Diaries by Keyword - SANS Internet Storm Center

Participate: Learn more about our honeypot network
https://isc.sans.edu/tools/honeypot/

Handler on Duty: Jesse La Grew

Threat Level: green

Date	Author	Title
JUMP LIST
2015-07-12	Didier Stevens	Jump List Files Are OLE Files
JUMP
2015-07-12/a>	Didier Stevens	Jump List Files Are OLE Files
LIST
2023-07-26/a>	Xavier Mertens	Suspicious IP Addresses Avoided by Malware Samples
2023-05-26/a>	Xavier Mertens	Using DFIR Techniques To Recover From Infrastructure Outages
2021-09-09/a>	Johannes Ullrich	Updates to Our Datafeeds/API
2020-08-18/a>	Rick Wanner	ISC Blocked
2020-07-23/a>	Xavier Mertens	Simple Blocklisting with MISP & pfSense
2019-09-19/a>	Xavier Mertens	Blocklisting or Whitelisting in the Right Way
2019-06-27/a>	Rob VandenBrink	Finding the Gold in a Pile of Pennies - Long Tail Analysis in PowerShell
2018-12-26/a>	Didier Stevens	Bitcoin "Blocklists"
2018-11-12/a>	Rick Wanner	Using the Neutrino ip-blocklist API to test general badness of an IP
2018-05-23/a>	Remco Verhoef	Track naughty and nice binaries with Google Santa
2018-02-25/a>	Guy Bruneau	Blackhole Advertising Sites with Pi-hole
2017-04-05/a>	Xavier Mertens	Whitelists: The Holy Grail of Attackers
2015-09-08/a>	Lenny Zeltser	A Close Look at PayPal Overpayment Scams That Target Craigslist Sellers
2015-07-12/a>	Didier Stevens	Jump List Files Are OLE Files
2015-02-23/a>	Richard Porter	Subscribing to the DShield Top 20 on a Palo Alto Networks Firewall
2014-09-19/a>	Guy Bruneau	Web Scan looking for /info/whitelist.pac
2014-08-17/a>	Rick Wanner	Part 1: Is your home network unwittingly contributing to NTP DDOS attacks?
2013-12-23/a>	Rob VandenBrink	How-To's for the Holidays - Java Whitelisting using AD Group Policy
2013-10-16/a>	Adrien de Beaupre	Access denied and blockliss
2013-09-03/a>	Rob VandenBrink	Is "Reputation Backscatter" a Thing?
2013-04-30/a>	Russ McRee	Apache binary backdoor adds malicious redirect to Blackhole
2013-04-23/a>	Russ McRee	Microsoft's Security Intelligence Report (SIRv14) released
2012-09-01/a>	Russ McRee	Blackhole targeting Java vulnerability via fake Microsoft Services Agreement email phish
2012-06-26/a>	Daniel Wesemann	Run, Forest! (Update)
2012-04-30/a>	Rob VandenBrink	Patch for Oracle TNS Listener issue released !
2012-04-25/a>	Daniel Wesemann	Blacole's obfuscated JavaScript
2012-04-25/a>	Daniel Wesemann	Blacole's shell code
2011-12-06/a>	Pedro Bueno	The RedRet connection...
2011-11-22/a>	Pedro Bueno	Updates on ZeroAccess and BlackHole front...
2010-08-13/a>	Guy Bruneau	Shadowserver Binary Whitelisting Service
2010-02-15/a>	Johannes Ullrich	New ISC Tool: Whitelist Hash Database
2009-10-16/a>	Adrien de Beaupre	Cyber Security Awareness Month - Day 16 - Port 1521 - Oracle TNS Listener
2009-09-07/a>	Jim Clausing	Seclists.org is finally back
2009-06-11/a>	Rick Wanner	MIR-ROR Motile Incident Response - Respond Objectively Remediate
2009-05-27/a>	donald smith	Host file black lists
2009-02-03/a>	Swa Frantzen	On the importance of patching fast
2008-05-28/a>	Johannes Ullrich	Reminder: Proper use of DShield data
2008-05-20/a>	Raul Siles	List of malicious domains inserted through SQL injection
2006-12-18/a>	Toby Kohlenberg	ORDB Shutting down

JUMP LIST

JUMP

LIST