Diaries by Keyword - Internet Security

Date	Author	Title
MALWARE ADVISORY
2013-08-29	Russ McRee	Suspect Sendori software
2010-06-17	Deborah Hale	FYI - Another bogus site
MALWARE
2019-10-18/a>	Xavier Mertens	Quick Malicious VBS Analysis
2019-10-03/a>	Xavier Mertens	"Lost_Files" Ransomware
2019-09-19/a>	Xavier Mertens	Agent Tesla Trojan Abusing Corporate Email Accounts
2019-09-12/a>	Xavier Mertens	Rig Exploit Kit Delivering VBScript
2019-09-06/a>	Xavier Mertens	PowerShell Script with a builtin DLL
2019-09-05/a>	Xavier Mertens	Private IP Addresses in Malware Samples?
2019-08-30/a>	Xavier Mertens	Malware Dropping a Local Node.js Instance
2019-08-28/a>	Xavier Mertens	Malware Samples Compiling Their Next Stage on Premise
2019-08-22/a>	Xavier Mertens	Simple Mimikatz & RDPWrapper Dropper
2019-08-18/a>	Didier Stevens	Video: Analyzing DAA Files
2019-08-16/a>	Didier Stevens	The DAA File Format
2019-08-12/a>	Didier Stevens	Malicious .DAA Attachments
2019-07-18/a>	Xavier Mertens	Malicious PHP Script Back on Stage?
2019-07-11/a>	Xavier Mertens	Russian Dolls Malicious Script Delivering Ursnif
2019-07-02/a>	Xavier Mertens	Malicious Script With Multiple Payloads
2019-06-14/a>	Jim Clausing	A few Ghidra tips for IDA users, part 4 - function call graphs
2019-06-10/a>	Xavier Mertens	Interesting JavaScript Obfuscation Example
2019-05-29/a>	Xavier Mertens	Behavioural Malware Analysis with Microsoft ASA
2019-05-13/a>	Xavier Mertens	From Phishing To Ransomware?
2019-05-03/a>	Jim Clausing	A few Ghidra tips for IDA users, part 3 - conversion, labels, and comments
2019-05-01/a>	Xavier Mertens	Another Day, Another Suspicious UDF File
2019-04-19/a>	Didier Stevens	Analyzing UDF Files with Python
2019-04-17/a>	Jim Clausing	A few Ghidra tips for IDA users, part 2 - strings and parameters
2019-04-17/a>	Xavier Mertens	Malware Sample Delivered Through UDF Image
2019-04-08/a>	Jim Clausing	A few Ghidra tips for IDA users, part 1 - the decompiler/unreachable code
2019-04-03/a>	Jim Clausing	A few Ghidra tips for IDA users, part 0 - automatic comments for API call parameters
2019-03-30/a>	Didier Stevens	"404" is not Malware
2019-03-10/a>	Didier Stevens	Malicious HTA Analysis by a Reader
2019-03-10/a>	Didier Stevens	Quick and Dirty Malicious HTA Analysis
2019-02-14/a>	Xavier Mertens	Old H-Worm Delivered Through GitHub
2019-01-06/a>	Didier Stevens	Malicious .tar Attachments
2019-01-05/a>	Didier Stevens	A Malicious JPEG? Second Example
2019-01-04/a>	Didier Stevens	A Malicious JPEG?
2019-01-02/a>	Xavier Mertens	Malicious Script Leaking Data via FTP
2018-12-09/a>	Didier Stevens	Quickie: String Analysis is Still Useful
2018-12-08/a>	Didier Stevens	Reader Malware Submission: MHT File Inside a ZIP File
2018-11-27/a>	Xavier Mertens	More obfuscated shell scripts: Fake MacOS Flash update
2018-11-26/a>	Xavier Mertens	Obfuscated bash script targeting QNap boxes
2018-11-22/a>	Xavier Mertens	Divided Payload in Multiple Pasties
2018-11-06/a>	Xavier Mertens	Malicious Powershell Script Dissection
2018-10-23/a>	Xavier Mertens	Diving into Malicious AutoIT Code
2018-10-22/a>	Xavier Mertens	Malicious Powershell using a Decoy Picture
2018-10-21/a>	Pasquale Stirparo	Beyond good ol’ LaunchAgent - part 0
2018-10-12/a>	Xavier Mertens	More Equation Editor Exploit Waves
2018-09-28/a>	Xavier Mertens	More Excel DDE Code Injection
2018-09-22/a>	Didier Stevens	Suspicious DNS Requests ... Issued by a Firewall
2018-09-16/a>	Didier Stevens	20/20 malware vision
2018-09-13/a>	Xavier Mertens	Malware Delivered Through MHT Files
2018-09-05/a>	Xavier Mertens	Malicious PowerShell Compiling C# Code on the Fly
2018-08-31/a>	Jim Clausing	Quickie: Using radare2 to disassemble shellcode
2018-08-30/a>	Xavier Mertens	Crypto Mining Is More Popular Than Ever!
2018-08-26/a>	Didier Stevens	Identifying numeric obfuscation
2018-08-26/a>	Didier Stevens	"When was this machine infected?"
2018-08-24/a>	Xavier Mertens	Microsoft Publisher Files Delivering Malware
2018-08-21/a>	Xavier Mertens	Malicious DLL Loaded Through AutoIT
2018-08-06/a>	Didier Stevens	Numeric obfuscation: another example
2018-08-04/a>	Didier Stevens	Dealing with numeric obfuscation in malicious scripts
2018-08-02/a>	Brad Duncan	DHL-themed malspam reveals embedded malware in animated gif
2018-07-26/a>	Xavier Mertens	Windows Batch File Deobfuscation
2018-07-09/a>	Renato Marinho	Criminals Don't Read Instructions or Use Strong Passwords
2018-06-07/a>	Remco Verhoef	Automated twitter loot collection
2018-06-05/a>	Xavier Mertens	Malicious Post-Exploitation Batch File
2018-06-01/a>	Remco Verhoef	Binary analysis with Radare2
2018-05-22/a>	Xavier Mertens	Malware Distributed via .slk Files
2018-05-19/a>	Xavier Mertens	Malicious Powershell Targeting UK Bank Customers
2018-05-09/a>	Xavier Mertens	Nice Phishing Sample Delivering Trickbot
2018-05-07/a>	Xavier Mertens	Adding Persistence Via Scheduled Tasks
2018-05-01/a>	Xavier Mertens	Diving into a Simple Maldoc Generator
2018-02-20/a>	Renato Marinho	Statically Unpacking a Brazilian Banker Malware
2018-02-17/a>	Xavier Mertens	Malware Delivered via Windows Installer Files
2018-02-02/a>	Xavier Mertens	Simple but Effective Malicious XLS Sheet
2018-01-28/a>	Didier Stevens	Is this a pentest?
2018-01-26/a>	Xavier Mertens	Investigating Microsoft BITS Activity
2018-01-25/a>	Xavier Mertens	Ransomware as a Service
2018-01-11/a>	Xavier Mertens	Mining or Nothing!
2017-12-19/a>	Xavier Mertens	Example of 'MouseOver' Link in a Powerpoint File
2017-12-16/a>	Xavier Mertens	Microsoft Office VBA Macro Obfuscation via Metadata
2017-11-29/a>	Xavier Mertens	Fileless Malicious PowerShell Sample
2017-11-16/a>	Xavier Mertens	Suspicious Domains Tracking Dashboard
2017-11-15/a>	Xavier Mertens	If you want something done right, do it yourself!
2017-11-13/a>	Guy Bruneau	VBE Embeded Script (info.zip)
2017-11-07/a>	Xavier Mertens	Interesting VBA Dropper
2017-11-03/a>	Xavier Mertens	Simple Analysis of an Obfuscated JAR File
2017-10-31/a>	Xavier Mertens	Some Powershell Malicious Code
2017-10-29/a>	Didier Stevens	Remember ACE files?
2017-10-24/a>	Xavier Mertens	BadRabbit: New ransomware wave hitting RU & UA
2017-10-15/a>	Didier Stevens	Peeking into .msg files
2017-09-09/a>	Didier Stevens	Malware analysis output sanitization
2017-09-02/a>	Xavier Mertens	AutoIT based malware back in the wild
2017-08-26/a>	Didier Stevens	Malware analysis: searching for dots
2017-08-25/a>	Xavier Mertens	Malicious AutoIT script delivered in a self-extracting RAR file
2017-08-23/a>	Xavier Mertens	Malicious script dropping an executable signed by Avast?
2017-08-18/a>	Renato Marinho	EngineBox Malware Supports 10+ Brazilian Banks
2017-07-21/a>	Didier Stevens	Malicious .iso Attachments
2017-07-09/a>	Russ McRee	Adversary hunting with SOF-ELK
2017-07-05/a>	Didier Stevens	Selecting domains with random names
2017-06-22/a>	Xavier Mertens	Obfuscating without XOR
2017-06-06/a>	Didier Stevens	Malware and XOR - Part 2
2017-06-05/a>	Didier Stevens	Malware and XOR - Part 1
2017-05-16/a>	Russ McRee	WannaCry? Do your own data analysis.
2017-05-13/a>	Guy Bruneau	Microsoft Released Guidance for WannaCrypt
2017-04-28/a>	Xavier Mertens	Another Day, Another Obfuscation Technique
2017-04-19/a>	Xavier Mertens	Hunting for Malicious Excel Sheets
2017-04-05/a>	Xavier Mertens	Whitelists: The Holy Grail of Attackers
2017-03-18/a>	Xavier Mertens	Example of Multiple Stages Dropper
2017-03-12/a>	Guy Bruneau	Honeypot Logs and Tracking a VBE Script
2017-03-08/a>	Xavier Mertens	Not All Malware Samples Are Complex
2017-02-05/a>	Xavier Mertens	Many Malware Samples Found on Pastebin
2017-01-31/a>	Johannes Ullrich	Malicious Office files using fileless UAC bypass to drop KEYBASE malware
2017-01-24/a>	Xavier Mertens	Malicious SVG Files in the Wild
2017-01-06/a>	John Bambenek	Ransomware Operators Cold Calling UK Schools to Get Malware Through
2017-01-05/a>	John Bambenek	New Year's Resolution: Build Your Own Malware Lab?
2017-01-01/a>	Didier Stevens	py2exe Decompiling - Part 1
2016-12-13/a>	Xavier Mertens	UAC Bypass in JScript Dropper
2016-11-11/a>	Rick Wanner	Benevolent malware? reincarna/Linux.Wifatch
2016-10-30/a>	Pasquale Stirparo	Volatility Bot: Automated Memory Analysis
2016-09-30/a>	Xavier Mertens	Another Day, Another Malicious Behaviour
2016-09-13/a>	Rob VandenBrink	If it's Free, YOU are the Product
2016-09-05/a>	Xavier Mertens	Malware Delivered via '.pub' Files
2016-09-01/a>	Xavier Mertens	Maxmind.com (Ab)used As Anti-Analysis Technique
2016-08-25/a>	Xavier Mertens	Out-of-Band iOS Patch Fixes 0-Day Vulnerabilities
2016-08-24/a>	Xavier Mertens	Example of Targeted Attack Through a Proxy PAC File
2016-08-23/a>	Xavier Mertens	Voice Message Notifications Deliver Ransomware
2016-08-01/a>	Daniel Wesemann	Are you getting I-CANNED ?
2016-07-27/a>	Xavier Mertens	Analyze of a Linux botnet client source code
2016-07-25/a>	Didier Stevens	Python Malware - Part 4
2016-07-16/a>	Didier Stevens	Python Malware - Part 3
2016-07-12/a>	Xavier Mertens	Hunting for Malicious Files with MISP + OSSEC
2016-06-20/a>	Xavier Mertens	Ongoing Spam Campaign Related to Swift
2016-06-18/a>	Rob VandenBrink	Controlling JavaScript Malware Before it Runs
2016-05-15/a>	Didier Stevens	Python Malware - Part 1
2016-05-13/a>	Xavier Mertens	MISP - Malware Information Sharing Platform
2016-05-05/a>	Xavier Mertens	Microsoft BITS Used to Download Payloads
2016-05-02/a>	Rick Wanner	Fake Chrome update for Android
2016-04-21/a>	Daniel Wesemann	Decoding Pseudo-Darkleech (#1)
2016-04-21/a>	Daniel Wesemann	Decoding Pseudo-Darkleech (Part #2)
2016-04-10/a>	Didier Stevens	Handling Malware Samples
2016-03-07/a>	Xavier Mertens	Another Malicious Document, Another Way to Deliver Malicious Code
2016-02-24/a>	Xavier Mertens	Analyzis of a Malicious .lnk File with an Embedded Payload
2016-02-18/a>	Xavier Mertens	Hunting for Executable Code in Windows Environments
2016-02-11/a>	Tom Webb	Tomcat IR with XOR.DDoS
2016-01-24/a>	Didier Stevens	Obfuscated MIME Files
2016-01-15/a>	Xavier Mertens	JavaScript Deobfuscation Tool
2016-01-01/a>	Didier Stevens	Failure Is An Option
2015-12-26/a>	Didier Stevens	Malfunctioning Malware
2015-12-16/a>	Xavier Mertens	Playing With Sandboxes Like a Boss
2015-12-06/a>	Mark Hofman	Malware SPAM a new run has started.
2015-11-09/a>	John Bambenek	Protecting Users and Enterprises from the Mobile Malware Threat
2015-09-29/a>	Pedro Bueno	Tricks for DLL analysis
2015-09-28/a>	Johannes Ullrich	"Transport of London" Malicious E-Mail
2015-09-21/a>	Xavier Mertens	Detecting XCodeGhost Activity
2015-04-24/a>	Basil Alawi S.Taher	Fileless Malware
2015-04-09/a>	Brad Duncan	An example of the malicious emails sometimes sent to the ISC handler addresses
2015-03-18/a>	Daniel Wesemann	New SANS memory forensics poster
2015-03-14/a>	Didier Stevens	Maldoc VBA Sandbox/Virtualization Detection
2015-03-08/a>	Brad Duncan	What Happened to You, Asprox Botnet?
2015-02-19/a>	Daniel Wesemann	Macros? Really?!
2014-10-03/a>	Johannes Ullrich	CSAM: The Power of Virustotal to Turn Harmless Binaries Malicious
2014-09-22/a>	Johannes Ullrich	Fake LogMeIn Certificate Update with Bad AV Detection Rate
2014-08-06/a>	Chris Mohan	Free Service to Help CryptoLocker Victims by FireEye and Fox-IT
2014-07-22/a>	Daniel Wesemann	Ivan's Order of Magnitude
2014-07-19/a>	Russ McRee	Keeping the RATs out: the trap is sprung - Part 3
2014-07-18/a>	Russ McRee	Keeping the RATs out: **it happens - Part 2
2014-07-18/a>	Russ McRee	Gameover Zeus reported as "returned from the dead"
2014-07-16/a>	Russ McRee	Keeping the RATs out: an exercise in building IOCs - Part 1
2014-07-05/a>	Guy Bruneau	Malware Analysis with pedump
2014-06-22/a>	Russ McRee	OfficeMalScanner helps identify the source of a compromise
2014-06-08/a>	Guy Bruneau	efax Spam Containing Malware
2014-04-06/a>	Basil Alawi S.Taher	"Power Worm" PowerShell based Malware
2014-04-05/a>	Jim Clausing	Those strange e-mails with URLs in them can lead to Android malware
2014-03-04/a>	Daniel Wesemann	XPired!
2014-02-28/a>	Daniel Wesemann	Fiesta!
2014-01-19/a>	Rick Wanner	Anatomy of a Malware distribution campaign
2013-12-24/a>	Daniel Wesemann	Mr Jones wants you to appear in court!
2013-12-23/a>	Daniel Wesemann	Costco, BestBuy, Walmart really want to send you a package!
2013-12-07/a>	Guy Bruneau	Suspected Active Rovnix Botnet Controller
2013-11-02/a>	Rick Wanner	Protecting Your Family's Computers
2013-10-31/a>	Russ McRee	Happy Halloween: The Ghost Really May Be In The Machine
2013-10-30/a>	Russ McRee	SIR v15: Five good reasons to leave Windows XP behind
2013-10-28/a>	Daniel Wesemann	Exploit cocktail (Struts, Java, Windows) going after 3-month old vulnerabilities
2013-10-24/a>	Johannes Ullrich	False Positive: php.net Malware Alert
2013-09-30/a>	Adrien de Beaupre	Twitter DM spam/malware
2013-09-12/a>	Daniel Wesemann	37.58.73.42 / 95.156.228.69 / 195.210.43.42, anyone?
2013-09-10/a>	Swa Frantzen	Macs need to patch too!
2013-08-29/a>	Russ McRee	Suspect Sendori software
2013-07-04/a>	Russ McRee	Celebrating 4th of July With a Malware PCAP Visualization
2013-06-18/a>	Russ McRee	Volatility rules...any questions?
2013-05-21/a>	Adrien de Beaupre	Moore, Oklahoma tornado charitable organization scams, malware, and phishing
2013-05-17/a>	Daniel Wesemann	e-netprotections.su ?
2013-05-16/a>	Daniel Wesemann	Extracting signatures from Apple .apps
2013-05-11/a>	Lenny Zeltser	Extracting Digital Signatures from Signed Malware
2013-05-01/a>	Daniel Wesemann	The cost of cleaning up
2013-04-10/a>	Manuel Humberto Santander Pelaez	Massive Google scam sent by email to Colombian domains
2013-03-22/a>	Mark Baggett	Wipe the drive! Stealthy Malware Persistence - Part 4
2013-03-20/a>	Mark Baggett	Wipe the drive! Stealthy Malware Persistence - Part 3
2013-03-19/a>	Johannes Ullrich	Scam of the day: More fake CNN e-mails
2013-03-15/a>	Mark Baggett	AVG detect legit file as virus
2013-03-14/a>	Mark Baggett	Wipe the drive! Stealthy Malware Persistence - Part 2
2013-03-13/a>	Mark Baggett	Wipe the drive! Stealthy Malware Persistence Mechanism - Part 1
2013-02-25/a>	Johannes Ullrich	Mass-Customized Malware Lures: Don't trust your cat!
2013-01-08/a>	Jim Clausing	Cuckoo 0.5 is out and the world didn't end
2012-12-18/a>	Rob VandenBrink	All I Want for Christmas is to Not Get Hacked !
2012-12-03/a>	Kevin Liston	Mobile Malware: Request for Field Reports
2012-11-02/a>	Daniel Wesemann	Lamiabiocasa
2012-11-01/a>	Daniel Wesemann	Patched your Java yet?
2012-10-14/a>	Pedro Bueno	Cyber Security Awareness Month - Day 14 - Poor Man's File Analysis System - Part 1
2012-09-21/a>	Guy Bruneau	Storing your Collection of Malware Samples with Malwarehouse
2012-09-14/a>	Lenny Zeltser	Analyzing Malicious RTF Files Using OfficeMalScanner's RTFScan
2012-07-21/a>	Rick Wanner	OpenDNS is looking for a few good malware people!
2012-07-05/a>	Adrien de Beaupre	New OS X trojan backdoor MaControl variant reported
2012-06-27/a>	Swa Frantzen	Online Banking Heists
2012-06-26/a>	Daniel Wesemann	Run, Forest! (Update)
2012-06-25/a>	Rick Wanner	Targeted Malware for Industrial Espionage?
2012-06-25/a>	Swa Frantzen	Belgian online banking customers hacked.
2012-06-22/a>	Daniel Wesemann	Run, Forest!
2012-06-21/a>	Raul Siles	Print Bomb? (Take 2)
2012-06-21/a>	Russ McRee	Analysis of drive-by attack sample set
2012-06-19/a>	Daniel Wesemann	Vulnerabilityqueerprocessbrittleness
2012-06-04/a>	Lenny Zeltser	Decoding Common XOR Obfuscation in Malicious Code
2012-04-26/a>	Richard Porter	Define Irony: A medical device with a Virus?
2012-04-25/a>	Daniel Wesemann	Blacole's obfuscated JavaScript
2012-04-25/a>	Daniel Wesemann	Blacole's shell code
2012-04-12/a>	Guy Bruneau	HP ProCurve 5400 zl Switch, Flash Cards Infected with Malware
2012-04-12/a>	Guy Bruneau	Apple Java Updates for Mac OS X
2012-03-25/a>	Daniel Wesemann	evilcode.class
2012-03-03/a>	Jim Clausing	New automated sandbox for Android malware
2012-02-24/a>	Guy Bruneau	Flashback Trojan in the Wild
2012-02-20/a>	Pedro Bueno	Simple Malware Research Tools
2012-02-20/a>	Rick Wanner	DNSChanger resolver shutdown deadline is March 8th
2012-01-14/a>	Daniel Wesemann	Hello, Antony!
2011-12-28/a>	Daniel Wesemann	.nl.ai ?
2011-12-10/a>	Daniel Wesemann	Unwanted Presents
2011-12-07/a>	Lenny Zeltser	V8 as an Alternative to SpiderMonkey for JavaScript Deobfuscation
2011-11-04/a>	Guy Bruneau	Duqu Mitigation
2011-10-20/a>	Johannes Ullrich	Evil Printers Sending Mail
2011-09-07/a>	Lenny Zeltser	Analyzing Mobile Device Malware - Honeynet Forensic Challenge 9 and Some Tools
2011-08-29/a>	Kevin Shortt	Internet Worm in the Wild
2011-06-15/a>	Pedro Bueno	Hit by MacDefender, Apple Web Security (name your Mac FakeAV here)...
2011-05-25/a>	Daniel Wesemann	Apple advisory on "MacDefender" malware
2011-05-19/a>	Daniel Wesemann	Fake AV Bingo
2011-05-14/a>	Guy Bruneau	Websense Study Claims Canada Next Hotbed for Cybercrime Web Hosting Activity
2011-05-03/a>	Johannes Ullrich	Update on Osama Bin Laden themed Malware
2011-05-02/a>	Johannes Ullrich	Bin Laden Death Related Malware
2011-04-23/a>	Manuel Humberto Santander Pelaez	Image search can lead to malware download
2011-03-01/a>	Daniel Wesemann	AV software and "sharing samples"
2011-02-07/a>	Pedro Bueno	The Good , the Bad and the Unknown Online Scanners
2011-02-01/a>	Lenny Zeltser	The Importance of HTTP Headers When Investigating Malicious Sites
2010-12-29/a>	Daniel Wesemann	Malware Domains 2234.in, 0000002.in & co
2010-12-29/a>	Daniel Wesemann	Beware of strange web sites bearing gifts ...
2010-10-26/a>	Pedro Bueno	Cyber Security Awareness Month - Day 26 - Sharing Office Files
2010-09-09/a>	Marcus Sachs	'Here You Have' Email
2010-07-21/a>	Adrien de Beaupre	Dell PowerEdge R410 replacement motherboard firmware contains malware
2010-07-21/a>	Adrien de Beaupre	autorun.inf and .lnk Malware (NOT 'Vulnerability in Windows Shell Could Allow Remote Code Execution' 2286198)
2010-07-06/a>	Rob VandenBrink	Bogus Support Organizations use Live Operators to Install Malware
2010-07-04/a>	Manuel Humberto Santander Pelaez	Malware inside PDF Files
2010-06-17/a>	Deborah Hale	FYI - Another bogus site
2010-06-14/a>	Manuel Humberto Santander Pelaez	Rogue facebook application acting like a worm
2010-06-07/a>	Manuel Humberto Santander Pelaez	Software Restriction Policy to keep malware away
2010-06-02/a>	Rob VandenBrink	New Mac malware - OSX/Onionspy
2010-05-26/a>	Bojan Zdrnja	Malware modularization and AV detection evasion
2010-05-23/a>	Manuel Humberto Santander Pelaez	e-mail scam announcing Fidel Castro's funeral ... and nasty malware to your computer.
2010-05-21/a>	Rick Wanner	IBM distributes malware at AusCERT!
2010-04-30/a>	Kevin Liston	The Importance of Small Files
2010-04-19/a>	Daniel Wesemann	Linked into scams?
2010-04-18/a>	Guy Bruneau	Some NetSol hosted sites breached
2010-04-13/a>	Johannes Ullrich	More Legal Threat Malware E-Mail
2010-03-30/a>	Pedro Bueno	Sharing the Tools
2010-03-26/a>	Daniel Wesemann	Getting the EXE out of the RTF again
2010-03-09/a>	Marcus Sachs	Energizer Malware
2010-03-04/a>	Daniel Wesemann	salefale-dot-com is bad
2010-03-03/a>	Johannes Ullrich	Reports about large number of fake Amazon order confirmations
2010-02-21/a>	Patrick Nolan	Looking for "more useful" malware information? Help develop the format.
2010-01-14/a>	Bojan Zdrnja	PDF Babushka
2010-01-07/a>	Daniel Wesemann	Static analysis of malicious PDFs
2010-01-07/a>	Daniel Wesemann	Static analysis of malicous PDFs (Part #2)
2009-12-17/a>	Daniel Wesemann	overlay.xul is back
2009-12-17/a>	Daniel Wesemann	In caches, danger lurks
2009-12-16/a>	Rob VandenBrink	Beware the Attack of the Christmas Greeting Cards !
2009-12-07/a>	Rick Wanner	Cheat Sheet: Analyzing Malicious Documents
2009-12-04/a>	Daniel Wesemann	Max Power's Malware Paradise
2009-12-02/a>	Rob VandenBrink	SPAM and Malware taking advantage of H1N1 concerns
2009-11-25/a>	Jim Clausing	Updates to my GREM Gold scripts and a new script
2009-09-25/a>	Lenny Zeltser	Categories of Common Malware Traits
2009-09-25/a>	Deborah Hale	Conficker Continues to Impact Networks
2009-09-25/a>	Deborah Hale	Malware delivered over Google and Yahoo Ad's?
2009-09-04/a>	Adrien de Beaupre	Fake anti-virus
2009-08-29/a>	Guy Bruneau	Immunet Protect - Cloud and Community Malware Protection
2009-08-26/a>	Johannes Ullrich	Malicious CD ROMs mailed to banks
2009-07-26/a>	Jim Clausing	New Volatility plugins
2009-07-03/a>	Adrien de Beaupre	Happy 4th of July!
2009-07-02/a>	Daniel Wesemann	Getting the EXE out of the RTF
2009-07-02/a>	Bojan Zdrnja	Cold Fusion web sites getting compromised
2009-06-16/a>	John Bambenek	Iran Internet Blackout: Using Twitter for Operational Intelligence
2009-06-16/a>	John Bambenek	URL Shortening Service Cligs Hacked
2009-06-04/a>	Raul Siles	Malware targetting banks ATM's
2009-06-04/a>	Raul Siles	Targeted e-mail attacks asking to verify wire transfer details
2009-06-01/a>	G. N. White	Yet another "Digital Certificate" malware campaign
2009-05-20/a>	Pedro Bueno	Cyber Warfare and Kylin thoughts
2009-05-07/a>	Deborah Hale	Malicious Content on the Web
2009-05-04/a>	Tom Liston	Facebook phishing malware
2009-04-24/a>	Pedro Bueno	Did you check your conference goodies?
2009-03-13/a>	Bojan Zdrnja	When web application security, Microsoft and the AV vendors all fail
2009-02-23/a>	Daniel Wesemann	Turf War
2009-02-23/a>	Daniel Wesemann	And the Oscar goes to...
2009-02-10/a>	Bojan Zdrnja	More tricks from Conficker and VM detection
2009-02-09/a>	Bojan Zdrnja	Some tricks from Conficker's bag
2009-02-04/a>	Daniel Wesemann	Titan Shields up!
2009-01-31/a>	John Bambenek	Google Search Engine's Malware Detection Broken
2009-01-24/a>	Pedro Bueno	Identifying and Removing the iWork09 Trojan
2009-01-18/a>	Daniel Wesemann	3322. org
2009-01-15/a>	Bojan Zdrnja	Conficker's autorun and social engineering
2009-01-12/a>	William Salusky	Downadup / Conficker - MS08-067 exploit and Windows domain account lockout
2009-01-07/a>	Bojan Zdrnja	An Israeli patriot program or a trojan
2009-01-02/a>	Rick Wanner	Tools on my Christmas list.
2008-12-25/a>	Maarten Van Horenbeeck	Merry Christmas, and beware of digital hitchhikers!
2008-12-25/a>	Maarten Van Horenbeeck	Christmas Ecard Malware
2008-12-17/a>	donald smith	Team CYMRU's Malware Hash Registry
2008-12-05/a>	Daniel Wesemann	Been updatin' your Flash player lately?
2008-12-05/a>	Daniel Wesemann	Baby, baby!
2008-12-04/a>	Bojan Zdrnja	Rogue DHCP servers
2008-11-17/a>	Jim Clausing	Finding stealth injected DLLs
2008-11-16/a>	Maarten Van Horenbeeck	Detection of Trojan control channels
2008-11-12/a>	John Bambenek	Thoughts on Security Intelligence (McColo Corp alleged spam/malware host knocked offline)
2008-11-11/a>	Swa Frantzen	Acrobat continued activity in the wild
2008-11-10/a>	Stephen Hall	Adobe Reader Vulnerability - part 2
2008-10-07/a>	Kyle Haugsness	Good reading and a malware challenge
2008-09-29/a>	Daniel Wesemann	ASPROX mutant
2008-09-22/a>	Maarten Van Horenbeeck	Data exfiltration and the use of anonymity providers
2008-09-18/a>	Bojan Zdrnja	Monitoring HTTP User-Agent fields
2008-09-07/a>	Lorna Hutcheson	Malware Analysis: Tools are only so good
2008-09-03/a>	Daniel Wesemann	Static analysis of Shellcode
2008-09-03/a>	Daniel Wesemann	Static analysis of Shellcode - Part 2
2008-09-01/a>	John Bambenek	The Number of Machines Controlled by Botnets Has Jumped 4x in Last 3 Months
2008-08-13/a>	Adrien de Beaupre	CNN switched to MSNBC
2008-08-05/a>	Daniel Wesemann	The news update you never asked for
2008-07-20/a>	Kevin Liston	Malware Intelligence: Making it Actionable
2008-07-15/a>	Maarten Van Horenbeeck	Extracting scripts and data from suspect PDF files
2008-07-14/a>	Daniel Wesemann	Obfuscated JavaScript Redux
2008-07-07/a>	Pedro Bueno	Bad url classification
2008-06-18/a>	Marcus Sachs	Olympics Part II
2008-06-14/a>	Lorna Hutcheson	Malware Detection - Take the Blinders Off
2008-06-10/a>	Swa Frantzen	Ransomware keybreaking
2008-06-01/a>	Mark Hofman	Free Yahoo email account! Sign me up, Ok well maybe not.
2008-05-28/a>	Adrien de Beaupre	Another example of malicious SWF
2008-05-27/a>	Adrien de Beaupre	Malicious swf files?
2008-05-26/a>	Marcus Sachs	Predictable Response
2008-05-14/a>	Bojan Zdrnja	War of the worlds?
2008-05-02/a>	Adrien de Beaupre	Hi, remember me?...
2008-04-30/a>	Bojan Zdrnja	(Minor) evolution in Mac DNS changer malware
2008-04-24/a>	Maarten Van Horenbeeck	Targeted attacks using malicious PDF files
2008-04-16/a>	Bojan Zdrnja	The 10.000 web sites infection mystery solved
2008-04-15/a>	Johannes Ullrich	SRI Malware Threat Center
2008-04-14/a>	John Bambenek	A Federal Subpoena or Just Some More Spam & Malware?
2008-04-07/a>	John Bambenek	HP USB Keys Shipped with Malware for your Proliant Server
2008-04-07/a>	John Bambenek	Got Kraken?
2008-04-07/a>	John Bambenek	Kraken Technical Details: UPDATED x3
2008-04-06/a>	Daniel Wesemann	Advanced obfuscated JavaScript analysis
2008-04-04/a>	Daniel Wesemann	nmidahena
2008-04-03/a>	Bojan Zdrnja	VB detection: is it so difficult?
2008-04-02/a>	Adrien de Beaupre	When is a DMG file not a DMG file
2008-03-27/a>	Maarten Van Horenbeeck	Guarding the guardians: a story of PGP key ring theft
2006-08-31/a>	Swa Frantzen	NT botnet submitted
2000-01-02/a>	Deborah Hale	2010 A Look Back - 2011 A Look Ahead
ADVISORY
2018-10-17/a>	Russ McRee	VMSA-2018-0026 VMware ESXi, Workstation & Fusion updates address out-of-bounds read vulnerability https://www.vmware.com/security/advisories/VMSA-2018-0026.html
2017-12-20/a>	Richard Porter	VMWare Security Advisory: VMSA-2017-0021: https://www.vmware.com/security/advisories/VMSA-2017-0021.html
2016-08-31/a>	Deborah Hale	Cisco Security Advisories Issued
2016-01-10/a>	Jim Clausing	VMware security update
2015-12-19/a>	Russell Eubanks	VMWare Security Advisory
2014-10-01/a>	Russ McRee	VMware security advisory: VMSA-2014-0010 http://www.vmware.com/security/advisories/VMSA-2014-0010.html
2014-09-12/a>	Chris Mohan	VMware NSX and vCNS product updates address a critical information disclosure vulnerability http://www.vmware.com/security/advisories/VMSA-2014-0009.html
2014-04-11/a>	Rob VandenBrink	VMware Security Advisories / Patches released for 2 issues (NOT Heartbleed) - http://www.vmware.com/security/advisories/VMSA-2014-0003.html and http://www.vmware.com/security/advisories/VMSA-2014-0002.html
2014-01-24/a>	Chris Mohan	Security Update for OS X for CVE-2014-1252 http://support.apple.com/kb/HT6117
2013-12-23/a>	Scott Fendley	VMWare ESX/ESXi Security Advisory
2013-12-04/a>	Adrien de Beaupre	VMware Security Advisory VMSA-2013-0014
2013-09-17/a>	John Bambenek	Microsoft Releases Out-of-Band Advisory for all Versions of Internet Explorer
2013-08-29/a>	Russ McRee	Suspect Sendori software
2013-08-13/a>	Swa Frantzen	Microsoft security advisories: RDP and MD5 deprecation in Microsoft root certificates
2013-08-02/a>	Chris Mohan	VMware Security Advisory VMSA-2013-0009 - http://www.vmware.com/security/advisories/VMSA-2013-0009.html
2013-06-11/a>	Swa Frantzen	Other Microsoft Black Tuesday News
2013-05-31/a>	Chris Mohan	VMware releases new and updated security advisories
2013-05-14/a>	Swa Frantzen	Microsoft Security Advisory 2846338
2013-02-22/a>	Chris Mohan	VMware releases new and updated security advisories
2013-02-12/a>	Adam Swanger	Microsoft February 2013 Black Tuesday Update - Overview
2013-02-01/a>	Jim Clausing	VMware vSphere security updates for the authentication service and third party libraries (see http://www.vmware.com/security/advisories/VMSA-2013-0001.html)
2013-01-15/a>	Russ McRee	Cisco introducing Cisco Security Notices 16 JAN 2013
2013-01-09/a>	Rob VandenBrink	Security Update - Cisco Prime LMS (cisco-sa-20130109-lms - remote execution as root vulnerability) - advisory at: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-lms
2013-01-09/a>	Rob VandenBrink	Security Update - Cisco 7900 Phones - cisco-sa-20130109-uipphone privilege escallation issue - advisory at: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-uipphone
2012-12-11/a>	John Bambenek	Microsoft December 2012 Black Tuesday Update - Overview
2012-11-13/a>	Jim Clausing	Microsoft November 2012 Black Tuesday Update - Overview
2012-10-05/a>	Richard Porter	VMWare Security Advisory: VMSA-2012-0014 - http://www.vmware.com/security/advisories/VMSA-2012-0014.html
2012-09-27/a>	Kevin Shortt	Cisco IOS Security Advisory Bundle - http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep12.html
2012-09-20/a>	Russ McRee	Apple and Cisco Security Advisories 19 SEP 2012
2012-08-31/a>	Johannes Ullrich	VMware Updates
2012-07-13/a>	Russ McRee	VMWare Security Advisory 12 JUL 2012
2012-07-10/a>	Swa Frantzen	Microsoft revoking trust in Microsoft certificates - SA 2728973
2012-07-10/a>	Swa Frantzen	Microsoft fix-it to disable gadgets - SA 2719662
2012-06-21/a>	Russ McRee	Cisco Security Advisories 20 JUN 2012
2012-06-14/a>	Johannes Ullrich	VMWare Security Advisories
2012-03-12/a>	Guy Bruneau	OpenSSL Security Update
2012-02-29/a>	Russ McRee	Cisco Security Advisories - 29FEB2011
2012-01-31/a>	Russ McRee	Firefox 10 and VMWare advisories and updates
2011-11-18/a>	Kevin Liston	Recent VMWare security advisories
2011-10-05/a>	Jim Clausing	VMware Advisory - UDF file system handling
2011-06-01/a>	Adrien de Beaupre	Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified IP Phones 7900 Series - http://www.cisco.com/warp/public/707/cisco-sa-20110601-phone.shtml
2011-06-01/a>	Adrien de Beaupre	Cisco Security Advisory: Default Credentials Vulnerability in Cisco Network Registrar - http://www.cisco.com/warp/public/707/cisco-sa-20110601-cnr.shtml
2011-06-01/a>	Adrien de Beaupre	Cisco Security Advisory: Default Credentials for root Account on the Cisco Media Experience Engine 5600 - http://www.cisco.com/warp/public/707/cisco-sa-20110601-mxe.shtml
2011-06-01/a>	Adrien de Beaupre	Cisco Security Advisory: Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client - http://www.cisco.com/warp/public/707/cisco-sa-20110601-ac.shtml
2011-03-30/a>	Adrien de Beaupre	Two Cisco advisories: cisco-sa-20110330-nac and cisco-sa-20110330-acs
2011-02-10/a>	Chris Mohan	Linksys WAP610N has Unauthenticated Root Console issue
2011-02-08/a>	Chris Mohan	VMWare Security Advisory
2010-09-18/a>	Rick Wanner	Microsoft Security Advisory for ASP.NET
2010-07-21/a>	Adrien de Beaupre	Update on .LNK vulnerability
2010-06-17/a>	Deborah Hale	FYI - Another bogus site
2010-06-15/a>	Manuel Humberto Santander Pelaez	Apple releases advisory for Mac OS X - Multiple vulnerabilities discovered
2010-06-05/a>	Guy Bruneau	Security Advisory for Flash Player, Adobe Reader and Acrobat
2010-05-30/a>	Kevin Liston	VMware ESX/ESXi Updates
2010-03-10/a>	Rob VandenBrink	Microsoft Security Advisory 981374 - Remote Code Execution Vulnerability for IE6 and IE7
2010-02-17/a>	Rob VandenBrink	Cisco ASA5500 Security Updates - cisco-sa-20100217-asa
2010-02-17/a>	Rob VandenBrink	Cisco Security Agent Security Updates: cisco-sa-20100217-csa
2010-02-03/a>	Johannes Ullrich	Information Disclosure Vulnerability in Internet Explorer
2010-01-21/a>	Johannes Ullrich	New Microsoft Advisory: Vulnerability in Windows Kernel Privilege Escalation (CVE-2010-0232)
2009-11-14/a>	Adrien de Beaupre	Microsoft advisory for Windows 7 / Windows Server 2008 R2 Remote SMB DoS Exploit released
2009-06-12/a>	Adrien de Beaupre	Google updates for Chrome
2009-05-28/a>	Stephen Hall	Microsoft DirectShow vulnerability
2008-09-24/a>	Deborah Hale	Flurry of Security Advisories from CISCO
2008-06-01/a>	Mari Nichols	Updates to VMware resolve critical security issues

MALWARE ADVISORY

MALWARE

ADVISORY