Diaries by Keyword - SANS Internet Storm Center

Handler on Duty: Johannes Ullrich

Threat Level: green

Date	Author	Title
2025-01-06	Xavier Mertens	Make Malware Happy
2024-02-20	Xavier Mertens	Python InfoStealer With Dynamic Sandbox Detection
2023-11-22	Guy Bruneau	CVE-2023-1389: A New Means to Expand Botnets
2023-10-31	Xavier Mertens	Multiple Layers of Anti-Sandboxing Techniques
2023-05-28	Guy Bruneau	We Can no Longer Ignore the Cost of Cybersecurity
2023-02-04	Guy Bruneau	Assemblyline as a Malware Analysis Sandbox
2023-01-21	Guy Bruneau	DShield Sensor JSON Log to Elasticsearch
2023-01-08	Guy Bruneau	DShield Sensor JSON Log Analysis
2022-12-21	Guy Bruneau	DShield Sensor Setup in Azure
2022-09-26	Xavier Mertens	Easy Python Sandbox Detection
2021-12-28	Russ McRee	LotL Classifier tests for shells, exfil, and miners
2021-04-02	Xavier Mertens	C2 Activity: Sandboxes or Real Victims?
2020-11-20	Xavier Mertens	Malicious Python Code and LittleSnitch Detection
2017-12-14	Russ McRee	Detection Lab: Visibility & Introspection for Defenders
2017-06-17	Guy Bruneau	Mapping Use Cases to Logs. Which Logs are the Most Important to Collect?
2016-08-29	Russ McRee	Recommended Reading: Intrusion Detection Using Indicators of Compromise Based on Best Practices and Windows Event Logs
2015-02-10	Mark Baggett	Detecting Mimikatz Use On Your Network
2014-09-27	Guy Bruneau	What has Bash and Heartbleed Taught Us?
2013-12-16	Tom Webb	The case of Minerd
2013-08-19	Johannes Ullrich	Running Snort on ESXi using the Distributed Switch
2012-09-02	Lorna Hutcheson	Demonstrating the value of your Intrusion Detection Program and Analysts
2012-08-16	Johannes Ullrich	A Poor Man's DNS Anomaly Detection Script
2008-11-16	Maarten Van Horenbeeck	Detection of Trojan control channels