Internet Storm Center
Sign In
Sign Up
Participate: Learn more about our honeypot network
https://isc.sans.edu/tools/honeypot/
Handler on Duty:
Xavier Mertens
Threat Level:
green
Date
Author
Title
2022-10-16
Didier Stevens
Video: Analysis of a Malicious HTML File (QBot)
2022-10-13
Didier Stevens
Analysis of a Malicious HTML File (QBot)
2022-07-09
Didier Stevens
7-Zip Editing & MoW
2022-07-04
Didier Stevens
7-Zip & MoW: "For Office files"
2022-07-03
Didier Stevens
7-Zip & MoW
2022-06-04
Guy Bruneau
Spam Email Contains a Very Large ISO file
2022-05-20
Xavier Mertens
A 'Zip Bomb' to Bypass Security Controls & Sandboxes
2022-04-20
Brad Duncan
"aa" distribution Qakbot (Qbot) infection with DarkVNC traffic
2022-02-18
Xavier Mertens
Remcos RAT Delivered Through Double Compressed Archive
2021-10-31
Didier Stevens
Video: Phishing ZIP With Malformed Filename
2021-10-24
Didier Stevens
Phishing ZIP With Malformed Filename
2021-09-08
Brad Duncan
"Stolen Images Evidence" Campaign Continues Pushing BazarLoader Malware
2021-08-13
Brad Duncan
Example of Danabot distributed through malspam
2021-07-26
Didier Stevens
Failed Malspam: Recovering The Password
2020-10-14
Brad Duncan
More TA551 (Shathak) Word docs push IcedID (Bokbot)
2020-08-07
Brad Duncan
TA551 (Shathak) Word docs push IcedID (Bokbot)
2020-05-13
Brad Duncan
Malspam with links to zip archives pushes Dridex malware
2020-05-03
Didier Stevens
ZIP & AES
2020-04-26
Didier Stevens
Video: Malformed .docm File
2020-04-08
Brad Duncan
German malspam pushes ZLoader malware
2020-04-04
Didier Stevens
New Bypass Technique or Corrupt Word Document?
2020-03-25
Brad Duncan
Recent Dridex activity
2020-01-22
Brad Duncan
German language malspam pushes Ursnif
2019-03-14
Didier Stevens
Tip: Ghidra & ZIP Files
2018-12-17
Didier Stevens
Password Protected ZIP with Maldoc
2017-08-26
Didier Stevens
Malware analysis: searching for dots
2016-11-22
Didier Stevens
Update:ZIP With Comment
2016-11-21
Didier Stevens
ZIP With Comment
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Forums
Auditing
Diary Discussions
Forensics
General Discussions
Industry News
Network Security
Penetration Testing
Software Security
Contact Us
Contact Us
About Us
Handlers
Slack Channel
Mastodon
Twitter
Have you heard our daily podcast covering the latest
information security threats
?