Internet Storm Center
Sign In
Sign Up
Watch ISC TV. Great for NOCs, SOCs and Living Rooms:
https://isctv.sans.edu
Handler on Duty:
Xavier Mertens
Threat Level:
green
Date
Author
Title
2023-02-24
Brad Duncan
URL files and WebDAV used for IcedID (Bokbot) infection
2022-08-24
Brad Duncan
Monster Libra (TA551/Shathak) --> IcedID (Bokbot) --> Cobalt Strike & DarkVNC
2022-08-12
Brad Duncan
Monster Libra (TA551/Shathak) pushes IcedID (Bokbot) with Dark VNC and Cobalt Strike
2022-07-27
Brad Duncan
IcedID (Bokbot) with Dark VNC and Cobalt Strike
2021-12-16
Brad Duncan
How the "Contact Forms" campaign tricks people
2021-12-02
Brad Duncan
TA551 (Shathak) pushes IcedID (Bokbot)
2020-10-14
Brad Duncan
More TA551 (Shathak) Word docs push IcedID (Bokbot)
2020-07-15
Brad Duncan
Word docs with macros for IcedID (Bokbot)
2020-05-20
Brad Duncan
Microsoft Word document with malicious macro pushes IcedID (Bokbot)
2019-12-24
Brad Duncan
Malspam with links to Word docs pushes IcedID (Bokbot)
2019-03-06
Brad Duncan
Malspam with password-protected word docs still pushing IcedID (Bokbot) with Trickbot
2019-01-16
Brad Duncan
Emotet infections and follow-up malware
2018-12-18
Brad Duncan
Malspam links to password-protected Word docs that push IcedID (Bokbot)
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Forums
Auditing
Diary Discussions
Forensics
General Discussions
Industry News
Network Security
Penetration Testing
Software Security
Contact Us
Contact Us
About Us
Handlers
Slack Channel
Mastodon
Twitter
This site is powered by
your submissions
, so tell us
what you see happening