Diaries by Keyword - SANS Internet Storm Center

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Handler on Duty: Didier Stevens

Threat Level: green

Date	Author	Title
2023-02-04	Guy Bruneau	Assemblyline as a Malware Analysis Sandbox
2022-11-10	Xavier Mertens	Do you collect "Observables" or "IOCs"?
2022-01-29	Guy Bruneau	SIEM In this Decade, Are They Better than the Last?
2021-09-09	Johannes Ullrich	Updates to Our Datafeeds/API
2021-01-15	Guy Bruneau	Obfuscated DNS Queries
2021-01-02	Guy Bruneau	Protecting Home Office and Enterprise in 2021
2020-12-05	Guy Bruneau	Is IP 91.199.118.137 testing Access to aahwwx.52host.xyz?
2020-12-04	Guy Bruneau	Detecting Actors Activity with Threat Intel
2020-07-28	Johannes Ullrich	All I want this Tuesday: More Data
2018-11-20	Xavier Mertens	Querying DShield from Cortex
2018-11-11	Pasquale Stirparo	Community contribution: joining forces or multiply solutions?
2018-10-17	Russ McRee	RedHunt Linux - Adversary Emulation, Threat Hunting & Intelligence
2018-07-29	Guy Bruneau	Using RITA for Threat Analysis
2018-01-13	Rick Wanner	Flaw in Intel's Active Management Technology (AMT)
2017-09-18	Xavier Mertens	Getting some intelligence from malspam
2017-05-31	Pasquale Stirparo	Analysis of Competing Hypotheses, WCry and Lazarus (ACH part 2)
2017-05-28	Pasquale Stirparo	Analysis of Competing Hypotheses (ACH part 1)
2016-09-25	Pasquale Stirparo	Defining Threat Intelligence Requirements
2016-07-31	Pasquale Stirparo	Sharing (intel) is caring... or not?
2016-05-02	Rick Wanner	Lean Threat Intelligence
2016-03-21	Xavier Mertens	IP Addresses Triage
2015-08-16	Guy Bruneau	Are you a "Hunter"?
2014-12-23	John Bambenek	How I learned to stop worrying and love malware DGAs....
2014-08-04	Russ McRee	Threats & Indicators: A Security Intelligence Lifecycle
2013-10-30	Russ McRee	SIR v15: Five good reasons to leave Windows XP behind
2013-07-19	Stephen Hall	Cyber Intelligence Tsunami
2013-07-18	Chris Mohan	Blog Spam - annoying junk or a source of intelligence?
2013-04-23	Russ McRee	Microsoft's Security Intelligence Report (SIRv14) released
2013-02-06	Johannes Ullrich	Intel Network Card (82574L) Packet of Death
2012-12-20	Daniel Wesemann	White House strategy on security information sharing and safeguarding
2011-02-25	Johannes Ullrich	Thunderbolt Security Speculations
2010-12-19	Raul Siles	Intel's new processors have a remote kill switch (Anti-Theft 3.0)
2009-06-16	John Bambenek	Iran Internet Blackout: Using Twitter for Operational Intelligence
2009-01-31	John Bambenek	Google Search Engine's Malware Detection Broken
2008-11-12	John Bambenek	Thoughts on Security Intelligence (McColo Corp alleged spam/malware host knocked offline)
2008-10-30	Kevin Liston	Making Intelligence Actionable: Part 2