Internet Storm Center
Sign In
Sign Up
Watch ISC TV. Great for NOCs, SOCs and Living Rooms:
https://isctv.sans.edu
Handler on Duty:
Didier Stevens
Threat Level:
green
Date
Author
Title
REMOTE CODE EXECUTION
2021-02-13
Guy Bruneau
vSphere Replication updates address a command injection vulnerability (CVE-2021-21976) - https://www.vmware.com/security/advisories/VMSA-2021-0001.html
2013-02-16
Lorna Hutcheson
Fedora RedHat Vulnerabilty Released
2012-03-16
Russ McRee
MS12-020 RDP vulnerabilities: Patch, Mitigate, Detect
2011-08-11
Guy Bruneau
BlackBerry Enterprise Server Critical Update
2010-05-12
Rob VandenBrink
Adobe Shockwave Update
2010-03-10
Rob VandenBrink
Microsoft Security Advisory 981374 - Remote Code Execution Vulnerability for IE6 and IE7
REMOTE
2022-10-07/a>
Xavier Mertens
Critical Fortinet Vulnerability Ahead
2021-05-14/a>
Xavier Mertens
"Open" Access to Industrial Systems Interface is Also Far From Zero
2021-02-13/a>
Guy Bruneau
vSphere Replication updates address a command injection vulnerability (CVE-2021-21976) - https://www.vmware.com/security/advisories/VMSA-2021-0001.html
2020-09-29/a>
Xavier Mertens
Managing Remote Access for Partners & Contractors
2020-08-22/a>
Guy Bruneau
Remote Desktop (TCP/3389) and Telnet (TCP/23), What might they have in Common?
2019-09-24/a>
Xavier Mertens
Huge Amount of remotewebaccess.com Sites Found in Certificate Transparency Logs
2017-11-25/a>
Guy Bruneau
Exim Remote Code Exploit
2015-10-12/a>
Guy Bruneau
Critical Vulnerability in Multiple Cisco Products - Apache Struts 2 Command Execution http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-struts2
2013-09-18/a>
Rob VandenBrink
Cisco DCNM Update Released
2013-02-16/a>
Lorna Hutcheson
Fedora RedHat Vulnerabilty Released
2012-08-22/a>
Adrien de Beaupre
Apple Remote Desktop update fixes no encryption issue
2012-03-16/a>
Russ McRee
MS12-020 RDP vulnerabilities: Patch, Mitigate, Detect
2011-11-28/a>
Tom Liston
A Puzzlement...
2011-11-19/a>
Pedro Bueno
Dragon Research Group (DRG) announced the white paper entitled "VNC: Threats and Countermeasures" : https://dragonresearchgroup.org/insight/vnc-tac.html
2011-08-11/a>
Guy Bruneau
BlackBerry Enterprise Server Critical Update
2010-12-19/a>
Raul Siles
Intel's new processors have a remote kill switch (Anti-Theft 3.0)
2010-10-19/a>
Rob VandenBrink
Cyber Security Awareness Month - Day 19 - Remote Access Tools
2010-10-19/a>
Rob VandenBrink
Cyber Security Awareness Month - Day 19 - Remote User VPN Tunnels - to Split or not to Split?
2010-10-19/a>
Rob VandenBrink
Cyber Security Awareness Month - Day 19 - Remote User VPN Access – Are things getting too easy, or too hard?
2010-10-19/a>
Rob VandenBrink
Cyber Security Awareness Month - Day 19 - VPN and Remote Access Tools
2010-05-12/a>
Rob VandenBrink
Adobe Shockwave Update
2010-03-15/a>
Adrien de Beaupre
Spamassassin Milter Plugin Remote Root Attack
2010-03-10/a>
Rob VandenBrink
Microsoft Security Advisory 981374 - Remote Code Execution Vulnerability for IE6 and IE7
2010-02-02/a>
Guy Bruneau
Cisco Secure Desktop Remote XSS Vulnerability
2009-11-14/a>
Adrien de Beaupre
Microsoft advisory for Windows 7 / Windows Server 2008 R2 Remote SMB DoS Exploit released
2009-11-12/a>
Rob VandenBrink
Windows 7 / Windows Server 2008 Remote SMB Exploit
2008-05-06/a>
Marcus Sachs
Industrial Control Systems Vulnerability
2008-03-13/a>
Jason Lam
Remote File Include spoof!?
2006-11-20/a>
Joel Esler
MS06-070 Remote Exploit
CODE
2023-03-16/a>
Xavier Mertens
Simple Shellcode Dissection
2023-03-07/a>
Johannes Ullrich
Hackers Love This VSCode Extension: What You Can Do to Stay Safe
2022-11-04/a>
Xavier Mertens
Remcos Downloader with Unicode Obfuscation
2022-09-14/a>
Xavier Mertens
Easy Process Injection within Python
2022-05-30/a>
Xavier Mertens
New Microsoft Office Attack Vector via "ms-msdt" Protocol Scheme (CVE-2022-30190)
2022-02-26/a>
Guy Bruneau
Using Snort IDS Rules with NetWitness PacketDecoder
2022-01-22/a>
Xavier Mertens
Mixed VBA & Excel4 Macro In a Targeted Excel Sheet
2022-01-20/a>
Xavier Mertens
RedLine Stealer Delivered Through FTP
2022-01-06/a>
Xavier Mertens
Malicious Python Script Targeting Chinese People
2022-01-05/a>
Xavier Mertens
Code Reuse In the Malware Landscape
2021-12-10/a>
Xavier Mertens
Python Shellcode Injection From JSON Data
2021-10-20/a>
Xavier Mertens
Thanks to COVID-19, New Types of Documents are Lost in The Wild
2021-08-20/a>
Xavier Mertens
Waiting for the C2 to Show Up
2021-02-13/a>
Guy Bruneau
vSphere Replication updates address a command injection vulnerability (CVE-2021-21976) - https://www.vmware.com/security/advisories/VMSA-2021-0001.html
2021-01-18/a>
Didier Stevens
Doc & RTF Malicious Document
2020-10-14/a>
Xavier Mertens
Nicely Obfuscated Python RAT
2020-09-02/a>
Xavier Mertens
Python and Risky Windows API Calls
2020-08-06/a>
Xavier Mertens
A Fork of the FTCode Powershell Ransomware
2020-07-27/a>
Didier Stevens
Analyzing Metasploit ASP .NET Payloads
2019-12-12/a>
Xavier Mertens
Code & Data Reuse in the Malware Ecosystem
2019-10-27/a>
Didier Stevens
Using scdbg to Find Shellcode
2019-07-08/a>
Didier Stevens
Machine Code? No!
2019-07-04/a>
Didier Stevens
Machine Code?
2019-05-31/a>
Didier Stevens
Retrieving Second Stage Payload with Ncat
2019-05-30/a>
Didier Stevens
Analyzing First Stage Shellcode
2019-05-06/a>
Didier Stevens
Text and T
e
x
t
2019-05-01/a>
Xavier Mertens
Another Day, Another Suspicious UDF File
2019-04-23/a>
Didier Stevens
Malicious VBA Office Document Without Source Code
2019-03-24/a>
Didier Stevens
Decoding QR Codes with Python
2019-02-25/a>
Didier Stevens
Sextortion Email Variant: With QR Code
2019-01-02/a>
Didier Stevens
Maldoc with Nonfunctional Shellcode
2018-09-24/a>
Didier Stevens
Analyzing Encoded Shellcode with scdbg
2018-09-08/a>
Didier Stevens
Video: Using scdbg to analyze shellcode
2018-09-03/a>
Didier Stevens
Another quickie: Using scdbg to analyze shellcode
2018-08-31/a>
Jim Clausing
Quickie: Using radare2 to disassemble shellcode
2018-06-04/a>
Rob VandenBrink
Digging into Authenticode Certificates
2017-04-16/a>
Johannes Ullrich
Tool to Detect Active Phishing Attacks Using Unicode Look-Alike Domains
2016-11-24/a>
Didier Stevens
Extracting Shellcode From JavaScript
2016-11-18/a>
Didier Stevens
VBA Shellcode and Windows 10
2016-09-26/a>
Didier Stevens
VBA and P-code
2015-09-21/a>
Xavier Mertens
Detecting XCodeGhost Activity
2015-03-30/a>
Didier Stevens
YARA Rules For Shellcode
2013-10-25/a>
Johannes Ullrich
PHP.net compromise aftermath: Why Code Signing Beats Hashes
2013-08-04/a>
Johannes Ullrich
BBCode tag "[php]" used to inject php code
2013-02-16/a>
Lorna Hutcheson
Fedora RedHat Vulnerabilty Released
2012-07-19/a>
Mark Baggett
A Heap of Overflows?
2012-04-26/a>
Richard Porter
Packetstorm Security and Metasploit have Exploit code for MS12-027
2012-04-25/a>
Daniel Wesemann
Blacole's shell code
2012-03-16/a>
Russ McRee
MS12-020 RDP vulnerabilities: Patch, Mitigate, Detect
2012-03-11/a>
Johannes Ullrich
An Analysis of Jester's QR Code Attack. (Guest Diary)
2011-08-11/a>
Guy Bruneau
BlackBerry Enterprise Server Critical Update
2011-08-03/a>
Johannes Ullrich
Malicious Images: What's a QR Code
2011-03-07/a>
Bojan Zdrnja
Oracle padding attacks (Codegate crypto 400 writeup)
2010-05-12/a>
Rob VandenBrink
Adobe Shockwave Update
2010-03-10/a>
Rob VandenBrink
Microsoft Security Advisory 981374 - Remote Code Execution Vulnerability for IE6 and IE7
2010-02-08/a>
Adrien de Beaupre
When is a 0day not a 0day? Fake OpenSSh exploit, again.
2009-08-08/a>
Guy Bruneau
XML Libraries Data Parsing Vulnerabilities
2009-05-29/a>
Lorna Hutcheson
VMWare Patches Released
2008-07-22/a>
Mari Nichols
‘Cold Boot’ Attack Utility Tools
2008-06-10/a>
Swa Frantzen
Ransomware keybreaking
EXECUTION
2022-05-30/a>
Xavier Mertens
New Microsoft Office Attack Vector via "ms-msdt" Protocol Scheme (CVE-2022-30190)
2021-02-13/a>
Guy Bruneau
vSphere Replication updates address a command injection vulnerability (CVE-2021-21976) - https://www.vmware.com/security/advisories/VMSA-2021-0001.html
2017-11-25/a>
Guy Bruneau
Exim Remote Code Exploit
2015-10-12/a>
Guy Bruneau
Critical Vulnerability in Multiple Cisco Products - Apache Struts 2 Command Execution http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-struts2
2013-09-18/a>
Rob VandenBrink
Cisco DCNM Update Released
2013-02-16/a>
Lorna Hutcheson
Fedora RedHat Vulnerabilty Released
2012-03-16/a>
Russ McRee
MS12-020 RDP vulnerabilities: Patch, Mitigate, Detect
2011-08-11/a>
Guy Bruneau
BlackBerry Enterprise Server Critical Update
2010-05-12/a>
Rob VandenBrink
Adobe Shockwave Update
2010-03-10/a>
Rob VandenBrink
Microsoft Security Advisory 981374 - Remote Code Execution Vulnerability for IE6 and IE7
2009-08-08/a>
Guy Bruneau
XML Libraries Data Parsing Vulnerabilities
2009-05-29/a>
Lorna Hutcheson
VMWare Patches Released
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Forums
Auditing
Diary Discussions
Forensics
General Discussions
Industry News
Network Security
Penetration Testing
Software Security
Contact Us
Contact Us
About Us
Handlers
Slack Channel
Mastodon
Twitter
Make the web a better place by
sharing the SANS Internet Storm Center
with others