Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: InfoSec Diary Blog Archive - SANS Internet Storm Center InfoSec Diary Blog Archive


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Search Diaries:


Archive Matrix

2003JanFebMarApr MayJunJulAugSepOctNovDec
2004JanFebMarAprMayJunJulAugSepOctNovDec
2005JanFebMarAprMayJunJulAugSepOctNovDec
2006JanFebMarAprMayJunJulAugSepOctNovDec
2007JanFebMarAprMayJunJulAugSepOctNovDec
2008JanFebMarAprMayJunJulAugSepOctNovDec
2009JanFebMarAprMayJunJulAugSepOctNovDec
2010JanFebMarAprMayJunJulAugSepOctNovDec
2011JanFebMarAprMayJunJulAugSepOctNovDec
2012JanFebMarAprMayJunJulAugSepOctNovDec
2013JanFebMarAprMayJunJulAugSepOctNovDec
2014JanFebMarAprMayJunJulAugSepOctNovDec
2015JanFebMarAprMayJunJulAugSepOctNovDec
2016JanFebMarAprMayJunJulAugSepOctNovDec
2017JanFebMarAprMayJunJulAugSepOctNovDec
2018JanFebMarAprMayJunJulAugSepOctNovDec
2019JanFebMarAprMayJunJulAugSepOctNovDec
2020JanFebMarAprMayJunJulAugSepOctNovDec
2021JanFebMarAprMayJunJulAugSepOctNovDec
2022JanFebMarAprMayJun

Archive Diary List

2021-12-01

DateAuthorTitle
2021-12-31Jan KoprivaDo you want your Agent Tesla in the 300 MB or 8 kB package? (0 Comments)
2021-12-30Johannes UllrichISC Stormcast For Thursday, December 30th, 2021 (oneliner) (0 Comments)
2021-12-30Brad DuncanAgent Tesla Updates SMTP Data Exfiltration Technique (0 Comments)
2021-12-29Russ McReeLog4j 2 Security Vulnerabilities Update Guide (0 Comments)
2021-12-29Johannes UllrichISC Stormcast For Wednesday, December 29th, 2021 (oneliner) (0 Comments)
2021-12-28Russ McReeLotL Classifier tests for shells, exfil, and miners (0 Comments)
2021-12-28Johannes UllrichISC Stormcast For Tuesday, December 28th, 2021 (oneliner) (0 Comments)
2021-12-27Renato MarinhoAttackers are abusing MSBuild to evade defenses and implant Cobalt Strike beacons (0 Comments)
2021-12-27Johannes UllrichISC Stormcast For Monday, December 27th, 2021 (oneliner) (0 Comments)
2021-12-26Didier StevensQuicktip: TShark's Options -e and -T (0 Comments)
2021-12-25Didier StevensTShark Tip: Extracting Field Values From Capture Files (0 Comments)
2021-12-24Renato MarinhoExample of how attackers are trying to push crypto miners via Log4Shell (0 Comments)
2021-12-23Johannes UllrichDefending Cloud IMDS Against log4shell (and more) (0 Comments)
2021-12-23Johannes Ullrichlog4shell and cloud provider internal meta data services (IMDS) (0 Comments)
2021-12-23Xavier MertensNicely Crafted indeed.com Login Page (0 Comments)
2021-12-23Johannes UllrichISC Stormcast For Thursday, December 23rd, 2021 (oneliner) (0 Comments)
2021-12-22Johannes UllrichISC Stormcast For Wednesday, December 22nd, 2021 (oneliner) (0 Comments)
2021-12-22Brad DuncanDecember 2021 Forensic Contest: Answers and Analysis (0 Comments)
2021-12-21Xavier MertensMore Undetected PowerShell Dropper (2 Comments)
2021-12-21Johannes UllrichISC Stormcast For Tuesday, December 21st, 2021 (oneliner) (0 Comments)
2021-12-20Jan KoprivaPowerPoint attachments, Agent Tesla and code reuse in malware (0 Comments)
2021-12-20Johannes UllrichISC Stormcast For Monday, December 20th, 2021 (oneliner) (0 Comments)
2021-12-19Didier StevensOffice 2021: VBA Project Version (0 Comments)
2021-12-18Guy BruneauVMware Security Update - (oneliner) (0 Comments)
2021-12-17Rob VandenBrinkDR Automation - Using Public DNS APIs (0 Comments)
2021-12-17Johannes UllrichISC Stormcast For Friday, December 17th, 2021 (oneliner) (0 Comments)
2021-12-16Brad DuncanHow the "Contact Forms" campaign tricks people (0 Comments)
2021-12-16Johannes UllrichISC Stormcast For Thursday, December 16th, 2021 (oneliner) (0 Comments)
2021-12-15Xavier MertensSimple but Undetected PowerShell Backdoor (0 Comments)
2021-12-15Johannes UllrichISC Stormcast For Wednesday, December 15th, 2021 (oneliner) (0 Comments)
2021-12-14Renato MarinhoLog4j 2.15.0 and previously suggested mitigations may not be enough (4 Comments)
2021-12-14Renato MarinhoMicrosoft December 2021 Patch Tuesday (0 Comments)
2021-12-14Johannes UllrichLog4j: Getting ready for the long haul (CVE-2021-44228) (1 Comments)
2021-12-14Johannes UllrichISC Stormcast For Tuesday, December 14th, 2021 (oneliner) (0 Comments)
2021-12-13Johannes UllrichISC Stormcast For Monday, December 13th, 2021 (oneliner) (0 Comments)
2021-12-13Renato MarinhoLog4Shell exploited to implant coin miners (1 Comments)
2021-12-11Johannes UllrichLog4j / Log4Shell Followup: What we see and how to defend (and how to access our data) (4 Comments)
2021-12-10Bojan ZdrnjaRCE in log4j, Log4Shell, or how things can get bad quickly (4 Comments)
2021-12-10Xavier MertensPython Shellcode Injection From JSON Data (0 Comments)
2021-12-10Johannes UllrichISC Stormcast For Friday, December 10th, 2021 (oneliner) (0 Comments)
2021-12-09Yee Ching TokPhishing Direct Messages via Discord (0 Comments)
2021-12-09Johannes UllrichISC Stormcast For Thursday, December 9th, 2021 (oneliner) (0 Comments)
2021-12-08Johannes UllrichISC Stormcast For Wednesday, December 8th, 2021 (oneliner) (0 Comments)
2021-12-08Brad DuncanDecember 2021 Forensic Challenge (0 Comments)
2021-12-07Johannes UllrichWebshells, Webshells everywhere! (0 Comments)
2021-12-07Johannes UllrichISC Stormcast For Tuesday, December 7th, 2021 (oneliner) (0 Comments)
2021-12-06Xavier MertensThe Importance of Out-of-Band Networks (0 Comments)
2021-12-06Johannes UllrichISC Stormcast For Monday, December 6th, 2021 (oneliner) (0 Comments)
2021-12-04Guy BruneauA Review of Year 2021 (0 Comments)
2021-12-03Xavier MertensThe UPX Packer Will Never Die! (0 Comments)
2021-12-03Johannes UllrichISC Stormcast For Friday, December 3rd, 2021 (oneliner) (0 Comments)
2021-12-02Brad DuncanTA551 (Shathak) pushes IcedID (Bokbot) (0 Comments)
2021-12-02Johannes UllrichISC Stormcast For Thursday, December 2nd, 2021 (oneliner) (0 Comments)
2021-12-01Xavier MertensInfo-Stealer Using webhook.site to Exfiltrate Data (0 Comments)
2021-12-01Johannes UllrichISC Stormcast For Wednesday, December 1st, 2021 (oneliner) (0 Comments)