Internet Storm Center
Sign In
Sign Up
Participate: Learn more about our honeypot network
https://isc.sans.edu/tools/honeypot/
Handler on Duty:
Jesse La Grew
Threat Level:
green
Date
Author
Title
USE CASE
2017-06-17
Guy Bruneau
Mapping Use Cases to Logs. Which Logs are the Most Important to Collect?
USE
2024-02-28/a>
Johannes Ullrich
Exploit Attempts for Unknown Password Reset Vulnerability
2024-01-24/a>
Johannes Ullrich
How Bad User Interfaces Make Security Tools Harmful
2024-01-08/a>
Jesse La Grew
What is that User Agent?
2023-09-05/a>
Jesse La Grew
Common usernames submitted to honeypots
2022-01-05/a>
Xavier Mertens
Code Reuse In the Malware Landscape
2021-09-24/a>
Xavier Mertens
Keep an Eye on Your Users Mobile Devices (Simple Inventory)
2021-04-24/a>
Guy Bruneau
Base64 Hashes Used in Web Scanning
2021-03-02/a>
Russ McRee
Adversary Simulation with Sim
2020-04-03/a>
Xavier Mertens
Obfuscated with a Simple 0x0A
2019-12-12/a>
Xavier Mertens
Code & Data Reuse in the Malware Ecosystem
2019-07-25/a>
Rob VandenBrink
When Users Attack! Users (and Admins) Thwarting Security Controls
2019-07-05/a>
Didier Stevens
A "Stream O" Maldoc
2019-07-01/a>
Didier Stevens
Maldoc: Payloads in User Forms
2018-05-27/a>
Guy Bruneau
Capture and Analysis of User Agents
2018-01-01/a>
Didier Stevens
What is new?
2017-12-19/a>
Xavier Mertens
Example of 'MouseOver' Link in a Powerpoint File
2017-06-17/a>
Guy Bruneau
Mapping Use Cases to Logs. Which Logs are the Most Important to Collect?
2014-11-04/a>
Daniel Wesemann
Whois someone else?
2014-04-05/a>
Jim Clausing
Those strange e-mails with URLs in them can lead to Android malware
2013-11-22/a>
Rick Wanner
Tales of Password Reuse
2013-02-19/a>
Johannes Ullrich
EDUCAUSE Breach
2013-01-15/a>
Rob VandenBrink
When Disabling IE6 (or Java, or whatever) is not an Option...
2012-09-21/a>
Guy Bruneau
Storing your Collection of Malware Samples with Malwarehouse
2012-07-14/a>
Tony Carothers
User Awareness and Education
2012-04-05/a>
Johannes Ullrich
Evil hides everywhere: Web Application Exploits in Headers
2011-08-26/a>
Daniel Wesemann
User Agent 007
2011-08-09/a>
Swa Frantzen
abuse handling
2010-10-19/a>
Rob VandenBrink
Cyber Security Awareness Month - Day 19 - Remote User VPN Tunnels - to Split or not to Split?
2010-10-19/a>
Rob VandenBrink
Cyber Security Awareness Month - Day 19 - Remote User VPN Access – Are things getting too easy, or too hard?
2010-06-01/a>
Mark Hofman
SPF how useful is it?
2009-12-19/a>
Deborah Hale
Frustrations of ISP Abuse Handling
2009-11-03/a>
Andre Ludwig
SURBL now posting abuse statistics for TLD's
2009-05-28/a>
Jim Clausing
More new volatility plugins
2009-04-06/a>
Adrien de Beaupre
Abuse addresses
2008-09-18/a>
Bojan Zdrnja
Monitoring HTTP User-Agent fields
2008-04-10/a>
Deborah Hale
Abuse Contacts
CASE
2017-06-17/a>
Guy Bruneau
Mapping Use Cases to Logs. Which Logs are the Most Important to Collect?
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
Make the web a better place by
sharing the SANS Internet Storm Center
with others
