple Local Privilege Escalations and a Deserialization issue
2022-10-17/a>Xavier MertensFileless Powershell Dropper
2022-09-22/a>Xavier MertensRAT Delivered Through FODHelper
2022-03-04/a>Johannes UllrichScam E-Mail Impersonating Red Cross
2022-02-11/a>Xavier MertensCinaRAT Delivered Through HTML ID Attributes
2022-01-31/a>Xavier MertensBe careful with RPMSG files
2021-12-21/a>Xavier MertensMore Undetected PowerShell Dropper
2021-10-30/a>Guy BruneauRemote Desktop Protocol (RDP) Discovery
2021-07-20/a>Bojan ZdrnjaSummer of SAM - incorrect permissions on Windows 10/11 hives
2021-03-16/a>Jan Kopriva50 years of malware? Not really. 50 years of computer worms? That's a different story...
2021-03-04/a>Xavier MertensFrom VBS, PowerShell, C Sharp, Process Hollowing to RAT
2020-12-29/a>Jan KoprivaWant to know what's in a folder you don't have a permission to access? Try asking your AV solution...
2020-11-19/a>Xavier MertensPowerShell Dropper Delivering Formbook
2020-08-25/a>Xavier MertensKeep An Eye on LOLBins
2020-06-11/a>Xavier MertensAnti-Debugging JavaScript Techniques
2020-03-15/a>Guy BruneauVPN Access and Activity Monitoring
2019-12-04/a>Jan KoprivaAnalysis of a strangely poetic malware
2019-08-22/a>Xavier MertensSimple Mimikatz & RDPWrapper Dropper
2019-02-17/a>Didier StevensVideo: Finding Property Values in Office Documents
2019-02-16/a>Didier StevensFinding Property Values in Office Documents
2018-11-26/a>Russ McReeViperMonkey: VBA maldoc deobfuscation
2018-11-04/a>Pasquale StirparoBeyond good ol' LaunchAgent - part 1
2018-10-21/a>Pasquale StirparoBeyond good ol’ LaunchAgent - part 0
2018-05-07/a>Xavier MertensAdding Persistence Via Scheduled Tasks
2018-01-10/a>Russ McReeGitHub InfoSec Threepeat: HELK, ptf, and VulnWhisperer
2017-11-07/a>Xavier MertensInteresting VBA Dropper
2017-08-10/a>Didier StevensMaldoc Analysis with ViperMonkey
2016-07-27/a>Xavier MertensCritical Xen PV guests vulnerabilities
2015-12-22/a>Rick WannerThe other Juniper vulnerability - CVE-2015-7756
2015-02-17/a>Rob VandenBrinkA Different Kind of Equation
2014-08-23/a>Guy BruneauNSS Labs Cyber Resilience Report
2014-01-01/a>Russ McReeSix degrees of celebration: Juniper, ANT, Shodan, Maltego, Cisco, and Tails
2013-12-21/a>Guy BruneauStrange DNS Queries - Request for Packets
2013-12-16/a>Tom WebbThe case of Minerd
2013-10-26/a>Guy BruneauActive Perl/Shellbot Trojan
2013-10-25/a>Rob VandenBrinkKaspersky flags TCPIP.SYS as Malware
2013-09-05/a>Rob VandenBrinkBuilding Your Own GPU Enabled Private Cloud
2013-04-25/a>Adam SwangerGuest Diary: Dylan Johnson - A week in the life of some Perimeter Firewalls
2013-03-13/a>Johannes UllrichIPv6 Focus Month: Kaspersky Firewall IPv6 Vulnerability
2013-02-25/a>Johannes UllrichTrustwave Trustkeeper Phish
2013-02-25/a>Johannes UllrichPunkspider enumerates web application vulnerabilities
2013-02-04/a>Adam SwangerSAN Securing The Human Monthly Awareness Video - Advanced Persistent Threat (APT) http://www.securingthehuman.org/resources/ncsam
2013-01-15/a>Rob VandenBrinkWhen Disabling IE6 (or Java, or whatever) is not an Option...
2012-09-19/a>Russ McReeScript kiddie scavenging with Shellbot.S
2012-08-02/a>Guy BruneauOpera Security Update
2012-05-06/a>Jim ClausingTool updates and Win 8
2012-03-27/a>Guy BruneauOpera 11.62 for Windows patch several bugs and vulnerabilities - http://www.opera.com/docs/changelogs/windows/1162/
2011-11-07/a>Rob VandenBrinkJuniper BGP issues causing locallized Internet Problems
2011-06-28/a>Johannes UllrichUpdate: Opera 11.50 is now available http://www.opera.com/
2011-06-04/a>Rick WannerDo you have a personal disaster recovery plan?
2011-03-16/a>Johannes UllrichAnalyzing HTTP Packet Captures
2011-02-21/a>Adrien de BeaupreKaspersky update servers unreachable
2011-02-19/a>Guy BruneauSnort Data Acquisition Library
2011-01-27/a>Chris CarboniOpera Updates
2011-01-12/a>Richard PorterHow Many Loyalty Cards do you Carry?
2010-11-08/a>Manuel Humberto Santander PelaezNetwork Security Perimeter: How to choose the correct firewall and IPS for your environment?
2010-10-12/a>Adrien de BeaupreNew version of Opera- Opera 10.63 is a recommended upgrade offering security and stability enhancements: http://www.opera.com/browser/download/
2010-09-09/a>Jim ClausingOpera 10.62 - security (the DLL path issue) and stability upate see http://www.opera.com/docs/changelogs/windows/1062/
2010-08-19/a>Daniel WesemannCasper the unfriendly ghost
2010-06-23/a>Scott FendleyOpera Browser Update
2010-05-22/a>Rick WannerSANS 2010 Digital Forensics Summit - APT Based Forensic Challenge
2010-03-22/a>Guy BruneauNew Opera 10.51 available with security fixes. More information available at: http://www.opera.com/docs/changelogs/windows/1051/
2010-03-05/a>Kyle HaugsnessUnpatched Opera 10.50 and below code execution vulnerability
2009-09-01/a>Guy BruneauOpera 10 with Security Fixes
2009-03-03/a>Kyle HaugsnessOpera browser security updates
2009-03-01/a>Jim ClausingCool combination of tools
2008-12-17/a>donald smithOpera 9.6.3 released with security fixes
2008-10-30/a>Kevin ListonOpera 9.62 available - security update
2008-10-22/a>Mari NicholsOpera 9.6.1 Released
2008-08-20/a>Adrien de BeaupreFrom the mailbag, Opera 9.52...
2008-07-03/a>Bojan ZdrnjaNew Opera v9.51 fixes couple of security issues
2008-07-02/a>Jim ClausingAnother little script I threw together
2008-06-16/a>Kevin ListonOpera 9.5 is Available
2008-06-10/a>Swa FrantzenRansomware keybreaking
2008-04-03/a>Bojan ZdrnjaOpera fixes vulnerabilities and Microsoft announces April's fixes
2006-11-29/a>Toby KohlenbergNew Vulnerability Announcement and patches from Apple

DOMAIN

2023-12-31/a>Tom WebbPi-Hole Pi4 Docker Deployment
2023-10-15/a>Guy BruneauDomain Name Used as Password Captured by DShield Sensor
2022-10-07/a>Xavier MertensPowershell Backdoor with DGA Capability
2022-06-21/a>Johannes UllrichExperimental New Domain / Domain Age API
2022-02-24/a>Xavier MertensUkraine & Russia Situation From a Domain Names Perspective
2021-09-02/a>Xavier MertensAttackers Will Always Abuse Major Events in our Lifes
2021-07-24/a>Bojan ZdrnjaActive Directory Certificate Services (ADCS - PKI) domain admin vulnerability
2020-03-28/a>Didier StevensCovid19 Domain Classifier
2020-03-27/a>Johannes UllrichHelp us classify Covid19 related domains https://isc.sans.edu/covidclassifier.html (login required)
2019-07-17/a>Xavier MertensAnalyzis of DNS TXT Records
2019-04-24/a>Rob VandenBrinkWhere have all the Domain Admins gone? Rooting out Unwanted Domain Administrators
2019-03-27/a>Xavier MertensRunning your Own Passive DNS Service
2017-12-13/a>Xavier MertensTracking Newly Registered Domains
2017-11-16/a>Xavier MertensSuspicious Domains Tracking Dashboard
2017-07-05/a>Didier StevensSelecting domains with random names
2017-05-20/a>Xavier MertensTyposquatting: Awareness and Hunting
2014-07-09/a>Daniel WesemannWho owns your typo?
2014-01-30/a>Johannes UllrichNew gTLDs appearing in the root zone
2013-12-21/a>Guy BruneauStrange DNS Queries - Request for Packets
2012-03-13/a>Lenny ZeltserPlease transfer this email to your CEO or appropriate person, thanks
2009-05-02/a>Rick WannerMore Swine/Mexican/H1N1 related domains
2009-04-27/a>Johannes UllrichSwine Flu (Mexican Flu) related domains

NAME

2024-10-16/a>Johannes UllrichThe Top 10 Not So Common SSH Usernames and Passwords
2023-12-31/a>Tom WebbPi-Hole Pi4 Docker Deployment
2023-10-15/a>Guy BruneauDomain Name Used as Password Captured by DShield Sensor
2023-09-05/a>Jesse La GrewCommon usernames submitted to honeypots
2022-06-03/a>Xavier MertensSandbox Evasion... With Just a Filename!
2022-02-24/a>Xavier MertensUkraine & Russia Situation From a Domain Names Perspective
2021-04-24/a>Guy BruneauBase64 Hashes Used in Web Scanning
2020-12-05/a>Guy BruneauIs IP 91.199.118.137 testing Access to aahwwx.52host.xyz?
2020-03-21/a>Guy BruneauHoneypot - Scanning and Targeting Devices & Services
2015-01-27/a>Johannes UllrichNew Critical GLibc Vulnerability CVE-2015-0235 (aka GHOST)
2014-07-09/a>Daniel WesemannWho owns your typo?
2013-12-21/a>Guy BruneauStrange DNS Queries - Request for Packets
2012-03-13/a>Lenny ZeltserPlease transfer this email to your CEO or appropriate person, thanks
2011-09-04/a>Lorna HutchesonSeveral Sites Defaced
2008-05-19/a>Maarten Van HorenbeeckRoute filtering and its impact on the DNS fabric