Internet Storm Center
Sign In
Sign Up
Participate: Learn more about our honeypot network
https://isc.sans.edu/tools/honeypot/
Handler on Duty:
Guy Bruneau
Threat Level:
green
Date
Author
Title
FILE DATES
2023-01-04
Rob VandenBrink
Update to RTRBK - Diff and File Dates in PowerShell
FILE
2023-02-24/a>
Brad Duncan
URL files and WebDAV used for IcedID (Bokbot) infection
2023-01-21/a>
Guy Bruneau
DShield Sensor JSON Log to Elasticsearch
2023-01-04/a>
Rob VandenBrink
Update to RTRBK - Diff and File Dates in PowerShell
2022-12-20/a>
Xavier Mertens
Linux File System Monitoring & Actions
2022-07-25/a>
Xavier Mertens
PowerShell Script with Fileless Capability
2022-07-17/a>
Didier Stevens
Python: Files In Use By Another Process
2022-06-25/a>
Xavier Mertens
Malicious Code Passed to PowerShell via the Clipboard
2022-06-04/a>
Guy Bruneau
Spam Email Contains a Very Large ISO file
2022-06-03/a>
Xavier Mertens
Sandbox Evasion... With Just a Filename!
2022-05-29/a>
Didier Stevens
Extracting The Overlay Of A PE File
2022-05-28/a>
Didier Stevens
Huge Signed PE File: Keeping The Signature
2022-05-26/a>
Didier Stevens
Huge Signed PE File
2022-05-23/a>
Johannes Ullrich
Attacker Scanning for jQuery-File-Upload
2022-05-20/a>
Xavier Mertens
A 'Zip Bomb' to Bypass Security Controls & Sandboxes
2022-03-24/a>
Xavier Mertens
Malware Delivered Through Free Sharing Tool
2021-09-11/a>
Guy Bruneau
Shipping to Elasticsearch Microsoft DNS Logs
2021-05-02/a>
Didier Stevens
PuTTY And FileZilla Use The Same Fingerprint Registry Keys
2021-04-10/a>
Guy Bruneau
Building an IDS Sensor with Suricata & Zeek with Logs to ELK
2021-03-12/a>
Guy Bruneau
Microsoft DHCP Logs Shipped to ELK
2021-02-12/a>
Xavier Mertens
AgentTesla Dropped Through Automatic Click in Microsoft Help File
2020-06-12/a>
Xavier Mertens
Malicious Excel Delivering Fileless Payload
2020-05-22/a>
Didier Stevens
Some Strings to Remember
2020-05-04/a>
Didier Stevens
Sysmon and File Deletion
2020-03-21/a>
Guy Bruneau
Honeypot - Scanning and Targeting Devices & Services
2019-10-03/a>
Xavier Mertens
"Lost_Files" Ransomware
2019-08-04/a>
Didier Stevens
Detecting ZLIB Compression
2019-02-19/a>
Didier Stevens
Identifying Files: Failure Happens
2018-11-05/a>
Johannes Ullrich
Struts 2.3 Vulnerable to Two Year old File Upload Flaw
2017-11-29/a>
Xavier Mertens
Fileless Malicious PowerShell Sample
2017-10-30/a>
Didier Stevens
PE files and debug info
2017-10-24/a>
Xavier Mertens
Stop relying on file extensions
2017-07-19/a>
Xavier Mertens
Bots Searching for Keys & Config Files
2017-07-02/a>
Didier Stevens
PE Section Name Descriptions
2017-05-26/a>
Lorna Hutcheson
File2pcap - A new tool for your toolkit!
2016-08-24/a>
Xavier Mertens
Example of Targeted Attack Through a Proxy PAC File
2016-05-21/a>
Didier Stevens
Python Malware - Part 2
2016-03-30/a>
Xavier Mertens
What to watch with your FIM?
2016-01-20/a>
Xavier Mertens
/tmp, %TEMP%, ~/Desktop, T:\, ... A goldmine for pentesters!
2015-07-12/a>
Didier Stevens
Jump List Files Are OLE Files
2014-03-17/a>
Johannes Ullrich
Scans for FCKEditor File Manager
2014-02-28/a>
Daniel Wesemann
Oversharing
2014-01-11/a>
Guy Bruneau
tcpflow 1.4.4 and some of its most Interesting Features
2013-08-26/a>
Alex Stanford
Stop, Drop and File Carve
2013-08-21/a>
Alex Stanford
Psst. Your Browser Knows All Your Secrets.
2011-11-28/a>
Tom Liston
A Puzzlement...
2011-08-15/a>
Mark Hofman
How to find unwanted files on workstations
2009-12-28/a>
Johannes Ullrich
8 Basic Rules to Implement Secure File Uploads http://jbu.me/48 (inspired by IIS ; bug)
2009-08-13/a>
Jim Clausing
Tools for extracting files from pcaps
2009-06-27/a>
Tony Carothers
New NIAP Strategy on the Horizon
2009-05-27/a>
donald smith
Host file black lists
2009-05-25/a>
Jim Clausing
More tools for (US) Memorial Day
2008-03-13/a>
Jason Lam
Remote File Include spoof!?
DATES
2023-01-04/a>
Rob VandenBrink
Update to RTRBK - Diff and File Dates in PowerShell
2022-03-14/a>
Johannes Ullrich
Apple Updates Everything: MacOS 12.3, XCode 13.3, tvOS 15.4, watchOS 8.5, iPadOS 15.4 and more
2020-03-14/a>
Didier Stevens
Phishing PDF With Incremental Updates.
2020-02-05/a>
Brad Duncan
Fake browser update pages are "still a thing"
2019-07-09/a>
John Bambenek
MSFT July 2019 Patch Tuesday
2016-09-13/a>
Rob VandenBrink
Apple iOS 10 and 10.0.1 Released
2014-08-12/a>
Adrien de Beaupre
Adobe updates for 2014/08
2013-12-17/a>
Adrien de Beaupre
Apple security updates Mac OS X and Safari
2013-06-05/a>
Richard Porter
Windows Sysinternals Updated http://technet.microsoft.com/en-us/sysinternals/default.aspx
2013-04-03/a>
Mark Hofman
Firefox 20 and Thunderbird 17.0.5 updates
2012-03-06/a>
Mark Hofman
Websense posted a small article relating to mass injection into wordpress sites (thanks Chris) More info Here --> http://community.websense.com/blogs/securitylabs/archive/2012/03/05/mass-injection-of-wordpress-sites.aspx
2011-10-01/a>
Mark Hofman
Hot on the heels fo FF, Thunderbird v 7.0.1 and SeaMonkey v 2.4.1 have been updated.
2011-07-15/a>
Deborah Hale
Apple Software Updates
2011-05-20/a>
Guy Bruneau
Sysinternals Updates, Analyzing Stuxnet Infection with Sysinternals Tools Part 3
2011-05-04/a>
Richard Porter
Microsoft Sysinterals Update
2011-04-14/a>
Adrien de Beaupre
Sysinternals updates, a new blog post, and webcast
2011-03-09/a>
Chris Mohan
Possible Issue with Forefront Update KB2508823
2010-12-03/a>
Mark Hofman
AVG Update Bricking windows 7 64 bit
2010-08-19/a>
Rob VandenBrink
Don points us to multiple Adobe updates (Reader and Acrobat 9.3.4 among them) ==> http://www.adobe.com/support/downloads/new.jsp
2010-08-10/a>
Jason Lam
Adobe critical security updates
2010-08-10/a>
Daniel Wesemann
New Apple security updates for iPad/Pod/Phone. See http://support.apple.com/kb/ht1222
2010-04-13/a>
Adrien de Beaupre
Security update available for Adobe Reader and Acrobat
2010-03-29/a>
Adrien de Beaupre
APPLE-SA-2010-03-29-1 Security Update 2010-002 / Mac OS X v10.6.3
2010-03-08/a>
Raul Siles
Microsoft announced two important bulletins (fixing multiple vulns. affecting Windows and Office) for tomorrow: http://www.microsoft.com/technet/security/Bulletin/MS10-mar.mspx
2009-12-03/a>
Mark Hofman
Apple released some Java updates today APPLE-SA-2009-12-03-1 & 2 (for 10.5 and 10.6). Fixes a number of security issues so updating is a good idea.
2009-11-25/a>
Jim Clausing
Tool updates
2009-11-25/a>
Jim Clausing
Microsoft Updates requiring reboot
2009-11-09/a>
Guy Bruneau
Apple Security Update 2009-006 for Mac OS X v10.6.2
2009-10-22/a>
Adrien de Beaupre
Sysinternals updates: Disk2vhd v1.1, ZoomIt v4.1, Coreinfo v2.0, VMMap v2.4
2009-09-24/a>
Jim Clausing
A couple more tools
2009-08-05/a>
donald smith
Security Update 2009-003 / Mac OS X v10.5.8
2008-11-13/a>
Jim Clausing
Some recently updated tools
2008-10-10/a>
Marcus Sachs
Fake Microsoft Update Email
2008-09-10/a>
Adrien de Beaupre
Apple updates iPod Touch + Bonjour for Windows
2008-07-11/a>
Jim Clausing
Updates to some of our favorite tools
2008-03-20/a>
Joel Esler
Potential Vulnerability in Flash CS3 Professional, Flash Professional 8 and Flash Basic 8?
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Forums
Auditing
Diary Discussions
Forensics
General Discussions
Industry News
Network Security
Penetration Testing
Software Security
Contact Us
Contact Us
About Us
Handlers
Slack Channel
Mastodon
Twitter
Learn
about the Internet Storm Center
and our
volunteer InfoSec handlers
