| 2021-11-30 | Johannes Ullrich | Hunting for PHPUnit Installed via Composer |
| 2021-11-14 | Didier Stevens | External Email System FBI Compromised: Sending Out Fake Warnings |
| 2021-06-09 | Jan Kopriva | Architecture, compilers and black magic, or "what else affects the ability of AVs to detect malicious files" |
| 2020-09-17 | Xavier Mertens | Suspicious Endpoint Containment with OSSEC |
| 2019-08-28 | Xavier Mertens | Malware Samples Compiling Their Next Stage on Premise |
| 2019-07-28 | Didier Stevens | Video: Analyzing Compressed PowerShell Scripts |
| 2019-07-20 | Guy Bruneau | Re-evaluating Network Security - It is Increasingly More Complex |
| 2019-07-18 | Xavier Mertens | Malicious PHP Script Back on Stage? |
| 2018-10-21 | Didier Stevens | MSG Files: Compressed RTF |
| 2018-09-05 | Xavier Mertens | Malicious PowerShell Compiling C# Code on the Fly |
| 2018-06-22 | Lorna Hutcheson | XPS Attachment Used for Phishing |
| 2018-06-13 | Xavier Mertens | A Bunch of Compromized Wordpress Sites |
| 2016-08-29 | Russ McRee | Recommended Reading: Intrusion Detection Using Indicators of Compromise Based on Best Practices and Windows Event Logs |
| 2016-08-19 | Xavier Mertens | Data Classification For the Masses |
| 2016-04-29 | Mark Hofman | New release of PCI DSS (version 3.2) is available |
| 2016-02-03 | Xavier Mertens | Automating Vulnerability Scans |
| 2015-12-12 | Russell Eubanks | What Signs Are You Missing? |
| 2015-09-01 | Daniel Wesemann | How to hack |
| 2015-05-29 | Russell Eubanks | Trust But Verify |
| 2015-04-19 | Didier Stevens | Handling Special PDF Compression Methods |
| 2015-03-07 | Guy Bruneau | Should it be Mandatory to have an Independent Security Audit after a Breach? |
| 2014-07-19 | Russ McRee | Keeping the RATs out: the trap is sprung - Part 3 |
| 2014-07-18 | Russ McRee | Keeping the RATs out: **it happens - Part 2 |
| 2014-07-16 | Russ McRee | Keeping the RATs out: an exercise in building IOCs - Part 1 |
| 2014-03-22 | Guy Bruneau | How the Compromise of a User Account Lead to a Spam Incident |
| 2013-06-07 | Daniel Wesemann | 100% Compliant (for 65% of the systems) |
| 2013-02-22 | Johannes Ullrich | When web sites go bad: bible . org compromise |
| 2013-01-08 | Richard Porter | Yahoo Web Interface Report: Compose and Send |
| 2011-09-26 | Jason Lam | MySQL.com compromised spreading malware |
| 2011-06-19 | Guy Bruneau | Sega Pass Compromised - 1.29 Million Customers Data Leaked |
| 2011-06-12 | Mark Hofman | Cloud thoughts |
| 2011-04-18 | John Bambenek | Wordpress.com Security Breach |
| 2011-04-02 | Rick Wanner | RSA/EMC: Anatomy of a compromise |
| 2011-02-21 | Adrien de Beaupre | Winamp forums compromised |
| 2010-12-13 | Deborah Hale | Gawker Media Breach of Security |
| 2010-06-02 | Rob VandenBrink | New Mac malware - OSX/Onionspy |
| 2010-05-15 | Deborah Hale | Onboard Computers Subject to Attack? |
| 2010-01-26 | Jason Lam | e107 CMS system website compromised |
| 2009-11-29 | Patrick Nolan | A Cloudy Weekend |
| 2009-10-05 | Adrien de Beaupre | Time to change your hotmail/gmail/yahoo password |
| 2009-08-28 | Adrien de Beaupre | apache.org compromised |
| 2009-08-21 | Rick Wanner | Interesting malware...affecting the Delphi Compiler? |
| 2009-08-19 | Daniel Wesemann | Checking your protection |
| 2009-07-29 | Bojan Zdrnja | Increasing number of attacks on security sites |
| 2008-11-16 | Maarten Van Horenbeeck | Detection of Trojan control channels |
| 2008-08-25 | John Bambenek | Thoughts on the Best Western Compromise |
| 2008-04-22 | donald smith | Symantec decomposer rar bypass allowed malicious content. |
https://www.sans.edu
