Internet Storm Center
Sign In
Sign Up
Participate: Learn more about our honeypot network
https://isc.sans.edu/tools/honeypot/
Handler on Duty:
Didier Stevens
Threat Level:
green
Date
Author
Title
2022-08-24
Brad Duncan
Monster Libra (TA551/Shathak) --> IcedID (Bokbot) --> Cobalt Strike & DarkVNC
2021-12-02
Brad Duncan
TA551 (Shathak) pushes IcedID (Bokbot)
2021-09-15
Brad Duncan
Hancitor campaign abusing Microsoft's OneDrive
2021-08-11
Brad Duncan
TA551 (Shathak) continues pushing BazarLoader, infections lead to Cobalt Strike
2021-02-02
Xavier Mertens
New Example of XSL Script Processing aka "Mitre T1220"
2021-01-26
Brad Duncan
TA551 (Shathak) Word docs push Qakbot (Qbot)
2020-10-14
Brad Duncan
More TA551 (Shathak) Word docs push IcedID (Bokbot)
2020-08-07
Brad Duncan
TA551 (Shathak) Word docs push IcedID (Bokbot)
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Forums
Auditing
Diary Discussions
Forensics
General Discussions
Industry News
Network Security
Penetration Testing
Software Security
Contact Us
Contact Us
About Us
Handlers
Slack Channel
Mastodon
Twitter
Have you seen our swag?
Buy SANS ISC Gear