Internet Storm Center
Sign In
Sign Up
Handler on Duty:
Xavier Mertens
Threat Level:
green
Date
Author
Title
2024-11-19
Xavier Mertens
Detecting the Presence of a Debugger in Linux
2024-08-22
Johannes Ullrich
OpenAI Scans for Honeypots. Artificially Malicious? Action Abuse?
2024-06-06
Xavier Mertens
Malicious Python Script with a "Best Before" Date
2024-03-19
Johannes Ullrich
Attacker Hunting Firewalls
2024-01-24
Johannes Ullrich
How Bad User Interfaces Make Security Tools Harmful
2024-01-18
Johannes Ullrich
More Scans for Ivanti Connect "Secure" VPN. Exploits Public
2024-01-16
Johannes Ullrich
Scans for Ivanti Connect "Secure" VPN Vulnerability (CVE-2023-46805, CVE-2024-21887)
2023-11-17
Jan Kopriva
Phishing page with trivial anti-analysis features
2022-06-01
Jan Kopriva
HTML phishing attachments - now with anti-analysis features
2022-03-27
Didier Stevens
Video: Maldoc Cleaned by Anti-Virus
2021-07-06
Xavier Mertens
Python DLL Injection Check
2021-05-21
Xavier Mertens
Locking Kernel32.dll As Anti-Debugging Technique
2020-12-29
Jan Kopriva
Want to know what's in a folder you don't have a permission to access? Try asking your AV solution...
2020-11-25
Xavier Mertens
Live Patching Windows API Calls Using PowerShell
2020-11-19
Xavier Mertens
PowerShell Dropper Delivering Formbook
2020-08-31
Didier Stevens
Finding The Original Maldoc
2020-08-29
Didier Stevens
Malicious Excel Sheet with a NULL VT Score: More Info
2020-06-16
Johannes Ullrich
Odd "Protest" Spam (Scam?) Targeting Atlanta Police Foundation
2020-06-04
Xavier Mertens
Anti-Debugging Technique based on Memory Protection
2020-01-23
Xavier Mertens
Complex Obfuscation VS Simple Trick
2019-07-16
Russ McRee
Commando VM: The Complete Mandiant Offensive VM
2019-07-11
Johannes Ullrich
Remembering Mike Assante
2018-06-25
Didier Stevens
Guilty by association
2016-12-24
Didier Stevens
Pinging All The Way
2016-10-17
Didier Stevens
Maldoc VBA Anti-Analysis: Video
2016-10-15
Didier Stevens
Maldoc VBA Anti-Analysis
2015-12-05
Guy Bruneau
Are you looking to setup your own Malware Sandbox?
2015-07-03
Didier Stevens
Analyzing Quarantine Files
2015-06-28
Didier Stevens
The EICAR Test File
2015-02-06
Johannes Ullrich
Anthem, TurboTax and How Things "Fit Together" Sometimes
2014-08-06
Johannes Ullrich
Exploit Available for Symantec End Point Protection
2014-08-04
Russ McRee
Threats & Indicators: A Security Intelligence Lifecycle
2014-07-30
Rick Wanner
Symantec Endpoint Protection Privilege Escalation Zero Day
2014-05-27
Kevin Shortt
Avast forums hacked
2014-03-11
Basil Alawi S.Taher
Introduction to Memory Analysis with Mandiant Redline
2014-03-02
Stephen Hall
Symantec goes yellow
2014-02-14
Chris Mohan
SYM14-004 Symantec Endpoint Protection Management Vulnerabilities - http://www.symantec.com/business/support/index?page=content&id=TECH214866
2014-01-01
Russ McRee
Six degrees of celebration: Juniper, ANT, Shodan, Maltego, Cisco, and Tails
2013-12-28
Russ McRee
Weekend Reading List 27 DEC
2013-08-03
Deborah Hale
What Anti-virus Program Is Right For You?
2013-06-07
Daniel Wesemann
100% Compliant (for 65% of the systems)
2013-05-20
Guy Bruneau
Safe - Tools, Tactics and Techniques
2013-04-26
Russ McRee
What is "up to date anti-virus software"?
2013-04-17
John Bambenek
UPDATEDx1: Boston-Related Malware Campaigns Have Begun - Now with Waco Plant Explosion Fun
2012-12-10
Johannes Ullrich
Your CPA License has not been revoked
2012-11-02
Daniel Wesemann
The shortcomings of anti-virus software
2012-06-19
Daniel Wesemann
Vulnerabilityqueerprocessbrittleness
2012-05-16
Johannes Ullrich
Avira Antivirus false positives http://forum.avira.com/wbb/index.php?page=Thread&threadID=144875
2012-04-26
Richard Porter
Define Irony: A medical device with a Virus?
2012-04-13
Daniel Wesemann
Anti-virus scanning exclusions
2012-01-25
Bojan Zdrnja
pcAnywhere users – patch now!
2011-08-15
Mark Hofman
How to find unwanted files on workstations
2011-07-11
John Bambenek
Another Defense Contractor Hacked in AntiSec Hacktivism Spree
2011-06-02
Johannes Ullrich
Some Insight into Apple's Anti-Virus Signatures
2011-05-31
Johannes Ullrich
Apple Improving OS X Anti-Malware Feature
2011-05-19
Daniel Wesemann
Fake AV Bingo
2011-03-17
Kevin Liston
So You Got an AV Alert. Now What?
2011-03-09
Kevin Shortt
AVG Anti-Virus 2011 False Positives - Luhe.Exploit.PDF.B
2011-03-01
Daniel Wesemann
AV software and "sharing samples"
2011-01-18
Daniel Wesemann
Yet another rogue anti-virus
2011-01-12
Richard Porter
Yet Another Data Broker? AOL Lifestream.
2010-11-11
Daniel Wesemann
Fake AV scams via Skype Chat
2010-07-25
Rick Wanner
Updated version of Mandiant's Web Historian
2010-05-26
Bojan Zdrnja
Malware modularization and AV detection evasion
2010-05-16
Rick Wanner
Symantec triggers on World of Warcraft update
2010-02-15
Johannes Ullrich
Various Olympics Related Dangerous Google Searches
2010-02-07
Rick Wanner
Mandiant Mtrends Report
2009-12-29
Rick Wanner
What's up with port 12174? Possible Symantec server compromise?
2009-12-14
Adrien de Beaupre
Anti-forensics, COFEE vs. DECAF
2009-12-03
Mark Hofman
Avast false positives
2009-09-25
Lenny Zeltser
Categories of Common Malware Traits
2009-09-17
Bojan Zdrnja
Why is Rogue/Fake AV so successful?
2009-09-04
Adrien de Beaupre
Fake anti-virus
2009-08-29
Guy Bruneau
Immunet Protect - Cloud and Community Malware Protection
2009-08-19
Daniel Wesemann
Checking your protection
2009-08-13
Johannes Ullrich
CA eTrust update crashes systems
2009-07-11
Marcus Sachs
Imageshack
2009-05-19
Rick Wanner
New Version of Mandiant Highlighter
2009-03-10
Swa Frantzen
conspiracy fodder: pifts.exe
2009-02-05
Rick Wanner
Mandiant Memoryze review, Hilighter, other Mandiant tools!
2008-09-15
donald smith
Fake antivirus 2009 and search engine results
2008-04-22
donald smith
Symantec decomposer rar bypass allowed malicious content.
2008-04-07
John Bambenek
HP USB Keys Shipped with Malware for your Proliant Server
2006-10-30
William Salusky
ToD - Configuration Management - maintaining security awareness
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
Follow updates by subscribing to the handler's
diary RSS feed