Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: InfoSec Diary Blog Archive - SANS Internet Storm Center InfoSec Diary Blog Archive


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Search Diaries:


Archive Matrix

2003JanFebMarApr MayJunJulAugSepOctNovDec
2004JanFebMarAprMayJunJulAugSepOctNovDec
2005JanFebMarAprMayJunJulAugSepOctNovDec
2006JanFebMarAprMayJunJulAugSepOctNovDec
2007JanFebMarAprMayJunJulAugSepOctNovDec
2008JanFebMarAprMayJunJulAugSepOctNovDec
2009JanFebMarAprMayJunJulAugSepOctNovDec
2010JanFebMarAprMayJunJulAugSepOctNovDec
2011JanFebMarAprMayJunJulAugSepOctNovDec
2012JanFebMarAprMayJunJulAugSepOctNovDec
2013JanFebMarAprMayJunJulAugSepOctNovDec
2014JanFebMarAprMayJunJulAugSepOctNovDec
2015JanFebMarAprMayJunJulAugSepOctNovDec
2016JanFebMarAprMayJunJulAugSepOctNovDec
2017JanFebMarAprMayJunJulAugSepOctNovDec
2018JanFebMarAprMayJunJulAugSepOctNovDec
2019JanFebMarAprMayJunJulAugSepOctNovDec
2020JanFebMarAprMayJunJulAugSepOctNovDec
2021JanFebMarAprMayJunJulAugSepOctNovDec
2022JanFebMarAprMayJunJulAug

Archive Diary List

2022-6-01

DateAuthorTitle
2022-06-30Brad DuncanCase Study: Cobalt Strike Server Lives on After Its Domain Is Suspended (0 Comments)
2022-06-30Johannes UllrichISC Stormcast For Thursday, June 30th, 2022 (oneliner) (0 Comments)
2022-06-29Rob VandenBrinkIt's New Phone Day! Time to migrate your MFA! (5 Comments)
2022-06-29Johannes UllrichISC Stormcast For Wednesday, June 29th, 2022 (oneliner) (0 Comments)
2022-06-28Johannes UllrichPossible Scans for HiByMusic Devices (0 Comments)
2022-06-28Johannes UllrichISC Stormcast For Tuesday, June 28th, 2022 (oneliner) (0 Comments)
2022-06-27Johannes UllrichEncrypted Client Hello: Anybody Using it Yet? (1 Comments)
2022-06-27Johannes UllrichISC Stormcast For Monday, June 27th, 2022 (oneliner) (0 Comments)
2022-06-26Didier StevensMore Decoding Analysis (0 Comments)
2022-06-26Didier StevensMy Paste Command (0 Comments)
2022-06-25Xavier MertensMalicious Code Passed to PowerShell via the Clipboard (3 Comments)
2022-06-24Xavier MertensPython (ab)using The Windows GUI (0 Comments)
2022-06-23Johannes UllrichISC Stormcast For Thursday, June 23rd, 2022 (oneliner) (0 Comments)
2022-06-23Xavier MertensFLOSS 2.0 Has Been Released (0 Comments)
2022-06-22Johannes UllrichISC Stormcast For Wednesday, June 22nd, 2022 (oneliner) (0 Comments)
2022-06-22Xavier MertensMalicious PowerShell Targeting Cryptocurrency Browser Extensions (0 Comments)
2022-06-21Johannes UllrichExperimental New Domain / Domain Age API (4 Comments)
2022-06-21Johannes UllrichISC Stormcast For Tuesday, June 21st, 2022 (oneliner) (0 Comments)
2022-06-20Johannes UllrichOdd TCP Fast Open Packets. Anybody understands why? (0 Comments)
2022-06-20Johannes UllrichISC Stormcast For Monday, June 20th, 2022 (oneliner) (0 Comments)
2022-06-19Didier StevensVideo: Decoding Obfuscated BASE64 Statistically (0 Comments)
2022-06-19Didier StevensWireshark 3.6.6 Released (0 Comments)
2022-06-18Didier StevensDecoding Obfuscated BASE64 Statistically (0 Comments)
2022-06-17Bojan ZdrnjaCritical vulnerability in Splunk Enterprise?s deployment server functionality (1 Comments)
2022-06-17Johannes UllrichISC Stormcast For Friday, June 17th, 2022 (oneliner) (0 Comments)
2022-06-17Brad DuncanMalspam pushes Matanbuchus malware, leads to Cobalt Strike (0 Comments)
2022-06-16Johannes UllrichISC Stormcast For Thursday, June 16th, 2022 (oneliner) (0 Comments)
2022-06-16Xavier MertensHoudini is Back Delivered Through a JavaScript Dropper (0 Comments)
2022-06-15Johannes UllrichTerraforming Honeypots. Installing DShield Sensors in the Cloud (0 Comments)
2022-06-15Johannes UllrichISC Stormcast For Wednesday, June 15th, 2022 (oneliner) (0 Comments)
2022-06-14Renato MarinhoMicrosoft June 2022 Patch Tuesday (1 Comments)
2022-06-14Johannes UllrichISC Stormcast For Tuesday, June 14th, 2022 (oneliner) (0 Comments)
2022-06-13Renato MarinhoTranslating Saitama's DNS tunneling messages (0 Comments)
2022-06-13Johannes UllrichISC Stormcast For Monday, June 13th, 2022 (oneliner) (0 Comments)
2022-06-12Didier StevensQuickie: Follina, RTF & Explorer Preview Pane (0 Comments)
2022-06-10Russ McReeEPSScall: An Exploit Prediction Scoring System App (0 Comments)
2022-06-10Johannes UllrichISC Stormcast For Friday, June 10th, 2022 (oneliner) (0 Comments)
2022-06-09Brad DuncanTA570 Qakbot (Qbot) tries CVE-2022-30190 (Follina) exploit (ms-msdt) (0 Comments)
2022-06-09Johannes UllrichISC Stormcast For Thursday, June 9th, 2022 (oneliner) (0 Comments)
2022-06-08Johannes UllrichISC Stormcast For Wednesday, June 8th, 2022 (oneliner) (0 Comments)
2022-06-07Johannes UllrichAtlassian Confluence Exploits Seen By Our Honeypots (CVE-2022-26134) (0 Comments)
2022-06-07Johannes UllrichISC Stormcast For Tuesday, June 7th, 2022 (oneliner) (0 Comments)
2022-06-06Didier Stevens"ms-msdt" RTF Maldoc Analysis: oledump Plugins (0 Comments)
2022-06-06Johannes UllrichISC Stormcast For Monday, June 6th, 2022 (oneliner) (0 Comments)
2022-06-05Didier StevensAnalysis Of An "ms-msdt" RTF Maldoc (0 Comments)
2022-06-04Guy BruneauSpam Email Contains a Very Large ISO file (0 Comments)
2022-06-03Johannes UllrichISC Stormcast For Friday, June 3rd, 2022 (oneliner) (0 Comments)
2022-06-03Xavier MertensSandbox Evasion... With Just a Filename! (0 Comments)
2022-06-02Johannes UllrichQuick Answers in Incident Response: RECmd.exe (0 Comments)
2022-06-02Johannes UllrichISC Stormcast For Thursday, June 2nd, 2022 (oneliner) (0 Comments)
2022-06-01Jan KoprivaHTML phishing attachments - now with anti-analysis features (1 Comments)
2022-06-01Johannes UllrichISC Stormcast For Wednesday, June 1st, 2022 (oneliner) (0 Comments)