Internet Storm Center
Sign In
Sign Up
Handler on Duty:
Xavier Mertens
Threat Level:
green
Date
Author
Title
2024-11-22
Xavier Mertens
An Infostealer Searching for « BIP-0039 » Data
2024-11-07
Xavier Mertens
Steam Account Checker Poisoned with Infostealer
2024-10-31
Guy Bruneau
October 2024 Activity with Username chenzilong
2024-10-09
Xavier Mertens
From Perfctl to InfoStealer
2024-09-18
Guy Bruneau
Time-to-Live Analysis of DShield Data with Vega-Lite
2024-09-18
Xavier Mertens
Python Infostealer Patching Windows Exodus App
2024-08-27
Xavier Mertens
Why Is Python so Popular to Infect Windows Hosts?
2024-05-31
Xavier Mertens
"K1w1" InfoStealer Uses gofile.io for Exfiltration
2024-05-22
Rob VandenBrink
NMAP Scanning without Scanning (Part 2) - The ipinfo API
2024-02-20
Xavier Mertens
Python InfoStealer With Dynamic Sandbox Detection
2024-01-25
Xavier Mertens
Facebook AdsManager Targeted by a Python Infostealer
2023-12-22
Xavier Mertens
Shall We Play a Game?
2023-09-29
Xavier Mertens
Are You Still Storing Passwords In Plain Text Files?
2023-06-19
Xavier Mertens
Malware Delivered Through .inf File
2023-05-04
Xavier Mertens
Infostealer Embedded in a Word Document
2023-03-12
Guy Bruneau
AsynRAT Trojan - Bill Payment (Pago de la factura)
2023-03-01
Xavier Mertens
Python Infostealer Targeting Gamers
2023-02-18
Guy Bruneau
Spear Phishing Handlers for Username/Password
2023-02-04
Guy Bruneau
Assemblyline as a Malware Analysis Sandbox
2023-01-21
Guy Bruneau
DShield Sensor JSON Log to Elasticsearch
2023-01-08
Guy Bruneau
DShield Sensor JSON Log Analysis
2022-12-21
Guy Bruneau
DShield Sensor Setup in Azure
2022-12-18
Guy Bruneau
Infostealer Malware with Double Extension
2022-08-13
Guy Bruneau
Phishing HTML Attachment as Voicemail Audio Transcription
2022-08-11
Xavier Mertens
InfoStealer Script Based on Curl and NSudo
2022-03-23
Brad Duncan
Arkei Variants: From Vidar to Mars Stealer
2022-03-09
Xavier Mertens
Infostealer in a Batch File
2022-02-13
Guy Bruneau
DHL Spear Phishing to Capture Username/Password
2021-12-21
Xavier Mertens
More Undetected PowerShell Dropper
2021-12-14
Johannes Ullrich
Log4j: Getting ready for the long haul (CVE-2021-44228)
2021-12-01
Xavier Mertens
Info-Stealer Using webhook.site to Exfiltrate Data
2021-05-08
Guy Bruneau
Who is Probing the Internet for Research Purposes?
2021-04-06
Jan Kopriva
Malspam with Lokibot vs. Outlook and RFCs
2021-03-31
Xavier Mertens
Quick Analysis of a Modular InfoStealer
2021-03-12
Guy Bruneau
Microsoft DHCP Logs Shipped to ELK
2020-12-29
Jan Kopriva
Want to know what's in a folder you don't have a permission to access? Try asking your AV solution...
2020-09-17
Xavier Mertens
Suspicious Endpoint Containment with OSSEC
2019-11-27
Brad Duncan
Finding an Agent Tesla malware sample
2019-10-09
Brad Duncan
What data does Vidar malware steal from an infected host?
2019-01-24
Brad Duncan
Malspam with Word docs uses macro to run Powershell script and steal system data
2018-11-11
Pasquale Stirparo
Community contribution: joining forces or multiply solutions?
2017-05-06
Xavier Mertens
The story of the CFO and CEO...
2016-10-02
Guy Bruneau
Is there an Infosec Cybersecurity Talent Shortage?
2015-01-23
Adrien de Beaupre
Infocon change to yellow for Adobe Flash issues
2014-09-26
Richard Porter
Why We Have Moved to InfoCon:Yellow
2014-05-22
Johannes Ullrich
Discontinuing Support for ISC Alert Task Bar Icon
2014-04-26
Guy Bruneau
New Project by Linux Foundation - Core Infrastructure Initiative
2014-04-14
Kevin Shortt
INFOCon Green: Heartbleed - on the mend
2013-02-17
Guy Bruneau
HP ArcSight Connector Appliance and Logger Vulnerabilities
2012-03-16
Swa Frantzen
INFOCON Yellow - Microsoft RDP - MS12-020
2012-01-19
Chris Mohan
WHOIS contacts are your friends
2012-01-13
Guy Bruneau
Sysinternals Updates - http://blogs.technet.com/b/sysinternals/archive/2012/01/13/updates-autoruns-v11-21-coreinfo-v3-03-portmon-v-3-03-process-explorer-v15-12-mark-s-blog-and-mark-at-rsa-2012.aspx
2011-08-15
Rob VandenBrink
8 Years since the Eastern Seaboard Blackout - Has it Been that Long?
2011-02-05
Guy Bruneau
OpenSSH Legacy Certificate Information Disclosure Vulnerability
2011-01-12
Richard Porter
How Many Loyalty Cards do you Carry?
2010-12-26
Manuel Humberto Santander Pelaez
ISC infocon monitor app for OS X
2010-10-22
Manuel Humberto Santander Pelaez
Intypedia project
2010-08-05
Rob VandenBrink
Access Controls for Network Infrastructure
2010-07-24
Manuel Humberto Santander Pelaez
Transmiting logon information unsecured in the network
2010-07-20
Manuel Humberto Santander Pelaez
Lowering infocon back to green
2010-06-15
Manuel Humberto Santander Pelaez
iPhone 4 Order Security Breach Exposes Private Information
2010-04-21
Guy Bruneau
Google Chrome Security Update v4.1.249.1059 Released: http://googlechromereleases.blogspot.com/2010/04/stable-update-security-fixes.html
2010-03-27
Guy Bruneau
HP-UX Running NFS/ONCplus, Inadvertently Enabled NFS
2010-01-17
Mark Hofman
Why not Yellow?
2009-11-29
Patrick Nolan
A Cloudy Weekend
2009-10-22
Adrien de Beaupre
Sysinternals updates: Disk2vhd v1.1, ZoomIt v4.1, Coreinfo v2.0, VMMap v2.4
2009-10-04
Guy Bruneau
Samba Security Information Disclosure and DoS
2009-10-02
Stephen Hall
New SysInternal fun for the weekend
2009-09-05
Mark Hofman
Critical Infrastructure and dependencies
2009-08-01
Deborah Hale
Website Warnings
2009-07-13
Adrien de Beaupre
* Infocon raised to yellow for Excel Web Components ActiveX vulnerability
2009-07-10
Guy Bruneau
WordPress Fixes Multiple vulnerabilities
2009-07-07
Marcus Sachs
* INFOCON Status - staying green
2009-06-11
Rick Wanner
MIR-ROR Motile Incident Response - Respond Objectively Remediate
2009-03-02
Swa Frantzen
Obama's leaked chopper blueprints: anything we can learn?
2008-09-11
David Goldsmith
CookieMonster is coming to Pown (err, Town)
2008-08-12
Johannes Ullrich
Upcoming Infocon Test and new Color
2008-07-02
Jim Clausing
Another little script I threw together
2008-06-25
Deborah Hale
Report of Coreflood.dr Infection
2008-04-07
John Bambenek
HP USB Keys Shipped with Malware for your Proliant Server
2006-10-02
Jim Clausing
Back to green, but the exploits are still running wild
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
Follow updates by subscribing to the handler's
diary RSS feed