SSE SPAMBOT |
| 2018-12-05 | Brad Duncan | Campaign evolution: Hancitor changes its Word macros |
SSE |
| 2024-06-03/a> | Didier Stevens | A Wireshark Lua Dissector for Fixed Field Length Protocols |
| 2024-05-30/a> | Xavier Mertens | Feeding MISP with OSSEC |
| 2023-09-06/a> | Johannes Ullrich | Security Relevant DNS Records |
| 2023-07-26/a> | Xavier Mertens | Suspicious IP Addresses Avoided by Malware Samples |
| 2023-02-25/a> | Didier Stevens | Crypto Inside a Browser |
| 2022-02-01/a> | Xavier Mertens | Automation is Nice But Don't Replace Your Knowledge |
| 2021-05-10/a> | Johannes Ullrich | Correctly Validating IP Addresses: Why encoding matters for input validation. |
| 2021-01-02/a> | Guy Bruneau | Protecting Home Office and Enterprise in 2021 |
| 2020-09-17/a> | Xavier Mertens | Suspicious Endpoint Containment with OSSEC |
| 2020-02-16/a> | Guy Bruneau | SOAR or not to SOAR? |
| 2019-01-31/a> | Xavier Mertens | Tracking Unexpected DNS Changes |
| 2018-12-19/a> | Xavier Mertens | Using OSSEC Active-Response as a DFIR Framework |
| 2018-12-05/a> | Brad Duncan | Campaign evolution: Hancitor changes its Word macros |
| 2018-09-20/a> | Xavier Mertens | Hunting for Suspicious Processes with OSSEC |
| 2016-07-12/a> | Xavier Mertens | Hunting for Malicious Files with MISP + OSSEC |
| 2015-06-02/a> | Alex Stanford | Guest Diary: Xavier Mertens - Playing with IP Reputation with Dshield & OSSEC |
| 2015-05-10/a> | Didier Stevens | Wireshark TCP Flags: How To Install On Windows Video |
| 2015-04-05/a> | Didier Stevens | Wireshark TCP Flags |
| 2015-03-21/a> | Russell Eubanks | Have you seen my personal information? It has been lost. Again. |
| 2014-08-15/a> | Tom Webb | AppLocker Event Logs with OSSEC 2.8 |
| 2014-05-28/a> | Rob VandenBrink | Assessing SOAP APIs with Burp |
| 2013-10-21/a> | Johannes Ullrich | New tricks that may bring DNS spoofing back or: "Why you should enable DNSSEC even if it is a pain to do" |
| 2013-08-14/a> | Johannes Ullrich | .GOV zones may not resolve due to DNSSEC problems. |
| 2013-06-22/a> | Guy Bruneau | .biz DNSSEC DNSKEY is Invalid |
| 2013-03-04/a> | Johannes Ullrich | IPv6 Focus Month: Addresses |
| 2013-02-22/a> | Johannes Ullrich | When web sites go bad: bible . org compromise |
| 2012-11-23/a> | Rob VandenBrink | Risk Assessment Reloaded (thanks PCI ! ) |
| 2012-11-23/a> | Rob VandenBrink | What's in Your Change Control Form? |
| 2012-05-05/a> | Tony Carothers | Vulnerability Assessment Program - Discussions |
| 2012-01-18/a> | Johannes Ullrich | Use of Mixed Case DNS Queries |
| 2011-11-11/a> | Johannes Ullrich | Details About the fbi.gov DNSSEC Configuration Issue. |
| 2011-08-05/a> | Johannes Ullrich | Microsoft Patch Tuesday Advance Notification: 13 Bulletins coming http://www.microsoft.com/technet/security/Bulletin/MS11-aug.mspx |
| 2011-06-28/a> | Johannes Ullrich | DNSSEC Tips |
| 2011-06-01/a> | Johannes Ullrich | Enabling Privacy Enhanced Addresses for IPv6 |
| 2011-04-14/a> | Johannes Ullrich | dshield.org now DNSSEC signed via .org |
| 2010-11-04/a> | Johannes Ullrich | DNSSEC Progress for .com and .net |
| 2010-10-20/a> | Jim Clausing | Tools updates - Oct 2010 |
| 2010-10-17/a> | Stephen Hall | Cyber Security Awareness Month - Day 17 - What a boss should and should not have access to |
| 2010-05-04/a> | Rick Wanner | DNSSEC...not a bang but a whimper? |
| 2010-04-01/a> | Jim Clausing | OSSEC v2.4 released. http://www.ossec.net/main/ossec-v24-released |
| 2010-01-19/a> | Jim Clausing | 49Gbps DDoS, IPv4 exhaustion, and DNSSEC, oh my! |
| 2009-12-15/a> | Johannes Ullrich | Important BIND name server updates - DNSSEC |
| 2009-12-09/a> | Swa Frantzen | OSSEC 2.3 released |
| 2009-11-29/a> | Patrick Nolan | A Cloudy Weekend |
| 2009-11-24/a> | John Bambenek | BIND Security Advisory (DNSSEC only) |
| 2009-09-12/a> | Jim Clausing | OSSEC version 2.2 available |
| 2009-08-30/a> | Tony Carothers | How do I recover from.....? |
| 2009-04-19/a> | Mari Nichols | Providing Accurate Risk Assessments |
| 2009-03-21/a> | Stephen Hall | Updates to ISC BIND |
| 2009-02-28/a> | Rick Wanner | OSSEC Version 2 available! |
| 2009-01-08/a> | Kyle Haugsness | BIND OpenSSL follow-up |
| 2009-01-07/a> | William Salusky | BIND 9.x security patch - resolves potentially new DNS poisoning vector |
| 2008-09-10/a> | Adrien de Beaupre | Mailbag: OSSEC 1.6 released, NMAP 4.75 released |
| 2008-08-14/a> | Johannes Ullrich | DNSSEC for DShield.org |
| 2008-07-08/a> | Swa Frantzen | Security implications in HVAC equipment |
| 2008-05-07/a> | Jim Clausing | OSSEC 1.5 released |
SPAMBOT |
| 2022-02-09/a> | Brad Duncan | Example of Cobalt Strike from Emotet infection |
| 2022-01-25/a> | Brad Duncan | Emotet Stops Using 0.0.0.0 in Spambot Traffic |
| 2021-12-22/a> | Brad Duncan | December 2021 Forensic Contest: Answers and Analysis |
| 2021-11-16/a> | Brad Duncan | Emotet Returns |
| 2020-04-01/a> | Brad Duncan | Qakbot malspam sent from an infected Windows host |
| 2019-12-18/a> | Brad Duncan | Emotet infection with spambot activity |
| 2019-01-10/a> | Brad Duncan | Heartbreaking Emails: "Love You" Malspam |
| 2018-12-05/a> | Brad Duncan | Campaign evolution: Hancitor changes its Word macros |
