Date Author Title

MAIL FORWARDING RULES

2020-08-20Rob VandenBrinkOffice 365 Mail Forwarding Rules (and other Mail Rules too)

MAIL

2024-12-05/a>Jesse La Grew[Guest Diary] Business Email Compromise
2024-02-05/a>Jesse La GrewPublic Information and Email Spam
2023-12-23/a>Xavier MertensPython Keylogger Using Mailtrap.io
2023-03-12/a>Guy BruneauAsynRAT Trojan - Bill Payment (Pago de la factura)
2023-02-18/a>Guy BruneauSpear Phishing Handlers for Username/Password
2023-01-05/a>Brad DuncanMore Brazil malspam pushing Astaroth (Guildma) in January 2023
2022-12-30/a>Jan KoprivaSPF and DMARC use on GOV domains in different ccTLDs
2022-08-13/a>Guy BruneauPhishing HTML Attachment as Voicemail Audio Transcription
2022-05-07/a>Guy BruneauPhishing PDF Received in my ISC Mailbox
2022-05-05/a>Brad DuncanPassword-protected Excel spreadsheet pushes Remcos RAT
2022-03-04/a>Johannes UllrichScam E-Mail Impersonating Red Cross
2021-11-14/a>Didier StevensExternal Email System FBI Compromised: Sending Out Fake Warnings
2021-10-26/a>Yee Ching TokHunting for Phishing Sites Masquerading as Outlook Web Access
2021-10-22/a>Brad DuncanOctober 2021 Contest: Forensic Challenge
2021-05-22/a>Xavier Mertens"Serverless" Phishing Campaign
2021-03-05/a>Xavier MertensSpam Farm Spotted in the Wild
2021-02-26/a>Guy BruneauPretending to be an Outlook Version Update
2021-02-10/a>Brad DuncanPhishing message to the ISC handlers email distro
2020-11-18/a>Xavier MertensWhen Security Controls Lead to Security Issues
2020-10-31/a>Didier StevensMore File Selection Gaffes
2020-10-22/a>Jan KoprivaBazarLoader phishing lures: plan a Halloween party, get a bonus and be fired in the same afternoon
2020-10-09/a>Jan KoprivaPhishing kits as far as the eye can see
2020-09-21/a>Jan KoprivaSlightly broken overlay phishing
2020-08-20/a>Rob VandenBrinkOffice 365 Mail Forwarding Rules (and other Mail Rules too)
2020-06-18/a>Jan KoprivaBroken phishing accidentally exploiting Outlook zero-day
2020-05-27/a>Jan KoprivaFrankenstein's phishing using Google Cloud Storage
2020-04-30/a>Xavier MertensCollecting IOCs from IMAP Folder
2020-04-18/a>Guy BruneauMaldoc Falsely Represented as DOCX Invoice Redirecting to Fake Apple Store
2020-04-17/a>Xavier MertensWeaponized RTF Document Generator & Mailer in PowerShell
2020-04-13/a>Jan KoprivaLook at the same phishing campaign 3 months apart
2020-03-22/a>Didier StevensMore COVID-19 Themed Malware
2020-02-10/a>Jan KoprivaCurrent PayPal phishing campaign or "give me all your personal information"
2020-02-03/a>Jan KoprivaAnalysis of a triple-encrypted AZORult downloader
2020-01-16/a>Jan KoprivaPicks of 2019 malware - the large, the small and the one full of null bytes
2019-12-15/a>Didier StevensVirusTotal Email Submissions
2019-12-06/a>Jan KoprivaPhishing with a self-contained credentials-stealing webpage
2019-12-05/a>Jan KoprivaE-mail from Agent Tesla
2019-12-04/a>Jan KoprivaAnalysis of a strangely poetic malware
2019-11-26/a>Jan KoprivaLessons learned from playing a willing phish
2019-10-31/a>Jan KoprivaEML attachments in O365 - a recipe for phishing
2019-10-30/a>Xavier MertensKeep an Eye on Remote Access to Mailboxes
2019-10-17/a>Jan KoprivaPhishing e-mail spoofing SPF-enabled domain
2019-04-13/a>Johannes UllrichConfiguring MTA-STS and TLS Reporting For Your Domain
2019-04-07/a>Guy BruneauFake Office 365 Payment Information Update
2019-03-21/a>Xavier MertensNew Wave of Extortion Emails: Central Intelligence Agency Case
2019-03-06/a>Xavier MertensKeep an Eye on Disposable Email Addresses
2019-02-19/a>Didier StevensIdentifying Files: Failure Happens
2019-02-11/a>Didier StevensHave You Seen an Email Virus Recently?
2018-12-21/a>Lorna HutchesonPhishing Attempts That Bypass 2FA
2018-11-18/a>Guy BruneauMultipurpose PCAP Analysis Tool
2018-08-23/a>Xavier MertensSimple Phishing Through formcrafts.com
2018-08-22/a>Deborah HaleEmail/password Frustration
2018-08-19/a>Didier StevensVideo: Peeking into msg files - revisited
2018-08-11/a>Didier StevensPeeking into msg files - revisited
2018-07-23/a>Didier StevensAnalyzing MSG files
2018-07-15/a>Didier StevensExtracting BTC addresses from emails
2018-06-22/a>Lorna HutchesonXPS Attachment Used for Phishing
2017-11-10/a>Bojan ZdrnjaBattling e-mail phishing
2017-10-15/a>Didier StevensPeeking into .msg files
2017-08-14/a>Didier StevensSometimes it's just SPAM
2016-12-26/a>Russ McReeCritical security update: PHPMailer 5.2.20 (CVE-2016-10045)
2015-02-20/a>Tom WebbFast analysis of a Tax Scam
2014-07-09/a>Daniel WesemannWho owns your typo?
2014-01-31/a>Chris MohanAttack on Yahoo mail accounts
2014-01-28/a>Kevin ShorttSendmail v8.14.8 released - http://www.sendmail.com/sm/open_source/download/8.14.8/?show_rs=1#RS
2014-01-24/a>Johannes UllrichHow to send mass e-mail the right way
2014-01-08/a>Kevin ShorttIntercepted Email Attempts to Steal Payments
2013-10-05/a>Richard PorterAdobe Breach Notification, Notifications?
2013-03-29/a>Chris MohanFake Link removal requests
2013-02-25/a>Johannes UllrichMass-Customized Malware Lures: Don't trust your cat!
2013-01-09/a>Rob VandenBrinkHotmail seeing some temporary access issues
2012-06-15/a>Johannes UllrichAuthenticating E-Mail
2012-02-07/a>Johannes UllrichSecure E-Mail Access
2012-01-22/a>Lorna HutchesonMailbag - "Attacks"
2011-06-08/a>Johannes UllrichSpam from compromised Hotmail accounts
2011-05-01/a>Deborah HaleAnother Potentially Malicious Email Making The Rounds
2011-04-11/a>Johannes UllrichGMail User Using 2FA Warned of Access From China
2011-02-21/a>Adrien de BeaupreWinamp forums compromised
2010-09-09/a>Marcus Sachs'Here You Have' Email
2010-08-29/a>Swa FrantzenAbandoned free email accounts
2010-05-23/a>Manuel Humberto Santander Pelaeze-mail scam announcing Fidel Castro's funeral ... and nasty malware to your computer.
2010-03-05/a>Kyle HaugsnessFalse scare email proclaiming North Korea nuclear launch against Japan
2009-10-15/a>Deborah HaleCyber Security Awareness Month - Day 15 - Ports 995, 465, and 993 - Secure Email
2009-10-09/a>Rob VandenBrinkTHAWTE to discontinue free Email Certificate Services and Web of Trust Service
2009-10-08/a>Johannes UllrichCyber Security Awareness Month - Day 8 - Port 25 - SMTP
2009-10-05/a>Adrien de BeaupreTime to change your hotmail/gmail/yahoo password
2009-09-01/a>Guy BruneauGmail Down
2009-05-04/a>Tom ListonFacebook phishing malware
2009-04-07/a>Johannes UllrichSSH scanning from compromised mail servers
2009-02-24/a>G. N. WhiteGmail Access Issues Early This AM
2009-01-11/a>Deborah HaleThe Frustration of Phishing Attacks
2008-11-30/a>Mari NicholsRejected Email Issues
2008-05-22/a>Chris CarboniFrom the mailbag
2008-04-04/a>Daniel WesemannTax day scams
2008-03-30/a>Mark HofmanMail Anyone?
2006-08-31/a>Swa FrantzenMailbag grab

FORWARDING

2021-10-14/a>Xavier MertensPort-Forwarding with Windows for the Win
2020-08-20/a>Rob VandenBrinkOffice 365 Mail Forwarding Rules (and other Mail Rules too)
2013-07-20/a>Manuel Humberto Santander PelaezDo you have rogue Internet gateways in your network? Check it with nmap

RULES

2022-02-26/a>Guy BruneauUsing Snort IDS Rules with NetWitness PacketDecoder
2020-08-20/a>Rob VandenBrinkOffice 365 Mail Forwarding Rules (and other Mail Rules too)
2020-06-19/a>Remco VerhoefSigma rules! The generic signature format for SIEM systems.
2018-06-21/a>Xavier MertensAre Your Hunting Rules Still Working?
2016-07-15/a>Xavier MertensName All the Things!
2010-04-23/a>Adrien de BeaupreShadowserver botnet rules