Internet Storm Center
Sign In
Sign Up
Watch ISC TV. Great for NOCs, SOCs and Living Rooms:
https://isctv.sans.edu
Handler on Duty:
Guy Bruneau
Threat Level:
green
Date
Author
Title
USE CASE
2017-06-17
Guy Bruneau
Mapping Use Cases to Logs. Which Logs are the Most Important to Collect?
USE
2022-01-05/a>
Xavier Mertens
Code Reuse In the Malware Landscape
2021-09-24/a>
Xavier Mertens
Keep an Eye on Your Users Mobile Devices (Simple Inventory)
2021-04-24/a>
Guy Bruneau
Base64 Hashes Used in Web Scanning
2021-03-02/a>
Russ McRee
Adversary Simulation with Sim
2020-04-03/a>
Xavier Mertens
Obfuscated with a Simple 0x0A
2019-12-12/a>
Xavier Mertens
Code & Data Reuse in the Malware Ecosystem
2019-07-25/a>
Rob VandenBrink
When Users Attack! Users (and Admins) Thwarting Security Controls
2019-07-05/a>
Didier Stevens
A "Stream O" Maldoc
2019-07-01/a>
Didier Stevens
Maldoc: Payloads in User Forms
2018-05-27/a>
Guy Bruneau
Capture and Analysis of User Agents
2018-01-01/a>
Didier Stevens
What is new?
2017-12-19/a>
Xavier Mertens
Example of 'MouseOver' Link in a Powerpoint File
2017-06-17/a>
Guy Bruneau
Mapping Use Cases to Logs. Which Logs are the Most Important to Collect?
2014-11-04/a>
Daniel Wesemann
Whois someone else?
2014-04-05/a>
Jim Clausing
Those strange e-mails with URLs in them can lead to Android malware
2013-11-22/a>
Rick Wanner
Tales of Password Reuse
2013-02-19/a>
Johannes Ullrich
EDUCAUSE Breach
2013-01-15/a>
Rob VandenBrink
When Disabling IE6 (or Java, or whatever) is not an Option...
2012-09-21/a>
Guy Bruneau
Storing your Collection of Malware Samples with Malwarehouse
2012-07-14/a>
Tony Carothers
User Awareness and Education
2012-04-05/a>
Johannes Ullrich
Evil hides everywhere: Web Application Exploits in Headers
2011-08-26/a>
Daniel Wesemann
User Agent 007
2011-08-09/a>
Swa Frantzen
abuse handling
2010-10-19/a>
Rob VandenBrink
Cyber Security Awareness Month - Day 19 - Remote User VPN Tunnels - to Split or not to Split?
2010-10-19/a>
Rob VandenBrink
Cyber Security Awareness Month - Day 19 - Remote User VPN Access – Are things getting too easy, or too hard?
2010-06-01/a>
Mark Hofman
SPF how useful is it?
2009-12-19/a>
Deborah Hale
Frustrations of ISP Abuse Handling
2009-11-03/a>
Andre Ludwig
SURBL now posting abuse statistics for TLD's
2009-05-28/a>
Jim Clausing
More new volatility plugins
2009-04-06/a>
Adrien de Beaupre
Abuse addresses
2008-09-18/a>
Bojan Zdrnja
Monitoring HTTP User-Agent fields
2008-04-10/a>
Deborah Hale
Abuse Contacts
CASE
2017-06-17/a>
Guy Bruneau
Mapping Use Cases to Logs. Which Logs are the Most Important to Collect?
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Forums
Auditing
Diary Discussions
Forensics
General Discussions
Industry News
Network Security
Penetration Testing
Software Security
Contact Us
Contact Us
About Us
Handlers
Slack Channel
Mastodon
Twitter
Follow the Internet Storm Center on
Twitter
