| 2025-02-27 | Xavier Mertens | Njrat Campaign Using Microsoft Dev Tunnels |
| 2023-08-25 | Xavier Mertens | Python Malware Using Postgresql for C2 Communications |
| 2022-10-24 | Xavier Mertens | C2 Communications Through outlook.com |
| 2022-10-07 | Xavier Mertens | Powershell Backdoor with DGA Capability |
| 2021-11-07 | Didier Stevens | Video: Decrypting Cobalt Strike Traffic With Keys Extracted From Process Memory |
| 2021-11-06 | Didier Stevens | Decrypting Cobalt Strike Traffic With Keys Extracted From Process Memory |
| 2021-10-25 | Didier Stevens | Decrypting Cobalt Strike Traffic With a "Leaked" Private Key |
| 2021-08-20 | Xavier Mertens | Waiting for the C2 to Show Up |
| 2021-05-28 | Xavier Mertens | Malicious PowerShell Hosted on script.google.com |
| 2021-04-02 | Xavier Mertens | C2 Activity: Sandboxes or Real Victims? |
| 2021-03-19 | Xavier Mertens | Pastebin.com Used As a Simple C2 Channel |
| 2020-12-10 | Xavier Mertens | Python Backdoor Talking to a C2 Through Ngrok |
| 2018-06-15 | Lorna Hutcheson | SMTP Strangeness - Possible C2 |
| 2014-02-27 | Richard Porter | DDoS and BCP 38 |
| 2012-05-16 | Johannes Ullrich | Got Packets? Odd duplicate DNS replies from 10.x IP Addresses |
| 2010-02-17 | Rob VandenBrink | Defining Clouds - " A Cloud by any Other Name Would be a Lot Less Confusing" |
| 2008-04-22 | donald smith | XP SP3 RC2 Available |
