Diaries by Keyword - SANS Internet Storm Center

Participate: Learn more about our honeypot network
https://isc.sans.edu/tools/honeypot/

Handler on Duty: Tom Webb

Threat Level: green

Date	Author	Title
2023-05-30	Johannes Ullrich	Your Business Data and Machine Learning at Risk: Attacks Against Apache NiFi
2023-05-03	Xavier Mertens	Increased Number of Configuration File Scans
2022-09-01	Johannes Ullrich	Jolokia Scans: Possible Hunt for Vulnerable Apache Geode Servers (CVE-2022-37021)
2021-10-16	Guy Bruneau	Apache is Actively Scan for CVE-2021-41773 & CVE-2021-42013
2021-10-06	Johannes Ullrich	Apache 2.4.49 Directory Traversal Vulnerability (CVE-2021-41773)
2021-08-24	Johannes Ullrich	Attackers Hunting For Twilio Credentials
2018-06-06	Xavier Mertens	Converting PCAP Web Traffic to Apache Log
2016-07-05	Johannes Ullrich	Apache Update: TLS Certificate Authentication Bypass with HTTP/2 (CVE-2016-4979)
2015-10-12	Guy Bruneau	Critical Vulnerability in Multiple Cisco Products - Apache Struts 2 Command Execution http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-struts2
2014-07-28	Johannes Ullrich	Interesting HTTP User Agent "chroot-apach0day"
2014-03-17	Jim Clausing	New Apache web server release
2014-03-13	Daniel Wesemann	Web server logs containing RS=^ ?
2013-11-27	Rob VandenBrink	Apache 2.4.7 is released 11/25. Download: http://httpd.apache.org/download.cgi#apache24 and Readme: http://apache.mirror.iweb.ca//httpd/CHANGES_2.4.7
2013-04-30	Russ McRee	Apache binary backdoor adds malicious redirect to Blackhole
2012-02-22	Johannes Ullrich	Apache 2.4 Features
2011-10-06	Rob VandenBrink	Apache HTTP Server mod_proxy reverse proxy issue
2011-08-30	Johannes Ullrich	Apache patch out for "byte range" DoS vulnerability http://www.apache.org/dist/httpd/Announcement2.2.html
2011-08-25	Kevin Shortt	Revival of an Unpatched Apache HTTPD DoS
2010-04-13	Johannes Ullrich	Apache.org Bugtracker Breach
2010-03-07	Mari Nichols	Apache releases version 2.2.15 with 5 security fixes including OpenSSL issue.
2010-01-25	William Salusky	"Bots and Spiders and Crawlers, be gone!" - or - "New Open Source WebAppSec tools, Huzzah!"
2009-10-14	Johannes Ullrich	Odd Apache/MSIE issue with downloads from ISC
2009-08-28	Adrien de Beaupre	apache.org compromised
2009-06-23	Bojan Zdrnja	Slowloris and Iranian DDoS attacks
2009-06-21	Bojan Zdrnja	Apache HTTP DoS tool mitigation
2009-06-18	Bojan Zdrnja	Apache HTTP DoS tool released
2009-04-07	Johannes Ullrich	Common Apache Misconception
2009-01-12	William Salusky	Web Application Firewalls (WAF) - Have you deployed WAF technology?
2008-10-09	Bojan Zdrnja	Watch that .htaccess file on your web site