Date Author Title

ANGLER EK

2016-08-31Deborah HaleAngler Exploit Kits Reported
2016-04-21Daniel WesemannDecoding Pseudo-Darkleech (#1)
2016-04-21Daniel WesemannDecoding Pseudo-Darkleech (Part #2)
2015-07-27Daniel WesemannAngler's best friends
2015-04-02Brad DuncanAngler Exploit Kit - Recent Traffic Patterns

ANGLER

2016-08-31/a>Deborah HaleAngler Exploit Kits Reported
2016-04-21/a>Daniel WesemannDecoding Pseudo-Darkleech (#1)
2016-04-21/a>Daniel WesemannDecoding Pseudo-Darkleech (Part #2)
2015-07-27/a>Daniel WesemannAngler's best friends
2015-04-02/a>Brad DuncanAngler Exploit Kit - Recent Traffic Patterns

EK

2024-11-26/a>Jesse La Grew[Guest Diary] Using Zeek, Snort, and Grafana to Detect Crypto Mining Malware
2023-03-28/a>Jesse La GrewNetwork Data Collector Placement Makes a Difference
2023-02-12/a>Jesse La GrewPCAP Data Analysis with Zeek
2022-08-14/a>Johannes UllrichRealtek SDK SIP ALG Vulnerability: A Big Deal, but not much you can do about it. CVE 2022-27255
2022-02-03/a>Johannes UllrichKeeping Track of Your Attack Surface for Cheap
2021-04-10/a>Guy BruneauBuilding an IDS Sensor with Suricata & Zeek with Logs to ELK
2021-01-15/a>Brad DuncanThrowback Friday: An Example of Rig Exploit Kit
2020-11-16/a>Jan KoprivaHeartbleed, BlueKeep and other vulnerabilities that didn't disappear just because we don't talk about them anymore
2019-11-10/a>Jan KoprivaDid the recent malicious BlueKeep campaign have any positive impact when it comes to patching?
2019-11-05/a>Rick WannerBluekeep exploitation causing Bluekeep vulnerability scan to fail
2019-08-14/a>Brad DuncanRecent example of MedusaHTTP malware
2019-08-05/a>Rick WannerScanning for Bluekeep vulnerable RDP instances
2019-05-22/a>Johannes UllrichAn Update on the Microsoft Windows RDP "Bluekeep" Vulnerability (CVE-2019-0708) [now with pcaps]
2017-02-09/a>Brad DuncanCryptoShield Ransomware from Rig EK
2016-08-31/a>Deborah HaleAngler Exploit Kits Reported
2016-04-21/a>Daniel WesemannDecoding Pseudo-Darkleech (#1)
2016-04-21/a>Daniel WesemannDecoding Pseudo-Darkleech (Part #2)
2015-07-27/a>Daniel WesemannAngler's best friends
2015-05-03/a>Russ McReeVolDiff, for memory image differential analysis
2015-04-02/a>Brad DuncanAngler Exploit Kit - Recent Traffic Patterns
2015-04-01/a>Brad DuncanRig Exploit Kit Changes Traffic Patterns
2014-03-07/a>Tom WebbLinux Memory Dump with Rekall
2014-03-02/a>Stephen HallSunday Reading
2009-10-02/a>Stephen HallNew SysInternal fun for the weekend