MICROSOFT UPDATE KB973811 EXTENDED PROTECTION FOR AUTHENTICATION 2003 VISTA XP |
| 2010-03-10 | Rob VandenBrink | Microsoft re-release of KB973811 - attacks on Extended Protection for Authentication |
MICROSOFT |
| 2025-03-11/a> | Johannes Ullrich | Microsoft Patch Tuesday: March 2025 |
| 2025-02-27/a> | Xavier Mertens | Njrat Campaign Using Microsoft Dev Tunnels |
| 2024-12-10/a> | Johannes Ullrich | Microsoft Patch Tuesday: December 2024 |
| 2024-12-05/a> | Jesse La Grew | [Guest Diary] Business Email Compromise |
| 2024-10-08/a> | Johannes Ullrich | Microsoft Patch Tuesday - October 2024 |
| 2024-08-20/a> | Johannes Ullrich | Where are we with CVE-2024-38063: Microsoft IPv6 Vulnerability |
| 2024-07-09/a> | Johannes Ullrich | Microsoft Patch Tuesday July 2024 |
| 2024-06-11/a> | Johannes Ullrich | Microsoft Patch Tuesday June 2024 |
| 2024-03-12/a> | Johannes Ullrich | Microsoft Patch Tuesday - March 2024 |
| 2023-12-12/a> | Johannes Ullrich | Microsoft Patch Tuesday December 2023 |
| 2023-10-10/a> | Johannes Ullrich | October 2023 Microsoft Patch Tuesday Summary |
| 2023-04-08/a> | Xavier Mertens | Microsoft Netlogon: Potential Upcoming Impacts of CVE-2022-38023 |
| 2023-02-14/a> | Johannes Ullrich | Microsoft February 2023 Patch Tuesday |
| 2022-10-11/a> | Johannes Ullrich | October 2022 Microsoft Patch Tuesday |
| 2022-05-31/a> | Xavier Mertens | First Exploitation of Follina Seen in the Wild |
| 2022-05-30/a> | Xavier Mertens | New Microsoft Office Attack Vector via "ms-msdt" Protocol Scheme (CVE-2022-30190) |
| 2022-05-10/a> | Renato Marinho | Microsoft May 2022 Patch Tuesday |
| 2022-01-21/a> | Xavier Mertens | Obscure Wininet.dll Feature? |
| 2022-01-11/a> | Johannes Ullrich | Microsoft Patch Tuesday - January 2022 |
| 2021-09-24/a> | Xavier Mertens | Keep an Eye on Your Users Mobile Devices (Simple Inventory) |
| 2021-09-15/a> | Brad Duncan | Hancitor campaign abusing Microsoft's OneDrive |
| 2021-09-14/a> | Renato Marinho | Microsoft September 2021 Patch Tuesday |
| 2021-09-11/a> | Guy Bruneau | Shipping to Elasticsearch Microsoft DNS Logs |
| 2021-09-08/a> | Johannes Ullrich | Microsoft Offers Workaround for 0-Day Office Vulnerability (CVE-2021-40444) |
| 2021-08-06/a> | Xavier Mertens | Malicious Microsoft Word Remains A Key Infection Vector |
| 2021-07-21/a> | Johannes Ullrich | "Summer of SAM": Microsoft Releases Guidance for CVE-2021-36934 |
| 2021-06-30/a> | Johannes Ullrich | CVE-2021-1675: Incomplete Patch and Leaked RCE Exploit |
| 2021-04-13/a> | Richard Porter | Microsoft April 2021 Patch Tuesday |
| 2021-03-12/a> | Guy Bruneau | Microsoft DHCP Logs Shipped to ELK |
| 2021-03-03/a> | Johannes Ullrich | Microsoft Releases Exchange Emergency Patch to Fix Actively Exploited Vulnerability |
| 2021-02-12/a> | Xavier Mertens | AgentTesla Dropped Through Automatic Click in Microsoft Help File |
| 2020-12-08/a> | Johannes Ullrich | December 2020 Microsoft Patch Tuesday: Exchange, Sharepoint, Dynamics and DNS Spoofing |
| 2020-11-12/a> | Daniel Wesemann | Exposed Blob Storage in Azure |
| 2020-11-12/a> | Daniel Wesemann | Preventing Exposed Azure Blob Storage |
| 2020-09-23/a> | Xavier Mertens | Malicious Word Document with Dynamic Content |
| 2020-07-15/a> | Johannes Ullrich | PATCH NOW - SIGRed - CVE-2020-1350 - Microsoft DNS Server Vulnerability |
| 2020-06-24/a> | Jan Kopriva | Using Shell Links as zero-touch downloaders and to initiate network connections |
| 2020-04-07/a> | Johannes Ullrich | Increase in RDP Scanning |
| 2020-03-30/a> | Jan Kopriva | Crashing explorer.exe with(out) a click |
| 2020-03-12/a> | Xavier Mertens | Critical SMBv3 Vulnerability: Remote Code Execution |
| 2020-03-10/a> | Johannes Ullrich | Microsoft Patch Tuesday March 2020 |
| 2020-01-15/a> | Johannes Ullrich | CVE-2020-0601 Followup |
| 2019-11-08/a> | Xavier Mertens | Microsoft Apps Diverted from Their Main Use |
| 2019-09-24/a> | Xavier Mertens | Huge Amount of remotewebaccess.com Sites Found in Certificate Transparency Logs |
| 2019-07-09/a> | John Bambenek | MSFT July 2019 Patch Tuesday |
| 2019-05-29/a> | Xavier Mertens | Behavioural Malware Analysis with Microsoft ASA |
| 2019-05-22/a> | Johannes Ullrich | An Update on the Microsoft Windows RDP "Bluekeep" Vulnerability (CVE-2019-0708) [now with pcaps] |
| 2019-01-14/a> | Rob VandenBrink | Microsoft LAPS - Blue Team / Red Team |
| 2018-12-19/a> | Xavier Mertens | Microsoft OOB Patch for Internet Explorer: Scripting Engine Memory Corruption Vulnerability |
| 2018-12-11/a> | Richard Porter | Microsoft December 2018 Patch Tuesday |
| 2018-11-13/a> | Johannes Ullrich | November 2018 Microsoft Patch Tuesday |
| 2018-10-26/a> | Xavier Mertens | Dissecting Malicious Office Documents with Linux |
| 2018-10-10/a> | Xavier Mertens | New Campaign Using Old Equation Editor Vulnerability |
| 2018-10-09/a> | Johannes Ullrich | October 2018 Microsoft Patch Tuesday |
| 2018-09-11/a> | Johannes Ullrich | Microsoft September Patch Tuesday Summary |
| 2018-06-12/a> | Johannes Ullrich | Microsoft June 2018 Patch Tuesday |
| 2018-05-25/a> | Xavier Mertens | Antivirus Evasion? Easy as 1,2,3 |
| 2018-05-22/a> | Xavier Mertens | Malware Distributed via .slk Files |
| 2018-04-28/a> | Rick Wanner | Microsoft Security Update for Spectre V2 |
| 2018-01-26/a> | Xavier Mertens | Investigating Microsoft BITS Activity |
| 2017-12-12/a> | Johannes Ullrich | December Microsoft Patch Tuesday Summary |
| 2017-07-11/a> | Renato Marinho | July's Microsoft Patch Tuesday |
| 2017-03-14/a> | Johannes Ullrich | February and March Microsoft Patch Tuesday |
| 2017-02-14/a> | Johannes Ullrich | Microsoft Patch Tuesday Delayed |
| 2016-10-11/a> | Xavier Mertens | WiFi Still Remains a Good Attack Vector |
| 2016-09-30/a> | Xavier Mertens | Another Day, Another Malicious Behaviour |
| 2016-09-13/a> | Rob VandenBrink | Microsoft Patch Tuesday Analysis |
| 2016-09-05/a> | Xavier Mertens | Malware Delivered via '.pub' Files |
| 2016-07-12/a> | Johannes Ullrich | Microsoft Patch Tuesday Summary for July 2016 |
| 2016-05-05/a> | Xavier Mertens | Microsoft BITS Used to Download Payloads |
| 2016-02-18/a> | Xavier Mertens | Hunting for Executable Code in Windows Environments |
| 2016-02-09/a> | Johannes Ullrich | Microsoft February 2016 Patch Tuesday |
| 2016-02-03/a> | Xavier Mertens | EMET 5.5 Released |
| 2016-01-09/a> | Xavier Mertens | Virtual Bitlocker Containers |
| 2015-08-31/a> | Xavier Mertens | Detecting file changes on Microsoft systems with FCIV |
| 2015-08-18/a> | Russ McRee | Microsoft Security Bulletin MS15-093 - Critical OOB - Internet Explorer RCE |
| 2015-07-14/a> | Johannes Ullrich | July 2015 Microsoft Patch Tuesday |
| 2015-04-15/a> | Johannes Ullrich | MS15-034: HTTP.sys (IIS) DoS And Possible Remote Code Execution. PATCH NOW |
| 2015-03-17/a> | Didier Stevens | Improperly issued SSL certificate for domain "live.fi" could be used in attempts to spoof content. https://technet.microsoft.com/library/security/3046310 |
| 2015-02-19/a> | Daniel Wesemann | Macros? Really?! |
| 2015-02-13/a> | Johannes Ullrich | Microsoft February Patch Failures Continue: KB3023607 vs. Cisco AnyConnect Client |
| 2015-02-11/a> | Johannes Ullrich | Microsoft Hardens GPO by Fixing Two Serious Vulnerabilities. |
| 2014-07-01/a> | Johannes Ullrich | Microsoft No-IP Takedown |
| 2014-06-28/a> | Mark Hofman | No more Microsoft advisory email notifications? |
| 2014-06-23/a> | Russ McRee | Microsoft Interflow announced today at 26th FIRST conference |
| 2014-06-17/a> | Rob VandenBrink | New Security Advisories / Updates from Microsoft - Heads up for Next Patch Tuesday! |
| 2014-06-06/a> | Johannes Ullrich | Microsoft June Patch Tuesday Advance Notification |
| 2014-05-07/a> | Johannes Ullrich | De-Clouding your Life: Things that should not go into the cloud. |
| 2014-05-01/a> | Johannes Ullrich | Microsoft Announces Special Patch for IE 0-day (Win XP included!) |
| 2014-03-24/a> | Johannes Ullrich | New Microsoft Advisory: Unpatched Word Flaw used in Targeted Attacks |
| 2014-03-11/a> | Johannes Ullrich | Microsoft Patch Tuesday March 2014 |
| 2014-03-10/a> | Basil Alawi S.Taher | Sysinternals Process Explorer v16.02, Process Monitor v3.1, PSExec v2.1 and Sigcheck v2.03 update |
| 2014-03-08/a> | Guy Bruneau | Microsoft March Patch Pre-Announcement |
| 2014-03-02/a> | Stephen Hall | Symantec goes yellow |
| 2014-02-11/a> | Johannes Ullrich | February 2014 Microsoft Patch Tuesday |
| 2014-02-07/a> | Johannes Ullrich | Microsoft Advance Notification for February 2014 |
| 2014-01-14/a> | Johannes Ullrich | Microsoft Patch Tuesday January 2014 |
| 2014-01-09/a> | Johannes Ullrich | Microsoft Security Bulletin Advance Notification for January 2014 http://technet.microsoft.com/en-us/security/bulletin/ms14-jan |
| 2013-12-07/a> | Guy Bruneau | Microsoft December Patch Pre-Announcement |
| 2013-11-29/a> | Russ McRee | MS Exchange update, includes failed backup fix: http://support.microsoft.com/kb/2892464 |
| 2013-11-28/a> | Rob VandenBrink | Microsoft Security Advisory (2914486): Vulnerability in Microsoft Windows Kernel 0 day exploit in wild |
| 2013-11-12/a> | Johannes Ullrich | November 2013 Microsoft Patch Tuesday |
| 2013-11-10/a> | Rick Wanner | Microsoft and Facebook announce bug bounty |
| 2013-11-08/a> | Johannes Ullrich | Microsoft Patch Tuesday Preview |
| 2013-11-05/a> | Daniel Wesemann | TIFF images in MS-Office documents used in targeted attacks |
| 2013-10-17/a> | Adrien de Beaupre | Microsoft phish |
| 2013-09-17/a> | John Bambenek | Microsoft Releases Out-of-Band Advisory for all Versions of Internet Explorer |
| 2013-09-11/a> | Johannes Ullrich | Reboot Wednesday: Yesterday's Patch Tuesday Aftermath |
| 2013-09-10/a> | Swa Frantzen | Microsoft September 2013 Black Tuesday Overview |
| 2013-08-19/a> | Johannes Ullrich | Microsoft re-releases MS13-066: https://technet.microsoft.com/security/bulletin/MS13-066 |
| 2013-08-15/a> | Johannes Ullrich | Microsoft Pulls MS013-061 due to problems with Exchange Server 2013 http://blogs.technet.com/b/exchange/archive/2013/08/14/exchange-2013-security-update-ms13-061-status-update.aspx |
| 2013-08-13/a> | Swa Frantzen | Microsoft security advisories: RDP and MD5 deprecation in Microsoft root certificates |
| 2013-07-15/a> | Johannes Ullrich | Problems with MS13-057 |
| 2013-07-12/a> | Johannes Ullrich | DNS resolution is failing for Microsofts Teredo server (teredo.ipv6.microsoft.com) |
| 2013-07-12/a> | Johannes Ullrich | Microsoft Teredo Server "Sunset" |
| 2013-07-09/a> | Swa Frantzen | Microsoft July 2013 Black Tuesday Overview |
| 2013-07-06/a> | Guy Bruneau | Microsoft July Patch Pre-Announcement |
| 2013-06-11/a> | Swa Frantzen | Microsoft June 2013 Black Tuesday Overview |
| 2013-06-05/a> | Richard Porter | Windows Sysinternals Updated http://technet.microsoft.com/en-us/sysinternals/default.aspx |
| 2013-05-14/a> | Swa Frantzen | Microsoft May 2013 Black Tuesday Overview |
| 2013-05-14/a> | Swa Frantzen | Microsoft Security Advisory 2846338 |
| 2013-05-09/a> | Johannes Ullrich | Microsoft released a Fix-it for the Internet Explorer 8 Vulnerability http://support.microsoft.com/kb/2847140 |
| 2013-05-04/a> | Kevin Shortt | The Zero-Day Pendulum Swings |
| 2013-04-23/a> | Russ McRee | Microsoft's Security Intelligence Report (SIRv14) released |
| 2013-04-04/a> | Johannes Ullrich | Microsoft April Patch Tuesday Advance Notification |
| 2013-03-19/a> | Johannes Ullrich | Windows 7 SP1 and Windows Server 2008 R2 SP1 Being "pushed" today |
| 2013-03-12/a> | Swa Frantzen | Microsoft March 2013 Black Tuesday Overview |
| 2013-02-12/a> | Adam Swanger | Microsoft February 2013 Black Tuesday Update - Overview |
| 2013-02-08/a> | Johannes Ullrich | Microsoft February Patch Tuesday Advance Notification |
| 2013-01-14/a> | Richard Porter | January 2013 Microsoft Out of Cycle Patch |
| 2013-01-09/a> | Rob VandenBrink | Hotmail seeing some temporary access issues |
| 2013-01-08/a> | Richard Porter | Microsoft January 2013 Black Tuesday Update - Overview |
| 2013-01-04/a> | Daniel Wesemann | Patch pre-notification from Adobe and Microsoft |
| 2013-01-01/a> | Johannes Ullrich | FixIt Available for Internet Explorer Vulnerability |
| 2012-12-11/a> | John Bambenek | Microsoft December 2012 Black Tuesday Update - Overview |
| 2012-11-13/a> | Jim Clausing | Microsoft November 2012 Black Tuesday Update - Overview |
| 2012-10-04/a> | Johannes Ullrich | Microsoft October Patch Pre-Announcement |
| 2012-09-14/a> | Lenny Zeltser | Analyzing Malicious RTF Files Using OfficeMalScanner's RTFScan |
| 2012-09-11/a> | Adam Swanger | Microsoft September 2012 Black Tuesday Update - Overview |
| 2012-08-14/a> | Rick Wanner | Microsoft August 2012 Black Tuesday Update - Overview |
| 2012-07-25/a> | Johannes Ullrich | Microsoft Exchange/Sharepoint and others: Oracle Outside In Vulnerability |
| 2012-07-18/a> | Rob VandenBrink | Vote NO to Weak Keys! |
| 2012-07-10/a> | Swa Frantzen | Microsoft July 2012 Black Tuesday Update - Overview |
| 2012-07-10/a> | Swa Frantzen | Microsoft revoking trust in Microsoft certificates - SA 2728973 |
| 2012-07-10/a> | Swa Frantzen | Microsoft fix-it to disable gadgets - SA 2719662 |
| 2012-07-05/a> | Adrien de Beaupre | Microsoft advanced notification for July 2012 patch Tuesday |
| 2012-06-20/a> | Raul Siles | CVE-2012-0217 (from MS12-042) applies to other environments too |
| 2012-06-13/a> | Johannes Ullrich | Microsoft Certificate Updater |
| 2012-06-12/a> | Swa Frantzen | Microsoft June 2012 Black Tuesday Update - Overview |
| 2012-06-12/a> | Swa Frantzen | Microsoft Security Advisory 2719615 - MSXML - CVE-2012-1889 |
| 2012-06-11/a> | Johannes Ullrich | Microsoft Update Security |
| 2012-06-07/a> | Johannes Ullrich | Microsoft June Security Bulletin Advance Notification |
| 2012-06-04/a> | Lenny Zeltser | Decoding Common XOR Obfuscation in Malicious Code |
| 2012-06-04/a> | Johannes Ullrich | Microsoft Emergency Bulletin: Unauthorized Certificate used in "Flame" |
| 2012-05-23/a> | Mark Baggett | Problems with MS12-035 affecting XP, SBS and Windows 2003? |
| 2012-05-16/a> | Johannes Ullrich | Microsoft released an update for its Enhanced Mitigation Experience Tool (EMET) http://blogs.technet.com/b/srd/archive/2012/05/15/introducing-emet-v3.aspx |
| 2012-04-26/a> | Richard Porter | Packetstorm Security and Metasploit have Exploit code for MS12-027 |
| 2012-04-15/a> | Rick Wanner | .Net update affects printing from some applications |
| 2012-04-06/a> | Johannes Ullrich | Microsoft April Patch Tuesday Pre-Announcement (6 Patches): http://technet.microsoft.com/en-us/security/bulletin/ms12-apr |
| 2012-03-08/a> | Johannes Ullrich | Microsoft March Patch Tuesday Pre-Anouncement out. 6 patches, 1 critical: http://technet.microsoft.com/en-us/security/bulletin/ms12-mar |
| 2012-01-10/a> | Adrien de Beaupre | January 2012 Microsoft Black Tuesday Summary |
| 2012-01-06/a> | Guy Bruneau | January 2012 Patch Tuesday Pre-release |
| 2011-12-29/a> | Richard Porter | ASP.Net Vulnerability |
| 2011-12-13/a> | Johannes Ullrich | December 2011 Microsoft Black Tuesday Summary |
| 2011-12-08/a> | Adrien de Beaupre | Microsoft Security Bulletin Advance Notification for December 2011 |
| 2011-11-03/a> | Guy Bruneau | November 2011 Patch Tuesday Pre-release |
| 2011-09-09/a> | Johannes Ullrich | Early Patch Tuesday Today: Microsoft September 2011 Patches |
| 2011-09-08/a> | Mark Hofman | Microsoft has released their advanced notification for patch Tuesday. 15 Vulnerabilities to be addressed. more here --> http://blogs.technet.com/b/msrc/archive/2011/09/08/advanced-notification-for-the-september-2011-bulletin-release.aspx |
| 2011-09-06/a> | Johannes Ullrich | Microsoft Releases Diginotar Related Patch and Advisory |
| 2011-08-11/a> | Johannes Ullrich | As part of this weeks patch tuesday, microsoft also re-release MS11-043 to address stability issues. |
| 2011-08-09/a> | Swa Frantzen | Microsoft August 2011 Black Tuesday Overview |
| 2011-08-05/a> | Johannes Ullrich | Microsoft Patch Tuesday Advance Notification: 13 Bulletins coming http://www.microsoft.com/technet/security/Bulletin/MS11-aug.mspx |
| 2011-06-14/a> | Swa Frantzen | Microsoft June 2011 Black Tuesday Overview |
| 2011-05-23/a> | Mark Hofman | Microsoft Support Scam (again) |
| 2011-05-13/a> | Jason Lam | Microsoft Security Intelligence Report volume 10 |
| 2011-05-10/a> | Swa Frantzen | May 2011 Microsoft Black Tuesday Overview |
| 2011-05-06/a> | Richard Porter | Updated Exploit Index for Microsoft |
| 2011-04-11/a> | Jim Clausing | April 2011 Microsoft Black Tuesday Summary |
| 2011-04-08/a> | Johannes Ullrich | Dark Black Tuesday Coming Up: 17 Microsoft Bulletins |
| 2011-03-09/a> | Chris Mohan | Possible Issue with Forefront Update KB2508823 |
| 2011-03-08/a> | Jim Clausing | March 2011 Microsoft Black Tuesday Summary |
| 2011-03-02/a> | Chris Mohan | Microsoft’s Autorun update v2.1 now automatically deployed from Windows Update |
| 2011-02-24/a> | Johannes Ullrich | Windows 7 / 2008 R2 Service Pack 1 Problems |
| 2011-02-23/a> | Johannes Ullrich | Windows 7 Service Pack 1 out |
| 2011-02-10/a> | Chris Mohan | Befriending Windows Security Log Events |
| 2011-01-19/a> | Johannes Ullrich | Microsoft's Secure Developer Tools |
| 2011-01-08/a> | Guy Bruneau | January 2011 Patch Tuesday Pre-release |
| 2011-01-05/a> | Johannes Ullrich | Currently Unpatched Windows / Internet Explorer Vulnerabilities |
| 2011-01-04/a> | Johannes Ullrich | Microsoft Advisory: Vulnerability in Graphics Rendering Engine |
| 2010-12-22/a> | John Bambenek | IIS 7.5 0-Day DoS (processing FTP requests) |
| 2010-12-20/a> | Guy Bruneau | Patch Issues with Outlook 2007 |
| 2010-12-14/a> | Manuel Humberto Santander Pelaez | December 2010 Microsoft Black Tuesday Summary |
| 2010-12-10/a> | Mark Hofman | Microsoft patches |
| 2010-11-04/a> | Johannes Ullrich | Microsoft Patches Pre-Announcement |
| 2010-11-04/a> | Johannes Ullrich | Microsoft Smart Screen False Positivies |
| 2010-10-12/a> | Adrien de Beaupre | October 2010 Microsoft Black Tuesday Summary |
| 2010-10-08/a> | Rick Wanner | Patch Tuesday Pre-release -- 16 updates |
| 2010-09-28/a> | Daniel Wesemann | MS10-070 OOB Patch for ASP.NET vulnerability |
| 2010-09-27/a> | Adrien de Beaupre | MS OOB patch tomorrow for Security Advisory 2416728 |
| 2010-09-18/a> | Rick Wanner | Microsoft Security Advisory for ASP.NET |
| 2010-09-14/a> | Adrien de Beaupre | September 2010 Microsoft Black Tuesday Summary |
| 2010-09-02/a> | Daniel Wesemann | Microsoft EMETv2 released |
| 2010-08-10/a> | Jim Clausing | August 2010 Micrsoft Black Tuesday Summary |
| 2010-08-02/a> | Johannes Ullrich | Microsoft Out-of-Band bulletin addresses LNK/Shortcut vulnerability |
| 2010-07-30/a> | Johannes Ullrich | Microsoft LNK vulnerability fix coming on Monday |
| 2010-07-21/a> | Adrien de Beaupre | Update on .LNK vulnerability |
| 2010-07-20/a> | Manuel Humberto Santander Pelaez | LNK vulnerability now with Metasploit module implementing the WebDAV method |
| 2010-07-13/a> | Jim Clausing | July 2010 Microsoft Black Tuesday Summary |
| 2010-06-15/a> | Manuel Humberto Santander Pelaez | Microsoft Windows Help and Support Center vulnerability (CVE 2010-1885) exploit in the wild |
| 2010-06-10/a> | Deborah Hale | Microsoft Help Centre Handling of Escape Sequences May Lead to Exploit |
| 2010-06-10/a> | Deborah Hale | Microsoft Security Advisory 2219475 |
| 2010-06-08/a> | Manuel Humberto Santander Pelaez | June 2010 Microsoft Black Tuesday Summary |
| 2010-06-03/a> | Guy Bruneau | Microsoft Patch Tuesday June 2010 Pre-Release |
| 2010-05-18/a> | Johannes Ullrich | Canonical Display Driver Vulnerability |
| 2010-05-11/a> | Scott Fendley | May 2010 Microsoft Patches |
| 2010-05-08/a> | Guy Bruneau | Microsoft Patch Tuesday May 2010 Pre-Release |
| 2010-04-30/a> | Johannes Ullrich | Sharepoint XSS Vulnerability |
| 2010-04-13/a> | Johannes Ullrich | Microsoft April 2010 Patch Tuesday |
| 2010-04-08/a> | Guy Bruneau | Microsoft Patch Tuesday April 2010 Pre-Release |
| 2010-03-10/a> | Rob VandenBrink | Microsoft Security Advisory 981374 - Remote Code Execution Vulnerability for IE6 and IE7 |
| 2010-03-10/a> | Rob VandenBrink | Microsoft re-release of KB973811 - attacks on Extended Protection for Authentication |
| 2010-03-09/a> | John Bambenek | March 2010 - Microsoft Patch Tuesday Diary |
| 2010-03-08/a> | Raul Siles | Microsoft announced two important bulletins (fixing multiple vulns. affecting Windows and Office) for tomorrow: http://www.microsoft.com/technet/security/Bulletin/MS10-mar.mspx |
| 2010-03-03/a> | Mark Hofman | MS10-015 re-released |
| 2010-03-01/a> | Mark Hofman | Microsoft will drop support for Vista (without any Service Packs) on April 13 and support for XP SP2 ends July 13. (i.e. no more security updates). If you are still running these, it it time to update. |
| 2010-02-25/a> | Andre Ludwig | Microsoft, restraining orders, and how a big botnet (waledec) ate curb. |
| 2010-02-11/a> | Johannes Ullrich | MS10-015 may cause Windows XP to blue screen |
| 2010-02-11/a> | Deborah Hale | Critical Update for AD RMS |
| 2010-02-10/a> | Marcus Sachs | Vulnerability in TLS/SSL Could Allow Spoofing |
| 2010-02-09/a> | Johannes Ullrich | February 2010 Black Tuesday Overview |
| 2010-02-04/a> | Johannes Ullrich | Microsoft Patch Tuesday Pre-Release |
| 2010-02-03/a> | Johannes Ullrich | Information Disclosure Vulnerability in Internet Explorer |
| 2010-01-21/a> | Johannes Ullrich | New Microsoft Advisory: Vulnerability in Windows Kernel Privilege Escalation (CVE-2010-0232) |
| 2010-01-21/a> | Chris Carboni | * Microsoft Out Of Band Patch Release |
| 2010-01-21/a> | Johannes Ullrich | Microsoft January Out of Band Patch |
| 2010-01-19/a> | Johannes Ullrich | Unpatched Microsoft Windows (all versions) Privilege Escalation Vulnerability Released |
| 2010-01-12/a> | Johannes Ullrich | Microsoft Patch Tuesday - Preannouncement |
| 2010-01-12/a> | Johannes Ullrich | Microsoft Security Bulletin: January 2010 |
| 2010-01-12/a> | Johannes Ullrich | Microsoft Advices XP Users to Uninstall Flash Player 6 |
| 2009-12-29/a> | Rick Wanner | Microsoft responds to possible IIS 6 0-day |
| 2009-12-08/a> | Deborah Hale | December 2009 Black Tuesday Overview |
| 2009-12-02/a> | Rob VandenBrink | Microsoft Black Screen of Death - Fact of Fiction? |
| 2009-11-25/a> | Jim Clausing | Microsoft Updates requiring reboot |
| 2009-11-24/a> | Rick Wanner | Microsoft Security Advisory 977981 - IE 6 and IE 7 |
| 2009-11-14/a> | Adrien de Beaupre | Microsoft advisory for Windows 7 / Windows Server 2008 R2 Remote SMB DoS Exploit released |
| 2009-11-10/a> | Swa Frantzen | Microsoft November Black Tuesday Overview |
| 2009-11-07/a> | Marcus Sachs | More Thoughts on Legacy Systems |
| 2009-11-02/a> | Rob VandenBrink | Microsoft releases v1.02 of Enhanced Mitigation Evaluation Toolkit (EMET) |
| 2009-10-17/a> | Rick Wanner | Mozilla disables Microsoft plug-ins? |
| 2009-10-16/a> | Adrien de Beaupre | Disable MS09-054 patch, or Firefox Plugin? |
| 2009-10-13/a> | Johannes Ullrich | Microsoft October 2009 Black Tuesday Overview |
| 2009-09-16/a> | Bojan Zdrnja | SMB2 remote exploit released |
| 2009-08-31/a> | Pedro Bueno | Microsoft IIS 5/6 FTP 0Day released |
| 2009-08-26/a> | Johannes Ullrich | WSUS 3.0 SP2 released |
| 2009-08-11/a> | Swa Frantzen | Microsoft August 2009 Black Tuesday Overview |
| 2009-07-28/a> | Adrien de Beaupre | MS released two OOB bulletins and an advisory |
| 2009-07-24/a> | Rick Wanner | Microsoft Out of Band Patch |
| 2009-07-14/a> | Swa Frantzen | Microsoft July Black Tuesday Overview |
| 2009-07-13/a> | Adrien de Beaupre | Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution |
| 2009-06-10/a> | Rick Wanner | SysInternals Survey |
| 2009-06-09/a> | Swa Frantzen | Microsoft June Black Tuesday Overview |
| 2009-05-28/a> | Stephen Hall | Microsoft DirectShow vulnerability |
| 2009-05-27/a> | donald smith | WebDAV write-up |
| 2009-05-15/a> | Daniel Wesemann | IIS6.0 WebDav Remote Auth Bypass |
| 2009-05-12/a> | Swa Frantzen | MSFT's version of responsible disclosure |
| 2009-05-12/a> | Swa Frantzen | May Black Tuesday Overview |
| 2009-05-05/a> | Bojan Zdrnja | Every dot matters |
| 2009-04-30/a> | Marcus Sachs | Microsoft Revises 08-069, 08-076, and 09-012 |
| 2009-04-14/a> | Swa Frantzen | April Black Tuesday Overview |
| 2009-03-10/a> | Swa Frantzen | March black Tuesday overview |
| 2009-02-14/a> | Deborah Hale | Microsoft Time Sync Appears to Down |
| 2009-02-10/a> | Swa Frantzen | February Black Tuesday Overview |
| 2009-01-31/a> | Swa Frantzen | Windows 7 - not so secure ? |
| 2009-01-13/a> | Johannes Ullrich | January Black Tuesday Overview |
| 2008-12-16/a> | donald smith | Microsoft announces an out of band patch for IE zero day |
| 2008-12-12/a> | Johannes Ullrich | MSIE 0-day Spreading Via SQL Injection |
| 2008-12-10/a> | Mark Hofman | Microsoft wordpad text converter issue |
| 2008-12-09/a> | Swa Frantzen | December Black Tuesday Overview |
| 2008-11-11/a> | Swa Frantzen | November Black Tuesday Overview |
| 2008-10-23/a> | Mark Hofman | Microsoft out-of-band patch - Severity Critical |
| 2008-10-14/a> | Swa Frantzen | October Black Tuesday Overview |
| 2008-10-10/a> | Marcus Sachs | Fake Microsoft Update Email |
| 2008-09-09/a> | Swa Frantzen | September 2008 Black Tuesday Overview |
| 2008-08-12/a> | Stephen Hall | August 2008 Black Tuesday Overview |
| 2008-08-01/a> | Robert Danford | Microsoft Malicious Software Removal Tool users double check it's running |
| 2008-07-09/a> | Johannes Ullrich | Unpatched Word Vulnerability |
| 2008-07-08/a> | Swa Frantzen | July 2008 black tuesday overview |
| 2008-07-08/a> | Johannes Ullrich | Mulitple Vendors DNS Spoofing Vulnerability |
| 2008-07-07/a> | Scott Fendley | Microsoft Snapshot Viewer Security Advisory |
| 2008-06-24/a> | Jason Lam | Microsoft SQL Injection Prevention Strategy |
| 2008-06-10/a> | Swa Frantzen | June 2008 Black Tuesday Overview |
| 2008-06-06/a> | Kevin Liston | Microsoft Security Bulletin Advance Notification for June 2008 |
| 2008-05-13/a> | Swa Frantzen | May 2008 black tuesday overview |
| 2008-05-13/a> | Swa Frantzen | Microsoft office file block & MOICE |
| 2008-05-06/a> | John Bambenek | Windows XP Service Pack 3 Released |
| 2008-05-01/a> | Adrien de Beaupre | Windows XP SteadyState |
| 2008-05-01/a> | Adrien de Beaupre | Windows Detours |
| 2008-04-18/a> | John Bambenek | IIS Vulnerability Documented by Microsoft - Includes Workarounds |
| 2008-04-18/a> | John Bambenek | The Patch Window is Gone: Automated Patch-Based Exploit Generation |
| 2008-04-16/a> | William Stearns | Windows XP Service Pack 3 - unofficial schedule: Apr 21-28 |
| 2008-04-09/a> | Joel Esler | ISC Podcast Episode Number 2 |
| 2008-04-08/a> | Swa Frantzen | April 2008 - Black Tuesday Overview |
| 2008-04-03/a> | Bojan Zdrnja | Opera fixes vulnerabilities and Microsoft announces April's fixes |
| 2008-04-02/a> | Adrien de Beaupre | When is a DMG file not a DMG file |
| 2008-03-25/a> | Raul Siles | Microsoft Jet Database Engine Advisory Update (950627) |
| 2008-03-22/a> | Koon Yaw Tan | Microsoft Security Advisory Released (950627) |
| 2006-12-26/a> | Swa Frantzen | Vista: better security [Y/N] ? |
| 2006-12-12/a> | Swa Frantzen | The missing Microsoft patches |
| 2006-12-12/a> | Swa Frantzen | Microsoft Black Tuesday - December 2006 overview |
| 2006-12-12/a> | Jim Clausing | MS06-075: csrss local privilege escalation (CVE-2006-5585) |
| 2006-12-12/a> | Lorna Hutcheson | MS06-072: Cumulative Security Update for Internet Explorer (925454) |
| 2006-12-12/a> | Robert Danford | MS06-078: 2 Windows Media Format Vulnerabilities (CVE-2006-4702, CVE-2006-6134) |
| 2006-12-12/a> | Swa Frantzen | Microsoft Office 2004 - Mac OS X updated |
| 2006-12-12/a> | Swa Frantzen | Offline Microsoft Patching |
| 2006-11-20/a> | Joel Esler | MS06-070 Remote Exploit |
| 2006-11-14/a> | Jim Clausing | MS06-069: Adobe Flash Player |
| 2006-11-14/a> | Jim Clausing | MS06-071: MSXML Core Services |
| 2006-11-10/a> | Tony Carothers | A busy Black Tuesday coming up..... |
| 2006-10-09/a> | Swa Frantzen | Microsoft black tuesday - October 2006 STATUS |
| 2006-10-05/a> | Swa Frantzen | MS06-053 revisited ? |
| 2006-09-30/a> | Swa Frantzen | Yellow: WebViewFolderIcon setslice exploit spreading |
| 2006-09-28/a> | Swa Frantzen | Powerpoint, yet another new vulnerability |
| 2006-09-28/a> | Swa Frantzen | MSIE: One patched, one pops up again (setslice) |
| 2006-09-26/a> | Jim Clausing | MS06-049 re-release |
| 2006-09-12/a> | Michael Haisley | Microsoft Security Bulletin MS06-054 |
| 2006-09-12/a> | Swa Frantzen | Microsoft security patches for September 2006 |
| 2006-09-12/a> | Michael Haisley | Microsoft Security Bulletin MS06-052 |
| 2006-08-17/a> | Swa Frantzen | Microsoft August 2006 Patches: STATUS |
UPDATE |
| 2023-04-22/a> | Didier Stevens | YARA v4.3.1 Release |
| 2023-04-02/a> | Didier Stevens | YARA v4.3.0 Release |
| 2023-01-07/a> | Didier Stevens | YARA v4.3.0-rc1 --skip-larger |
| 2022-12-05/a> | Didier Stevens | VLC's Check For Updates: No Updates? |
| 2022-08-20/a> | Didier Stevens | YARA 4.2.3 Released |
| 2022-07-02/a> | Didier Stevens | YARA 4.2.2 Released |
| 2022-04-30/a> | Didier Stevens | YARA 4.2.1 Released |
| 2022-03-14/a> | Johannes Ullrich | Apple Updates Everything: MacOS 12.3, XCode 13.3, tvOS 15.4, watchOS 8.5, iPadOS 15.4 and more |
| 2021-11-29/a> | Didier Stevens | Wireshark 3.6.0 Released |
| 2021-10-31/a> | Didier Stevens | Sysinternals: Autoruns and Sysmon updates |
| 2021-10-28/a> | Yee Ching Tok | Multiple Apple Patches for October 2021 |
| 2021-10-10/a> | Didier Stevens | Wireshark 3.4.9 Released |
| 2021-08-21/a> | Didier Stevens | New Versions Of Sysinternals Tools |
| 2021-07-25/a> | Didier Stevens | Wireshark 3.4.7 Released |
| 2021-04-25/a> | Didier Stevens | Wireshark 3.4.5 Released |
| 2021-03-14/a> | Didier Stevens | Wireshark 3.4.4 Released |
| 2021-02-06/a> | Didier Stevens | YARA v4.0.5 |
| 2021-01-31/a> | Didier Stevens | YARA v4.0.4 |
| 2020-12-20/a> | Didier Stevens | Wireshark 3.4.2 Released |
| 2020-12-13/a> | Didier Stevens | Wireshark 3.4.1 Released |
| 2020-09-27/a> | Didier Stevens | Wireshark 3.2.7 Released |
| 2020-08-15/a> | Didier Stevens | Wireshark 3.2.6 Released |
| 2020-05-24/a> | Didier Stevens | Wireshark 3.2.4 Released |
| 2020-04-11/a> | Didier Stevens | Wireshark 3.2.3 Released: Mac Users Pay Attention Please |
| 2020-03-14/a> | Didier Stevens | Phishing PDF With Incremental Updates. |
| 2020-03-07/a> | Didier Stevens | Wireshark 3.2.2 Released: Windows' Users Pay Attention Please |
| 2020-02-05/a> | Brad Duncan | Fake browser update pages are "still a thing" |
| 2020-02-01/a> | Didier Stevens | Wireshark 3.2.1 Released |
| 2019-12-21/a> | Didier Stevens | Wireshark 3.2.0 Released |
| 2019-12-08/a> | Didier Stevens | Wireshark 3.0.7 Released |
| 2019-10-27/a> | Didier Stevens | Wireshark 3.0.6 Released |
| 2019-09-21/a> | Didier Stevens | Wireshark 3.0.5 Release: Potential Windows Crash when Updating |
| 2019-07-09/a> | John Bambenek | MSFT July 2019 Patch Tuesday |
| 2017-07-30/a> | Guy Bruneau | Re-release of MS Oulook Security Patches https://portal.msrc.microsoft.com/en-us/security-guidance/summary |
| 2016-09-13/a> | Rob VandenBrink | Apple iOS 10 and 10.0.1 Released |
| 2016-02-27/a> | Guy Bruneau | OpenSSL Security Update Planned for 1 March Release |
| 2015-10-09/a> | Guy Bruneau | Adobe Acrobat and Reader Pre-Announcement |
| 2015-04-04/a> | Didier Stevens | VMware Product Updates Address Critical Information Disclosure Issue In JRE |
| 2014-08-22/a> | Richard Porter | PHP 5.4.32 Released http://www.php.net/ChangeLog-5.php#5.4.32 |
| 2014-08-22/a> | Richard Porter | PHP 5.5.16 is available http://www.php.net/ChangeLog-5.php#5.5.16 |
| 2014-08-12/a> | Adrien de Beaupre | Adobe updates for 2014/08 |
| 2014-08-01/a> | Chris Mohan | WireShark 1.10.9 and 1.12.0 has been released |
| 2014-07-11/a> | Rob VandenBrink | Metasploit Update Alert |
| 2014-06-12/a> | Guy Bruneau | BIND Security Update for CVE-2014-3859 |
| 2014-04-24/a> | Rob VandenBrink | Apple IOS updates to 7.1.1, OSX Security update 2014-002, Airport Updates - http://support.apple.com/kb/HT1222, http://support.apple.com/kb/HT6208, http://support.apple.com/kb/HT6207, http://support.apple.com/kb/HT6203 |
| 2014-04-12/a> | Guy Bruneau | Critical Security Update for JetPack WordPress Plugin. Bug has existed since Jetpack 1.9, released in October 2012. - http://jetpack.me/2014/04/10/jetpack-security-update/ |
| 2014-04-02/a> | Kevin Shortt | Apple Security Update for Safari 6.1.3/7.0.3: http://support.apple.com/kb/HT6181 |
| 2014-03-06/a> | Mark Baggett | Port 5000 traffic and snort signature |
| 2014-02-14/a> | Chris Mohan | SYM14-004 Symantec Endpoint Protection Management Vulnerabilities - http://www.symantec.com/business/support/index?page=content&id=TECH214866 |
| 2013-12-18/a> | Adrien de Beaupre | Wireshark 1.10.4 and 1.8.12 are available |
| 2013-12-17/a> | Adrien de Beaupre | Apple security updates Mac OS X and Safari |
| 2013-10-17/a> | Adrien de Beaupre | Chrome updated http://googlechromereleases.blogspot.ca/2013/10/stable-channel-update_15.html |
| 2013-10-15/a> | Rob VandenBrink | Java Quarterly Updates |
| 2013-07-28/a> | Guy Bruneau | Wireshark 1.8.9 and 1.10.1 Security Update |
| 2013-07-03/a> | Kevin Shortt | Apple Security Update 2013-003 |
| 2013-06-05/a> | Richard Porter | Windows Sysinternals Updated http://technet.microsoft.com/en-us/sysinternals/default.aspx |
| 2013-05-22/a> | Adrien de Beaupre | Apple QuickTime 7.7.4 for Windows updated, MANY security vulnerabilities: http://support.apple.com/kb/HT1222 |
| 2013-05-22/a> | Adrien de Beaupre | Chrome 24.0.1312.52 has been updated for Windows, Mac, Linux, and Chrome Frame |
| 2013-04-19/a> | Russ McRee | Java 8 release schedule delayed for renewed focus on security |
| 2013-04-03/a> | Mark Hofman | Firefox 20 and Thunderbird 17.0.5 updates |
| 2013-03-07/a> | Guy Bruneau | Wireshark Security Updates |
| 2013-02-27/a> | Adam Swanger | Adobe Flash Player Security Update - http://www.adobe.com/support/security/bulletins/apsb13-08.html |
| 2013-02-22/a> | Chris Mohan | PHP 5.4.12 and PHP 5.3.22 released http://www.php.net/ChangeLog-5.php |
| 2013-02-22/a> | Chris Mohan | Chrome 25.0.1364.87 addresses multiple vulnerabilities http://googlechromereleases.blogspot.com.au/2013/02/stable-channel-update_21.html |
| 2013-02-12/a> | Adam Swanger | Microsoft February 2013 Black Tuesday Update - Overview |
| 2013-02-01/a> | Jim Clausing | Oracle quitely releases Java 7u13 early |
| 2013-01-17/a> | Russ McRee | PHP 5.4.11 and PHP 5.3.21 released |
| 2013-01-09/a> | Rob VandenBrink | SQL Injection Flaw in Ruby on Rails |
| 2013-01-09/a> | Rob VandenBrink | Firefox and Thunderbird Updates |
| 2013-01-09/a> | Rob VandenBrink | Security Updates for Adobe Flash - http://www.adobe.com/support/security/bulletins/apsb13-01.html |
| 2013-01-09/a> | Johannes Ullrich | New Format for Monthly Threat Update |
| 2013-01-08/a> | Richard Porter | Firefox 18 Released, Security Fixes http://www.mozilla.org/security/known-vulnerabilities/firefox.html |
| 2012-12-11/a> | John Bambenek | Microsoft December 2012 Black Tuesday Update - Overview |
| 2012-11-13/a> | Jim Clausing | Microsoft November 2012 Black Tuesday Update - Overview |
| 2012-10-28/a> | Tony Carothers | Firefox 16.02 Released |
| 2012-09-21/a> | Guy Bruneau | Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801) |
| 2012-09-20/a> | Russ McRee | Apple and Cisco Security Advisories 19 SEP 2012 |
| 2012-08-22/a> | Adrien de Beaupre | Apple Remote Desktop update fixes no encryption issue |
| 2012-08-21/a> | Adrien de Beaupre | YYABCAFU - Yes Yet Another Bleeping Critical Adobe Flash Update |
| 2012-08-15/a> | Guy Bruneau | Wireshark Security Update |
| 2012-08-02/a> | Guy Bruneau | Opera Security Update |
| 2012-07-18/a> | Rob VandenBrink | Snort Updated today |
| 2012-06-25/a> | Guy Bruneau | Issues with Windows Update Agent |
| 2012-06-20/a> | Raul Siles | Firefox 13.0.1 Update |
| 2012-06-06/a> | Jim Clausing | Firefox, Thunderbird, and Seamonkey Security Updates |
| 2012-05-04/a> | Guy Bruneau | Adobe Security Flash Update |
| 2012-03-06/a> | Mark Hofman | Websense posted a small article relating to mass injection into wordpress sites (thanks Chris) More info Here --> http://community.websense.com/blogs/securitylabs/archive/2012/03/05/mass-injection-of-wordpress-sites.aspx |
| 2012-02-04/a> | Scott Fendley | Apple Security Advisory 2012-001 v1.1 |
| 2011-11-02/a> | Russ McRee | Wireshark updates: 1.6.3 and 1.4.10 released |
| 2011-10-22/a> | Guy Bruneau | Oracle Java SE Critical Patch Update |
| 2011-10-01/a> | Mark Hofman | Hot on the heels fo FF, Thunderbird v 7.0.1 and SeaMonkey v 2.4.1 have been updated. |
| 2011-09-18/a> | Guy Bruneau | Google Chrome Security Updates |
| 2011-09-06/a> | Guy Bruneau | Firefox 6.0.2 released to removed trust to DigiNotar certificate authority http://www.mozilla.org/en-US/firefox/6.0.2/releasenotes/ |
| 2011-09-05/a> | Raul Siles | Java 7 Officially Released |
| 2011-07-15/a> | Deborah Hale | Apple Software Updates |
| 2011-06-28/a> | Johannes Ullrich | Update: Thunderbird 5.0 released. https://www.mozilla.org/en-US/thunderbird/ |
| 2011-06-23/a> | Jim Clausing | Apple Security Updates 2011-004 |
| 2011-06-09/a> | Richard Porter | Chrome Version 12.0.742.91 Released |
| 2011-06-01/a> | Adrien de Beaupre | Wireshark 1.4.7 and 1.2.17 Released - http://www.wireshark.org/news/20110531.html |
| 2011-05-20/a> | Guy Bruneau | Sysinternals Updates, Analyzing Stuxnet Infection with Sysinternals Tools Part 3 |
| 2011-05-16/a> | Jason Lam | Firefox 3.5 forced upgrade coming soon |
| 2011-05-04/a> | Richard Porter | Microsoft Sysinterals Update |
| 2011-05-01/a> | Deborah Hale | Java 6.25 Is Now Available |
| 2011-04-14/a> | Adrien de Beaupre | Sysinternals updates, a new blog post, and webcast |
| 2011-03-21/a> | Kevin Shortt | APPLE-SA-2011-03-21-1 Mac OS X v10.6.7 and Security Update 2011-001 |
| 2011-03-09/a> | Chris Mohan | Possible Issue with Forefront Update KB2508823 |
| 2011-03-02/a> | Chris Mohan | Microsoft’s Autorun update v2.1 now automatically deployed from Windows Update |
| 2011-02-21/a> | Adrien de Beaupre | Kaspersky update servers unreachable |
| 2011-01-27/a> | Chris Carboni | Opera Updates |
| 2010-12-03/a> | Mark Hofman | AVG Update Bricking windows 7 64 bit |
| 2010-11-30/a> | Joel Esler | VMWare Security Advisory |
| 2010-11-16/a> | Guy Bruneau | Mac OS X Server v10.6.5 (10H575) Security Update: http://support.apple.com/kb/HT4452 |
| 2010-08-25/a> | Pedro Bueno | Adobe released security update for Shockwave player that fix several CVEs: APSB1020 |
| 2010-08-19/a> | Rob VandenBrink | Don points us to multiple Adobe updates (Reader and Acrobat 9.3.4 among them) ==> http://www.adobe.com/support/downloads/new.jsp |
| 2010-08-10/a> | Jason Lam | Adobe critical security updates |
| 2010-08-10/a> | Daniel Wesemann | New Apple security updates for iPad/Pod/Phone. See http://support.apple.com/kb/ht1222 |
| 2010-07-21/a> | Adrien de Beaupre | Update on .LNK vulnerability |
| 2010-06-29/a> | donald smith | Adobe Reader 9.3.3/8.2.3 addressing CVE-2010-1297 |
| 2010-05-12/a> | Rob VandenBrink | Adobe Shockwave Update |
| 2010-04-13/a> | Adrien de Beaupre | Security update available for Adobe Reader and Acrobat |
| 2010-04-02/a> | Guy Bruneau | Foxit Reader Security Update |
| 2010-03-29/a> | Adrien de Beaupre | OOB Update for Internet Explorer MS10-018 |
| 2010-03-29/a> | Adrien de Beaupre | APPLE-SA-2010-03-29-1 Security Update 2010-002 / Mac OS X v10.6.3 |
| 2010-03-22/a> | Guy Bruneau | New Opera 10.51 available with security fixes. More information available at: http://www.opera.com/docs/changelogs/windows/1051/ |
| 2010-03-12/a> | Mark Hofman | Firefox 3.6 is being pushed out to users. http://www.mozilla.com/en-US/firefox/3.6/releasenotes/ |
| 2010-03-11/a> | Mark Hofman | A new version of Safari is out. Looks like for Mac and Windows. Plenty of security fixes (mostly for Windows Safari users http://support.apple.com/kb/HT4070 ) |
| 2010-03-10/a> | Rob VandenBrink | Microsoft re-release of KB973811 - attacks on Extended Protection for Authentication |
| 2010-03-08/a> | Raul Siles | Microsoft announced two important bulletins (fixing multiple vulns. affecting Windows and Office) for tomorrow: http://www.microsoft.com/technet/security/Bulletin/MS10-mar.mspx |
| 2010-03-01/a> | Mark Hofman | Microsoft will drop support for Vista (without any Service Packs) on April 13 and support for XP SP2 ends July 13. (i.e. no more security updates). If you are still running these, it it time to update. |
| 2010-02-27/a> | Guy Bruneau | PHP 5.2.13 Security Update |
| 2010-02-11/a> | Deborah Hale | The Mysterious Blue Screen |
| 2010-01-06/a> | Guy Bruneau | Firefox security and stability update for version 3.5.7 and 3.0.17 available for download |
| 2009-12-16/a> | Rob VandenBrink | Seamonkey Update to 2.0.1, find the release notes here ==> http://www.seamonkey-project.org/releases/seamonkey2.0.1 |
| 2009-12-03/a> | Mark Hofman | Apple released some Java updates today APPLE-SA-2009-12-03-1 & 2 (for 10.5 and 10.6). Fixes a number of security issues so updating is a good idea. |
| 2009-12-02/a> | Rob VandenBrink | Microsoft Black Screen of Death - Fact of Fiction? |
| 2009-11-25/a> | Jim Clausing | Tool updates |
| 2009-11-25/a> | Jim Clausing | Microsoft Updates requiring reboot |
| 2009-11-11/a> | Rob VandenBrink | Apple Safari 4.0.4 Released |
| 2009-11-09/a> | Guy Bruneau | Apple Security Update 2009-006 for Mac OS X v10.6.2 |
| 2009-11-06/a> | Mark Hofman | A new version of Firefox (3.5.5) just became available. According to the release notes they are stability improvements. |
| 2009-10-22/a> | Adrien de Beaupre | Sysinternals updates: Disk2vhd v1.1, ZoomIt v4.1, Coreinfo v2.0, VMMap v2.4 |
| 2009-09-24/a> | Jim Clausing | A couple more tools |
| 2009-09-04/a> | Adrien de Beaupre | SeaMonkey Security Update |
| 2009-08-05/a> | donald smith | Security Update 2009-003 / Mac OS X v10.5.8 |
| 2009-08-04/a> | donald smith | Java Security Update |
| 2009-07-18/a> | Patrick Nolan | Chrome update contains Security fixes |
| 2009-06-10/a> | Swa Frantzen | Java 6 update 14 released |
| 2009-06-02/a> | Deborah Hale | Another Quicktime Update |
| 2009-05-26/a> | Jason Lam | Vista & Win2K8 SP2 available |
| 2009-02-10/a> | Swa Frantzen | Java up to date ? |
| 2008-11-29/a> | Pedro Bueno | Ubuntu users: Time to update! |
| 2008-11-13/a> | Jim Clausing | Some recently updated tools |
| 2008-10-10/a> | Marcus Sachs | Fake Microsoft Update Email |
| 2008-09-10/a> | Adrien de Beaupre | Apple updates iPod Touch + Bonjour for Windows |
| 2008-07-11/a> | Jim Clausing | Updates to some of our favorite tools |
| 2008-04-20/a> | Joel Esler | Software Update -- Did Apple Do Enough? |
| 2008-03-20/a> | Joel Esler | APPLE-SA-2008-03-19 AirPort Extreme Base Station Firmware 7.3.1 |
| 2008-03-20/a> | Joel Esler | Potential Vulnerability in Flash CS3 Professional, Flash Professional 8 and Flash Basic 8? |
KB973811 |
| 2010-03-10/a> | Rob VandenBrink | Microsoft re-release of KB973811 - attacks on Extended Protection for Authentication |
EXTENDED |
| 2015-06-27/a> | Guy Bruneau | Is Windows XP still around in your Network a year after Support Ended? |
| 2010-03-10/a> | Rob VandenBrink | Microsoft re-release of KB973811 - attacks on Extended Protection for Authentication |
PROTECTION |
| 2021-02-28/a> | Didier Stevens | Maldocs: Protection Passwords |
| 2021-02-22/a> | Didier Stevens | Unprotecting Malicious Documents For Inspection |
| 2016-01-31/a> | Guy Bruneau | Windows 10 and System Protection for DATA Default is OFF |
| 2014-07-30/a> | Rick Wanner | Symantec Endpoint Protection Privilege Escalation Zero Day |
| 2012-04-26/a> | Richard Porter | Define Irony: A medical device with a Virus? |
| 2011-01-12/a> | Richard Porter | How Many Loyalty Cards do you Carry? |
| 2010-03-10/a> | Rob VandenBrink | Microsoft re-release of KB973811 - attacks on Extended Protection for Authentication |
| 2009-12-07/a> | Rob VandenBrink | Layer 2 Network Protections – reloaded! |
| 2009-11-11/a> | Rob VandenBrink | Layer 2 Network Protections against Man in the Middle Attacks |
| 2009-10-30/a> | Rob VandenBrink | New version of NIST 800-41, Firewalls and Firewall Policy Guidelines |
| 2009-08-29/a> | Guy Bruneau | Immunet Protect - Cloud and Community Malware Protection |
| 2009-06-27/a> | Tony Carothers | New NIAP Strategy on the Horizon |
FOR |
| 2025-01-06/a> | Xavier Mertens | Make Malware Happy |
| 2024-05-27/a> | Jan Kopriva | Files with TXZ extension used as malspam attachments |
| 2024-05-15/a> | Rob VandenBrink | Got MFA? If not, Now is the Time! |
| 2024-05-08/a> | Xavier Mertens | Analyzing Synology Disks on Linux |
| 2024-03-29/a> | Xavier Mertens | Quick Forensics Analysis of Apache logs |
| 2024-03-19/a> | Johannes Ullrich | Attacker Hunting Firewalls |
| 2024-02-28/a> | Johannes Ullrich | Exploit Attempts for Unknown Password Reset Vulnerability |
| 2023-12-13/a> | Guy Bruneau | T-shooting Terraform for DShield Honeypot in Azure [Guest Diary] |
| 2023-12-06/a> | Guy Bruneau | Revealing the Hidden Risks of QR Codes [Guest Diary] |
| 2023-07-12/a> | Brad Duncan | Loader activity for Formbook "QM18" |
| 2023-06-17/a> | Brad Duncan | Formbook from Possible ModiLoader (DBatLoader) |
| 2023-01-26/a> | Tom Webb | Live Linux IR with UAC |
| 2023-01-02/a> | Xavier Mertens | NetworkMiner 2.8 Released |
| 2022-10-22/a> | Didier Stevens | rtfdump's Find Option |
| 2022-10-07/a> | Xavier Mertens | Critical Fortinet Vulnerability Ahead |
| 2022-06-15/a> | Johannes Ullrich | Terraforming Honeypots. Installing DShield Sensors in the Cloud |
| 2022-03-23/a> | Brad Duncan | Arkei Variants: From Vidar to Mars Stealer |
| 2021-12-22/a> | Brad Duncan | December 2021 Forensic Contest: Answers and Analysis |
| 2021-12-16/a> | Brad Duncan | How the "Contact Forms" campaign tricks people |
| 2021-12-08/a> | Brad Duncan | December 2021 Forensic Challenge |
| 2021-11-19/a> | Xavier Mertens | Downloader Disguised as Excel Add-In (XLL) |
| 2021-11-04/a> | Tom Webb | Xmount for Disk Images |
| 2021-10-31/a> | Didier Stevens | Video: Phishing ZIP With Malformed Filename |
| 2021-10-24/a> | Didier Stevens | Phishing ZIP With Malformed Filename |
| 2021-10-22/a> | Brad Duncan | October 2021 Contest: Forensic Challenge |
| 2021-10-14/a> | Xavier Mertens | Port-Forwarding with Windows for the Win |
| 2021-10-13/a> | Johannes Ullrich | Please fix your E-Mail Brute forcing tool! |
| 2021-06-30/a> | Brad Duncan | June 2021 Forensic Contest: Answers and Analysis |
| 2021-06-18/a> | Daniel Wesemann | Network Forensics on Azure VMs (Part #2) |
| 2021-06-17/a> | Daniel Wesemann | Network Forensics on Azure VMs (Part #1) |
| 2021-06-12/a> | Guy Bruneau | Fortinet Targeted for Unpatched SSL VPN Discovery Activity |
| 2021-05-19/a> | Brad Duncan | May 2021 Forensic Contest: Answers and Analysis |
| 2021-05-07/a> | Daniel Wesemann | Exposed Azure Storage Containers |
| 2021-05-05/a> | Brad Duncan | May 2021 Forensic Contest |
| 2021-04-01/a> | Brad Duncan | April 2021 Forensic Quiz |
| 2021-02-25/a> | Daniel Wesemann | Forensicating Azure VMs |
| 2020-12-29/a> | Jan Kopriva | Want to know what's in a folder you don't have a permission to access? Try asking your AV solution... |
| 2020-12-16/a> | Daniel Wesemann | DNS Logs in Public Clouds |
| 2020-11-19/a> | Xavier Mertens | PowerShell Dropper Delivering Formbook |
| 2020-08-20/a> | Rob VandenBrink | Office 365 Mail Forwarding Rules (and other Mail Rules too) |
| 2020-07-10/a> | Brad Duncan | Excel spreasheet macro kicks off Formbook infection |
| 2020-06-16/a> | Xavier Mertens | Sextortion to The Next Level |
| 2020-04-26/a> | Didier Stevens | Video: Malformed .docm File |
| 2020-03-15/a> | Guy Bruneau | VPN Access and Activity Monitoring |
| 2019-11-06/a> | Brad Duncan | More malspam pushing Formbook |
| 2019-10-25/a> | Rob VandenBrink | More on DNS Archeology (with PowerShell) |
| 2019-08-21/a> | Russ McRee | KAPE: Kroll Artifact Parser and Extractor |
| 2019-07-10/a> | Rob VandenBrink | Dumping File Contents in Hex (in PowerShell) |
| 2019-07-05/a> | Didier Stevens | A "Stream O" Maldoc |
| 2019-07-01/a> | Didier Stevens | Maldoc: Payloads in User Forms |
| 2018-08-23/a> | Xavier Mertens | Simple Phishing Through formcrafts.com |
| 2018-01-26/a> | Xavier Mertens | Investigating Microsoft BITS Activity |
| 2018-01-09/a> | Jim Clausing | Are you watching for brute force attacks on IPv6? |
| 2017-10-03/a> | Brad Duncan | Malspam pushing Formbook info stealer |
| 2017-10-02/a> | Xavier Mertens | Investigating Security Incidents with Passive DNS |
| 2017-09-28/a> | Xavier Mertens | The easy way to analyze huge amounts of PCAP data |
| 2017-09-24/a> | Jim Clausing | Forensic use of mount --bind |
| 2017-09-19/a> | Jim Clausing | New tool: mac-robber.py |
| 2017-08-07/a> | Xavier Mertens | Increase of phpMyAdmin scans |
| 2017-07-09/a> | Russ McRee | Adversary hunting with SOF-ELK |
| 2017-04-26/a> | Johannes Ullrich | If there are some unexploited MSSQL Servers With Weak Passwords Left: They got you now (again) |
| 2017-01-12/a> | Mark Baggett | System Resource Utilization Monitor |
| 2016-10-31/a> | Russ McRee | SEC505 DFIR capture script: snapshot.ps1 |
| 2016-08-11/a> | Pasquale Stirparo | Looking for the insider: Forensic Artifacts on iOS Messaging App |
| 2016-06-01/a> | Xavier Mertens | Docker Containers Logging |
| 2016-05-22/a> | Pasquale Stirparo | The strange case of WinZip MRU Registry key |
| 2016-03-28/a> | Xavier Mertens | Improving Bash Forensics Capabilities |
| 2016-03-11/a> | Jim Clausing | Forensicating Docker, Part 1 |
| 2016-02-18/a> | Xavier Mertens | Hunting for Executable Code in Windows Environments |
| 2016-01-21/a> | Jim Clausing | Scanning for Fortinet ssh backdoor |
| 2016-01-06/a> | Russ McRee | toolsmith #112: Red vs Blue - PowerSploit vs PowerForensics |
| 2015-06-23/a> | Kevin Shortt | XOR DDOS Mitigation and Analysis |
| 2015-06-22/a> | Johannes Ullrich | SMTP Brute Forcing |
| 2015-04-24/a> | Basil Alawi S.Taher | Fileless Malware |
| 2015-04-17/a> | Didier Stevens | Memory Forensics Of Network Devices |
| 2015-03-18/a> | Daniel Wesemann | New SANS memory forensics poster |
| 2015-02-03/a> | Johannes Ullrich | Another Network Forensic Tool for the Toolbox - Dshell |
| 2014-09-07/a> | Johannes Ullrich | Odd Persistent Password Bruteforcing |
| 2014-08-29/a> | Johannes Ullrich | False Positive or Not? Difficult to Analyze Javascript |
| 2014-08-10/a> | Basil Alawi S.Taher | Incident Response with Triage-ir |
| 2014-08-09/a> | Adrien de Beaupre | Complete application ownage via Multi-POST XSRF |
| 2014-07-23/a> | Johannes Ullrich | New Feature: "Live" SSH Brute Force Logs and New Kippo Client |
| 2014-07-22/a> | Daniel Wesemann | WordPress brute force attack via wp.getUsersBlogs |
| 2014-06-22/a> | Russ McRee | OfficeMalScanner helps identify the source of a compromise |
| 2014-06-03/a> | Basil Alawi S.Taher | An Introduction to RSA Netwitness Investigator |
| 2014-05-27/a> | Kevin Shortt | Avast forums hacked |
| 2014-05-18/a> | Russ McRee | sed and awk will always rock |
| 2014-03-11/a> | Basil Alawi S.Taher | Introduction to Memory Analysis with Mandiant Redline |
| 2014-03-07/a> | Tom Webb | Linux Memory Dump with Rekall |
| 2014-02-09/a> | Basil Alawi S.Taher | Mandiant Highlighter 2 |
| 2014-01-10/a> | Basil Alawi S.Taher | Windows Autorun-3 |
| 2013-12-12/a> | Basil Alawi S.Taher | Acquiring Memory Images with Dumpit |
| 2013-12-02/a> | Richard Porter | Reports of higher than normal SSH Attacks |
| 2013-11-21/a> | Mark Baggett | "In the end it is all PEEKS and POKES." |
| 2013-11-20/a> | Mark Baggett | Searching live memory on a running machine with winpmem |
| 2013-11-19/a> | Mark Baggett | Winpmem - Mild mannered memory aquisition tool?? |
| 2013-10-02/a> | John Bambenek | Obamacare related domain registration spike, Government shutdown domain registration beginning |
| 2013-08-26/a> | Alex Stanford | Stop, Drop and File Carve |
| 2013-08-14/a> | Johannes Ullrich | Imaging LUKS Encrypted Drives |
| 2013-07-31/a> | Johannes Ullrich | POP3 Server Brute Forcing Attempts Using Polycom Credentials |
| 2013-07-21/a> | Guy Bruneau | Ubuntu Forums Security Breach |
| 2013-07-20/a> | Manuel Humberto Santander Pelaez | Do you have rogue Internet gateways in your network? Check it with nmap |
| 2013-07-12/a> | Rob VandenBrink | Hmm - where did I save those files? |
| 2013-06-23/a> | Kevin Liston | Is SSH no more secure than telnet? |
| 2013-05-23/a> | Adrien de Beaupre | MoVP II |
| 2013-04-25/a> | Adam Swanger | SANS 2013 Forensics Survey - https://www.surveymonkey.com/s/2013SANSForensicsSurvey |
| 2013-02-17/a> | Guy Bruneau | HP ArcSight Connector Appliance and Logger Vulnerabilities |
| 2012-12-16/a> | Tony Carothers | SSH Brute Force on Non-Standard Ports |
| 2012-11-02/a> | Daniel Wesemann | The shortcomings of anti-virus software |
| 2012-10-11/a> | Rob VandenBrink | Cyber Security Awareness Month - Day 11 - Vendor Agnostic Standards (Center for Internet Security) |
| 2012-09-14/a> | Lenny Zeltser | Analyzing Malicious RTF Files Using OfficeMalScanner's RTFScan |
| 2012-06-04/a> | Lenny Zeltser | Decoding Common XOR Obfuscation in Malicious Code |
| 2012-05-22/a> | Johannes Ullrich | nmap 6 released |
| 2012-01-03/a> | Rick Wanner | Analysis of the Stratfor Password List |
| 2011-12-25/a> | Deborah Hale | Another Company Falls Victim |
| 2011-12-04/a> | Guy Bruneau | SSH Password Brute Forcing may be on the Rise |
| 2011-11-06/a> | Tom Liston | New, odd SSH brute force behavior |
| 2011-09-29/a> | Daniel Wesemann | The SSD dilemma |
| 2011-08-05/a> | Johannes Ullrich | Forensics: SIFT Kit 2.1 now available for download http://computer-forensics.sans.org/community/downloads |
| 2011-08-02/a> | Mark Hofman | SSH Brute Force attacks |
| 2011-07-31/a> | Daniel Wesemann | Anatomy of a Unix breach |
| 2011-07-17/a> | Mark Hofman | SSH Brute Force |
| 2011-03-09/a> | Chris Mohan | Possible Issue with Forefront Update KB2508823 |
| 2011-03-01/a> | Daniel Wesemann | AV software and "sharing samples" |
| 2011-02-19/a> | Guy Bruneau | Snort Data Acquisition Library |
| 2011-02-05/a> | Guy Bruneau | OpenSSH Legacy Certificate Information Disclosure Vulnerability |
| 2011-01-29/a> | Mark Hofman | Sourceforge attack |
| 2011-01-12/a> | Richard Porter | How Many Loyalty Cards do you Carry? |
| 2010-11-17/a> | Guy Bruneau | Reference on Open Source Digital Forensics |
| 2010-11-12/a> | Guy Bruneau | Honeynet Forensic Challenge - Analyzing Malicious Portable Destructive Files |
| 2010-10-22/a> | Manuel Humberto Santander Pelaez | Intypedia project |
| 2010-09-07/a> | Bojan Zdrnja | SSH password authentication insight and analysis by DRG |
| 2010-08-25/a> | Pedro Bueno | Adobe released security update for Shockwave player that fix several CVEs: APSB1020 |
| 2010-07-24/a> | Manuel Humberto Santander Pelaez | Transmiting logon information unsecured in the network |
| 2010-07-13/a> | Jim Clausing | Forensic challenge results |
| 2010-06-18/a> | Adrien de Beaupre | Distributed SSH Brute Force Attempts on the rise again |
| 2010-06-18/a> | Tom Liston | IMPORTANT INFORMATION: Distributed SSH Brute Force Attacks |
| 2010-06-15/a> | Manuel Humberto Santander Pelaez | iPhone 4 Order Security Breach Exposes Private Information |
| 2010-06-04/a> | Rick Wanner | New Honeynet Project Forensic Challenge |
| 2010-06-02/a> | Rob VandenBrink | SPAM pretending to be from Habitat for Humanity |
| 2010-05-22/a> | Rick Wanner | SANS 2010 Digital Forensics Summit - APT Based Forensic Challenge |
| 2010-05-21/a> | Rick Wanner | 2010 Digital Forensics and Incident Response Summit |
| 2010-05-04/a> | Rick Wanner | SIFT review in the ISSA Toolsmith |
| 2010-04-30/a> | Kevin Liston | The Importance of Small Files |
| 2010-04-21/a> | Guy Bruneau | Google Chrome Security Update v4.1.249.1059 Released: http://googlechromereleases.blogspot.com/2010/04/stable-update-security-fixes.html |
| 2010-04-11/a> | Marcus Sachs | Network and process forensics toolset |
| 2010-03-28/a> | Rick Wanner | Honeynet Project: 2010 Forensic Challenge #3 |
| 2010-03-27/a> | Guy Bruneau | HP-UX Running NFS/ONCplus, Inadvertently Enabled NFS |
| 2010-03-26/a> | Daniel Wesemann | SIFT2.0 SANS Investigative Forensics Toolkit released |
| 2010-03-10/a> | Rob VandenBrink | Microsoft re-release of KB973811 - attacks on Extended Protection for Authentication |
| 2010-01-23/a> | Lorna Hutcheson | The necessary evils: Policies, Processes and Procedures |
| 2010-01-19/a> | Jim Clausing | Forensic challenges |
| 2010-01-01/a> | G. N. White | Dealing With Unwanted SSH Bruteforcing |
| 2009-12-14/a> | Adrien de Beaupre | Anti-forensics, COFEE vs. DECAF |
| 2009-11-30/a> | Bojan Zdrnja | Distributed Wordpress admin account cracking |
| 2009-11-29/a> | Patrick Nolan | A Cloudy Weekend |
| 2009-11-25/a> | Jim Clausing | Updates to my GREM Gold scripts and a new script |
| 2009-10-04/a> | Guy Bruneau | Samba Security Information Disclosure and DoS |
| 2009-08-18/a> | Daniel Wesemann | Forensics: Mounting partitions from full-disk 'dd' images |
| 2009-08-13/a> | Jim Clausing | New and updated cheat sheets |
| 2009-07-17/a> | John Bambenek | Cross-Platform, Cross-Browser DoS Vulnerability |
| 2009-07-10/a> | Guy Bruneau | WordPress Fixes Multiple vulnerabilities |
| 2009-07-02/a> | Daniel Wesemann | Getting the EXE out of the RTF |
| 2009-04-17/a> | Daniel Wesemann | Guess what? SSH again! |
| 2009-03-30/a> | Daniel Wesemann | Watch your Internet routers! |
| 2009-03-02/a> | Swa Frantzen | Obama's leaked chopper blueprints: anything we can learn? |
| 2009-02-02/a> | Stephen Hall | How do you audit your production code? |
| 2009-01-30/a> | Mark Hofman | Request for info - Scan and webmail |
| 2009-01-02/a> | Rick Wanner | Tools on my Christmas list. |
| 2008-12-16/a> | donald smith | Microsoft announces an out of band patch for IE zero day |
| 2008-11-17/a> | Marcus Sachs | New Tool: NetWitness Investigator |
| 2008-10-02/a> | Kyle Haugsness | Low, slow, distributed SSH username brute forcing |
| 2008-09-11/a> | David Goldsmith | CookieMonster is coming to Pown (err, Town) |
| 2008-08-17/a> | Kevin Liston | Volatility 1.3 Released |
| 2008-08-15/a> | Jim Clausing | OMFW 2008 reflections |
| 2008-06-09/a> | Scott Fendley | So Where Are Those OpenSSH Key-based Attacks? |
| 2008-05-12/a> | Scott Fendley | Brute-force SSH Attacks on the Rise |
| 2008-04-07/a> | John Bambenek | HP USB Keys Shipped with Malware for your Proliant Server |
| 2007-01-03/a> | Toby Kohlenberg | VLC Media Player udp URL handler Format String Vulnerability |
AUTHENTICATION |
| 2022-02-01/a> | Xavier Mertens | Automation is Nice But Don't Replace Your Knowledge |
| 2021-11-08/a> | Xavier Mertens | (Ab)Using Security Tools & Controls for the Bad |
| 2021-10-18/a> | Xavier Mertens | Malicious PowerShell Using Client Certificate Authentication |
| 2021-06-24/a> | Xavier Mertens | Do you Like Cookies? Some are for sale! |
| 2016-09-15/a> | Xavier Mertens | In Need of a OTP Manager Soon? |
| 2014-03-13/a> | Daniel Wesemann | Identification and authentication are hard ... finding out intention is even harder |
| 2013-12-20/a> | Daniel Wesemann | authorized key lime pie |
| 2013-09-18/a> | Rob VandenBrink | Cisco DCNM Update Released |
| 2013-03-23/a> | Guy Bruneau | Apple ID Two-step Verification Now Available in some Countries |
| 2011-05-18/a> | Bojan Zdrnja | Android, HTTP and authentication tokens |
| 2010-09-21/a> | Johannes Ullrich | Implementing two Factor Authentication on the Cheap |
| 2010-03-10/a> | Rob VandenBrink | Microsoft re-release of KB973811 - attacks on Extended Protection for Authentication |
2003 |
| 2013-11-28/a> | Rob VandenBrink | Microsoft Security Advisory (2914486): Vulnerability in Microsoft Windows Kernel 0 day exploit in wild |
| 2011-08-15/a> | Rob VandenBrink | 8 Years since the Eastern Seaboard Blackout - Has it Been that Long? |
| 2010-03-10/a> | Rob VandenBrink | Microsoft re-release of KB973811 - attacks on Extended Protection for Authentication |
VISTA |
| 2012-04-10/a> | Swa Frantzen | Windows Vista RIP |
| 2010-03-10/a> | Rob VandenBrink | Microsoft re-release of KB973811 - attacks on Extended Protection for Authentication |
| 2010-03-01/a> | Mark Hofman | Microsoft will drop support for Vista (without any Service Packs) on April 13 and support for XP SP2 ends July 13. (i.e. no more security updates). If you are still running these, it it time to update. |
| 2009-07-16/a> | Guy Bruneau | Changes in Windows Security Center |
| 2009-05-26/a> | Jason Lam | Vista & Win2K8 SP2 available |
| 2008-05-03/a> | Deborah Hale | Windows Vista Update Causing Loss of Audio on Some Systems |
| 2006-12-26/a> | Swa Frantzen | Vista: better security [Y/N] ? |
XP |
| 2025-02-12/a> | Yee Ching Tok | An ontology for threats, cybercrime and digital forensic investigation on Smart City Infrastructure |
| 2024-12-27/a> | Guy Bruneau | Phishing for Banking Information |
| 2024-09-24/a> | Johannes Ullrich | Exploitation of RAISECOM Gateway Devices Vulnerability CVE-2024-7120 |
| 2024-07-16/a> | Guy Bruneau | Who You Gonna Call? AndroxGh0st Busters! [Guest Diary] |
| 2023-12-20/a> | Guy Bruneau | How to Protect your Webserver from Directory Enumeration Attack ? Apache2 [Guest Diary] |
| 2023-12-16/a> | Xavier Mertens | An Example of RocketMQ Exploit Scanner |
| 2023-04-18/a> | Johannes Ullrich | UDDIs are back? Attackers rediscovering old exploits. |
| 2023-03-16/a> | Xavier Mertens | Simple Shellcode Dissection |
| 2022-12-22/a> | Guy Bruneau | Exchange OWASSRF Exploited for Remote Code Execution |
| 2022-08-03/a> | Johannes Ullrich | l9explore and LeakIX Internet wide recon scans. |
| 2022-06-10/a> | Russ McRee | EPSScall: An Exploit Prediction Scoring System App |
| 2022-05-31/a> | Xavier Mertens | First Exploitation of Follina Seen in the Wild |
| 2022-05-07/a> | Guy Bruneau | Phishing PDF Received in my ISC Mailbox |
| 2022-03-31/a> | Johannes Ullrich | Spring Vulnerability Update - Exploitation Attempts CVE-2022-22965 |
| 2022-02-22/a> | Xavier Mertens | A Good Old Equation Editor Vulnerability Delivering Malware |
| 2022-02-01/a> | Xavier Mertens | Automation is Nice But Don't Replace Your Knowledge |
| 2022-01-25/a> | Bojan Zdrnja | Local privilege escalation vulnerability in polkit's pkexec (CVE-2021-4034) |
| 2021-11-26/a> | Guy Bruneau | Searching for Exposed ASUS Routers Vulnerable to CVE-2021-20090 |
| 2021-11-20/a> | Guy Bruneau | Hikvision Security Cameras Potentially Exposed to Remote Code Execution |
| 2021-10-30/a> | Guy Bruneau | Remote Desktop Protocol (RDP) Discovery |
| 2021-10-16/a> | Guy Bruneau | Apache is Actively Scan for CVE-2021-41773 & CVE-2021-42013 |
| 2021-10-09/a> | Guy Bruneau | Scanning for Previous Oracle WebLogic Vulnerabilities |
| 2021-06-26/a> | Guy Bruneau | CVE-2019-9670: Zimbra Collaboration Suite XXE vulnerability |
| 2021-06-12/a> | Guy Bruneau | Fortinet Targeted for Unpatched SSL VPN Discovery Activity |
| 2021-06-11/a> | Xavier Mertens | Sonicwall SRA 4600 Targeted By an Old Vulnerability |
| 2021-05-30/a> | Didier Stevens | Sysinternals: Procmon, Sysmon, TcpView and Process Explorer update |
| 2021-03-10/a> | Rob VandenBrink | SharpRDP - PSExec without PSExec, PSRemoting without PowerShell |
| 2021-01-15/a> | Brad Duncan | Throwback Friday: An Example of Rig Exploit Kit |
| 2021-01-02/a> | Guy Bruneau | Protecting Home Office and Enterprise in 2021 |
| 2020-11-05/a> | Xavier Mertens | Did You Spot "Invoke-Expression"? |
| 2020-08-22/a> | Guy Bruneau | Remote Desktop (TCP/3389) and Telnet (TCP/23), What might they have in Common? |
| 2020-08-08/a> | Guy Bruneau | Scanning Activity Include Netcat Listener |
| 2020-07-19/a> | Guy Bruneau | Scanning Activity for ZeroShell Unauthenticated Access |
| 2020-07-11/a> | Guy Bruneau | VMware XPC Client validation privilege escalation vulnerability - https://www.vmware.com/security/advisories/VMSA-2020-0017.html |
| 2020-07-11/a> | Guy Bruneau | Scanning Home Internet Facing Devices to Exploit |
| 2020-05-16/a> | Guy Bruneau | Scanning for Outlook Web Access (OWA) & Microsoft Exchange Control Panel (ECP) |
| 2020-03-03/a> | Johannes Ullrich | Introduction to EvtxEcmd (Evtx Explorer) |
| 2019-10-20/a> | Guy Bruneau | Scanning Activity for NVMS-9000 Digital Video Recorder |
| 2019-09-07/a> | Guy Bruneau | Unidentified Scanning Activity |
| 2019-06-25/a> | Brad Duncan | Rig Exploit Kit sends Pitou.B Trojan |
| 2019-06-17/a> | Brad Duncan | An infection from Rig exploit kit |
| 2019-04-27/a> | Didier Stevens | Quick Tip for Dissecting CVE-2017-11882 Exploits |
| 2019-04-22/a> | Didier Stevens | .rar Files and ACE Exploit CVE-2018-20250 |
| 2019-02-02/a> | Guy Bruneau | Scanning for WebDAV PROPFIND Exploiting CVE-2017-7269 |
| 2018-12-23/a> | Guy Bruneau | Scanning Activity, end Goal is to add Hosts to Mirai Botnet |
| 2018-12-19/a> | Xavier Mertens | Microsoft OOB Patch for Internet Explorer: Scripting Engine Memory Corruption Vulnerability |
| 2018-11-23/a> | Didier Stevens | Video: Dissecting a CVE-2017-11882 Exploit |
| 2018-09-24/a> | Didier Stevens | Analyzing Encoded Shellcode with scdbg |
| 2018-07-04/a> | Didier Stevens | XPS Metadata |
| 2018-07-03/a> | Didier Stevens | Progress indication for scripts on Windows |
| 2018-07-01/a> | Didier Stevens | Video: Analyzing XPS Files |
| 2018-06-30/a> | Didier Stevens | XPS samples |
| 2018-06-26/a> | Didier Stevens | Analyzing XPS files |
| 2018-06-22/a> | Lorna Hutcheson | XPS Attachment Used for Phishing |
| 2018-06-05/a> | Xavier Mertens | Malicious Post-Exploitation Batch File |
| 2018-05-20/a> | Didier Stevens | DASAN GPON home routers exploits in-the-wild |
| 2018-05-03/a> | Renato Marinho | WebLogic Exploited in the Wild (Again) |
| 2017-09-30/a> | Lorna Hutcheson | Who's Borrowing your Resources? |
| 2017-09-25/a> | Renato Marinho | XPCTRA Malware Steals Banking and Digital Wallet User's Credentials |
| 2017-09-10/a> | Didier Stevens | Analyzing JPEG files |
| 2017-08-18/a> | Guy Bruneau | tshark 2.4 New Feature - Command Line Export Objects |
| 2017-02-25/a> | Guy Bruneau | Unpatched Microsoft Edge and IE Bug |
| 2017-01-07/a> | Xavier Mertens | Using Security Tools to Compromize a Network |
| 2016-12-11/a> | Russ McRee | Steganography in Action: Image Steganography & StegExpose |
| 2016-04-21/a> | Daniel Wesemann | Decoding Pseudo-Darkleech (#1) |
| 2016-03-13/a> | Guy Bruneau | A Look at the Mandiant M-Trends 2016 Report |
| 2015-08-18/a> | Russ McRee | Microsoft Security Bulletin MS15-093 - Critical OOB - Internet Explorer RCE |
| 2015-07-27/a> | Daniel Wesemann | Angler's best friends |
| 2015-07-17/a> | Didier Stevens | Process Explorer and VirusTotal |
| 2015-06-27/a> | Guy Bruneau | Is Windows XP still around in your Network a year after Support Ended? |
| 2015-03-10/a> | Brad Duncan | Threatglass has pcap files with exploit kit activity |
| 2015-02-04/a> | Alex Stanford | Exploit Kit Evolution - Neutrino |
| 2014-08-16/a> | Lenny Zeltser | Web Server Attack Investigation - Installing a Bot and Reverse Shell via a PHP Vulnerability |
| 2014-07-22/a> | Daniel Wesemann | Ivan's Order of Magnitude |
| 2014-07-05/a> | Guy Bruneau | Java Support ends for Windows XP |
| 2014-03-04/a> | Daniel Wesemann | XPired! |
| 2014-02-28/a> | Daniel Wesemann | Fiesta! |
| 2014-02-13/a> | Johannes Ullrich | Linksys Worm ("TheMoon") Captured |
| 2014-02-12/a> | Johannes Ullrich | Suspected Mass Exploit Against Linksys E1000 / E1200 Routers |
| 2014-02-09/a> | Basil Alawi S.Taher | Mandiant Highlighter 2 |
| 2014-02-07/a> | Rob VandenBrink | Hello Virustotal? It's Microsoft Calling. |
| 2014-01-04/a> | Tom Webb | Monitoring Windows Networks Using Syslog (Part One) |
| 2013-11-28/a> | Rob VandenBrink | Microsoft Security Advisory (2914486): Vulnerability in Microsoft Windows Kernel 0 day exploit in wild |
| 2013-10-30/a> | Russ McRee | SIR v15: Five good reasons to leave Windows XP behind |
| 2013-10-01/a> | John Bambenek | *Metaspoit Releases Module to Exploit Unpatched IE Vuln CVE-2013-3893 |
| 2013-09-20/a> | Russ McRee | Threat Level Yellow: Protection recommendations regarding Internet Explorer exploits in the wild |
| 2013-09-17/a> | John Bambenek | Microsoft Releases Out-of-Band Advisory for all Versions of Internet Explorer |
| 2013-08-02/a> | Johannes Ullrich | Fake American Express Alerts |
| 2013-07-21/a> | Guy Bruneau | Why use Regular Expressions? |
| 2013-05-22/a> | Adrien de Beaupre | Privilege escalation, why should I care? |
| 2013-05-09/a> | Johannes Ullrich | Microsoft released a Fix-it for the Internet Explorer 8 Vulnerability http://support.microsoft.com/kb/2847140 |
| 2013-04-17/a> | John Bambenek | UPDATEDx1: Boston-Related Malware Campaigns Have Begun - Now with Waco Plant Explosion Fun |
| 2013-02-21/a> | Pedro Bueno | NBC site redirecting to Exploit kit |
| 2013-02-17/a> | Guy Bruneau | Adobe Acrobat and Reader Security Update Planned this Week |
| 2013-02-13/a> | Swa Frantzen | More adobe reader and acrobat (PDF) trouble |
| 2013-02-06/a> | Adam Swanger | Sysinternals in particular Process Explorer update https://blogs.technet.com/b/sysinternals/?Redirected=true |
| 2013-01-05/a> | Guy Bruneau | Adobe ColdFusion Security Advisory |
| 2013-01-04/a> | Guy Bruneau | "FixIt" Patch for CVE-2012-4792 Bypassed |
| 2013-01-02/a> | Russ McRee | EMET 3.5: The Value of Looking Through an Attacker's Eyes |
| 2013-01-01/a> | Johannes Ullrich | FixIt Available for Internet Explorer Vulnerability |
| 2012-12-10/a> | Johannes Ullrich | Your CPA License has not been revoked |
| 2012-12-02/a> | Guy Bruneau | Zero Day MySQL Buffer Overflow |
| 2012-08-05/a> | Daniel Wesemann | Phishing for Payroll with unpatched Java |
| 2012-07-19/a> | Mark Baggett | A Heap of Overflows? |
| 2012-06-18/a> | Guy Bruneau | CVE-2012-1875 exploit is now available |
| 2012-05-05/a> | Tony Carothers | Vulnerability Exploit for Snow Leopard |
| 2012-04-26/a> | Richard Porter | Packetstorm Security and Metasploit have Exploit code for MS12-027 |
| 2012-03-11/a> | Johannes Ullrich | An Analysis of Jester's QR Code Attack. (Guest Diary) |
| 2012-01-13/a> | Guy Bruneau | Sysinternals Updates - http://blogs.technet.com/b/sysinternals/archive/2012/01/13/updates-autoruns-v11-21-coreinfo-v3-03-portmon-v-3-03-process-explorer-v15-12-mark-s-blog-and-mark-at-rsa-2012.aspx |
| 2011-12-19/a> | Guy Bruneau | Process Explorer Update 15.11 with bugfixes - http://technet.microsoft.com/en-us/sysinternals/bb896653 |
| 2011-12-08/a> | Adrien de Beaupre | Newest Adobe Flash 11.1.102.55 and Previous 0 Day Exploit |
| 2011-12-06/a> | Pedro Bueno | The RedRet connection... |
| 2011-11-22/a> | Pedro Bueno | Updates on ZeroAccess and BlackHole front... |
| 2011-10-13/a> | Johannes Ullrich | Critical OS X Vulnerability Patched |
| 2011-05-06/a> | Richard Porter | Updated Exploit Index for Microsoft |
| 2011-03-29/a> | Daniel Wesemann | Malware emails with fake cellphone invoice |
| 2011-03-15/a> | Lenny Zeltser | Limiting Exploit Capabilities by Using Windows Integrity Levels |
| 2011-03-09/a> | Kevin Shortt | AVG Anti-Virus 2011 False Positives - Luhe.Exploit.PDF.B |
| 2011-02-21/a> | Adrien de Beaupre | Winamp forums compromised |
| 2011-02-16/a> | Jason Lam | Windows 0-day SMB mrxsmb.dll vulnerability |
| 2011-01-27/a> | Robert Danford | Microsoft Security Advisory for MHTML via Internet Explorer (MS2501696/CVE-2011-0096) |
| 2011-01-05/a> | Johannes Ullrich | Currently Unpatched Windows / Internet Explorer Vulnerabilities |
| 2010-12-27/a> | Johannes Ullrich | Various sites "Owned and Exposed" |
| 2010-12-13/a> | Deborah Hale | The Week to Top All Weeks |
| 2010-12-02/a> | Kevin Johnson | ProFTPD distribution servers compromised |
| 2010-11-01/a> | Manuel Humberto Santander Pelaez | CVE-2010-3654 exploit in the wild |
| 2010-09-26/a> | Daniel Wesemann | PDF analysis paper |
| 2010-09-14/a> | Adrien de Beaupre | Adobe Flash v10.1.82.76 and earlier vulnerability in-the-wild |
| 2010-09-13/a> | Manuel Humberto Santander Pelaez | Enhanced Mitigation Experience Toolkit can block Adobe 0-day exploit |
| 2010-09-13/a> | Manuel Humberto Santander Pelaez | Adobe SING table parsing exploit (CVE-2010-2883) in the wild |
| 2010-09-02/a> | Daniel Wesemann | SDF, please! |
| 2010-08-22/a> | Manuel Humberto Santander Pelaez | Anatomy of a PDF exploit |
| 2010-08-15/a> | Manuel Humberto Santander Pelaez | Opensolaris project cancelled, replaced by Solaris 11 express |
| 2010-06-15/a> | Manuel Humberto Santander Pelaez | Microsoft Windows Help and Support Center vulnerability (CVE 2010-1885) exploit in the wild |
| 2010-06-15/a> | Manuel Humberto Santander Pelaez | iPhone 4 Order Security Breach Exposes Private Information |
| 2010-06-06/a> | Manuel Humberto Santander Pelaez | Nice OS X exploit tutorial |
| 2010-05-23/a> | Manuel Humberto Santander Pelaez | Oracle Java SE and Java for Business 'MixerSequencer' Remote Code Execution Vulnerability |
| 2010-04-10/a> | Andre Ludwig | New bug/exploit for javaws |
| 2010-03-10/a> | Rob VandenBrink | Microsoft re-release of KB973811 - attacks on Extended Protection for Authentication |
| 2010-03-01/a> | Mark Hofman | Microsoft will drop support for Vista (without any Service Packs) on April 13 and support for XP SP2 ends July 13. (i.e. no more security updates). If you are still running these, it it time to update. |
| 2010-02-08/a> | Adrien de Beaupre | When is a 0day not a 0day? Fake OpenSSh exploit, again. |
| 2010-02-03/a> | Johannes Ullrich | Information Disclosure Vulnerability in Internet Explorer |
| 2010-01-24/a> | Pedro Bueno | Outdated client applications |
| 2010-01-19/a> | Johannes Ullrich | Unpatched Microsoft Windows (all versions) Privilege Escalation Vulnerability Released |
| 2010-01-14/a> | Bojan Zdrnja | 0-day vulnerability in Internet Explorer 6, 7 and 8 |
| 2010-01-12/a> | Adrien de Beaupre | PoC for CVE-2009-0689 MacOS X 10.5/10.6 vulnerability |
| 2009-12-05/a> | Guy Bruneau | Java JRE Buffer and Integer Overflow |
| 2009-11-25/a> | Jim Clausing | Tool updates |
| 2009-11-24/a> | Rick Wanner | Microsoft Security Advisory 977981 - IE 6 and IE 7 |
| 2009-11-16/a> | G. N. White | Reports of a successful exploit of the SSL Renegotiation Vulnerability? |
| 2009-11-14/a> | Adrien de Beaupre | Microsoft advisory for Windows 7 / Windows Server 2008 R2 Remote SMB DoS Exploit released |
| 2009-11-12/a> | Rob VandenBrink | Windows 7 / Windows Server 2008 Remote SMB Exploit |
| 2009-10-21/a> | Pedro Bueno | WordPress Hardening |
| 2009-09-16/a> | Bojan Zdrnja | SMB2 remote exploit released |
| 2009-08-31/a> | Pedro Bueno | Microsoft IIS 5/6 FTP 0Day released |
| 2009-08-18/a> | Bojan Zdrnja | MS09-039 exploit in the wild? |
| 2009-07-16/a> | Bojan Zdrnja | OWC exploits used in SQL injection attacks |
| 2009-07-15/a> | Bojan Zdrnja | Make sure you update that Java |
| 2009-07-13/a> | Adrien de Beaupre | * Infocon raised to yellow for Excel Web Components ActiveX vulnerability |
| 2009-07-10/a> | Guy Bruneau | WordPress Fixes Multiple vulnerabilities |
| 2009-07-09/a> | Bojan Zdrnja | OpenSSH 0day FUD |
| 2009-06-12/a> | Adrien de Beaupre | Green Dam |
| 2009-06-08/a> | Chris Carboni | Kloxo (formerly Lxadmin) Vulnerability Exploited |
| 2009-05-06/a> | Tom Liston | Follow The Bouncing Malware: Gone With the WINS |
| 2009-04-24/a> | Pedro Bueno | Did you check your conference goodies? |
| 2009-04-14/a> | Swa Frantzen | VMware exploits - just how bad is it ? |
| 2009-03-19/a> | Mark Hofman | Browsers Tumble at CanSecWest |
| 2009-03-18/a> | Adrien de Beaupre | Adobe Security Bulletin Adobe Reader and Acrobat |
| 2009-02-25/a> | Andre Ludwig | Adobe Acrobat pdf 0-day exploit, No JavaScript needed! |
| 2009-02-25/a> | Andre Ludwig | Preview/Iphone/Linux pdf issues |
| 2008-12-17/a> | donald smith | Internet Explorer 960714 is released |
| 2008-12-10/a> | Bojan Zdrnja | 0-day exploit for Internet Explorer in the wild |
| 2008-08-26/a> | John Bambenek | Active attacks using stolen SSH keys (UPDATED) |
| 2008-05-17/a> | Lorna Hutcheson | XP SP3 Issues |
| 2008-05-07/a> | Jim Clausing | More on automated exploit generation |
| 2008-05-06/a> | John Bambenek | Windows XP Service Pack 3 Released |
| 2008-05-05/a> | John Bambenek | Defenses Against Automated Patch-Based Exploit Generation |
| 2008-05-01/a> | Adrien de Beaupre | Windows XP SteadyState |
| 2008-04-29/a> | Bojan Zdrnja | Windows Service Pack blocker tool |
| 2008-04-24/a> | Maarten Van Horenbeeck | Targeted attacks using malicious PDF files |
| 2008-04-22/a> | donald smith | XP SP3 RC2 Available |
| 2008-04-18/a> | John Bambenek | The Patch Window is Gone: Automated Patch-Based Exploit Generation |
| 2008-04-16/a> | William Stearns | Windows XP Service Pack 3 - unofficial schedule: Apr 21-28 |
| 2008-04-10/a> | Deborah Hale | Symantec Threatcon Level 2 |
| 2006-11-20/a> | Joel Esler | MS06-070 Remote Exploit |
