Diaries by Keyword - SANS Internet Storm Center

Handler on Duty: Mark Baggett

Threat Level: green

Date	Author	Title
ACCESS CONTROL
2014-10-13	Lorna Hutcheson	For or Against: Port Security for Network Access Control
2014-07-28	Guy Bruneau	Management and Control of Mobile Device Security
2012-12-31	Manuel Humberto Santander Pelaez	How to determine which NAC solutions fits best to your needs
2010-08-05	Rob VandenBrink	Access Controls for Network Infrastructure
ACCESS
2025-03-27/a>	Johannes Ullrich	Sitecore "thumbnailsaccesstoken" Deserialization Scans (and some new reports) CVE-2025-27218
2025-01-24/a>	Jesse La Grew	[Guest Diary] How Access Brokers Maintain Persistence
2024-12-17/a>	Xavier Mertens	Python Delivering AnyDesk Client as RAT
2020-09-29/a>	Xavier Mertens	Managing Remote Access for Partners & Contractors
2019-09-24/a>	Xavier Mertens	Huge Amount of remotewebaccess.com Sites Found in Certificate Transparency Logs
2018-06-06/a>	Xavier Mertens	Converting PCAP Web Traffic to Apache Log
2016-07-03/a>	Guy Bruneau	Is Data Privacy part of your Company's Culture?
2014-10-13/a>	Lorna Hutcheson	For or Against: Port Security for Network Access Control
2014-07-28/a>	Guy Bruneau	Management and Control of Mobile Device Security
2014-07-06/a>	Richard Porter	Physical Access, Point of Sale, Vegas
2013-10-16/a>	Adrien de Beaupre	Access denied and blockliss
2013-07-04/a>	Russ McRee	Celebrating 4th of July With a Malware PCAP Visualization
2013-06-20/a>	Guy Bruneau	HP iLO3/iLO4 Remote Unauthorized Access with Single-Sign-On
2013-05-20/a>	Guy Bruneau	Sysinternals Updates for Accesschk, Procdump, RAMMap and Strings http://blogs.technet.com/b/sysinternals/archive/2013/05/17/updates-accesschk-v5-11-procdump-v6-0-rammap-v1-22-strings-v2-51.aspx
2012-12-31/a>	Manuel Humberto Santander Pelaez	How to determine which NAC solutions fits best to your needs
2011-11-22/a>	Pedro Bueno	Updates on ZeroAccess and BlackHole front...
2011-11-19/a>	Pedro Bueno	Dragon Research Group (DRG) announced the white paper entitled "VNC: Threats and Countermeasures" : https://dragonresearchgroup.org/insight/vnc-tac.html
2011-08-24/a>	Rob VandenBrink	Citrix Access Gateway Cross Site Scripting vulnerability and fix ==> http://support.citrix.com/article/CTX129971
2010-11-18/a>	Chris Carboni	Stopping the ZeroAccess Rootkit
2010-10-19/a>	Rob VandenBrink	Cyber Security Awareness Month - Day 19 - VPN and Remote Access Tools
2010-10-19/a>	Rob VandenBrink	Cyber Security Awareness Month - Day 19 - Remote Access Tools
2010-10-19/a>	Rob VandenBrink	Cyber Security Awareness Month - Day 19 - Remote User VPN Access – Are things getting too easy, or too hard?
2010-08-13/a>	Tom Liston	The Strange Case of Doctor Jekyll and Mr. ED
2010-08-05/a>	Rob VandenBrink	Access Controls for Network Infrastructure
2008-10-09/a>	Bojan Zdrnja	Watch that .htaccess file on your web site
2008-07-07/a>	Scott Fendley	Microsoft Snapshot Viewer Security Advisory
CONTROL
2024-04-22/a>	Jan Kopriva	It appears that the number of industrial devices accessible from the internet has risen by 30 thousand over the past three years
2022-05-03/a>	Rob VandenBrink	Finding the Real "Last Patched" Day (Interim Version)
2021-07-08/a>	Xavier Mertens	Using Sudo with Python For More Security Controls
2021-05-12/a>	Jan Kopriva	Number of industrial control systems on the internet is lower then in 2020...but still far from zero
2019-10-19/a>	Russell Eubanks	What Assumptions Are You Making?
2019-07-25/a>	Rob VandenBrink	When Users Attack! Users (and Admins) Thwarting Security Controls
2019-07-18/a>	Rob VandenBrink	The Other Side of Critical Control 1: 802.1x Wired Network Access Controls
2017-07-24/a>	Russell Eubanks	Trends Over Time
2017-06-10/a>	Russell Eubanks	An Occasional Look in the Rear View Mirror
2016-11-23/a>	Tom Webb	Mapping Attack Methodology to Controls
2016-10-08/a>	Russell Eubanks	Unauthorized Change Detected!
2016-07-26/a>	Johannes Ullrich	Command and Control Channels Using "AAAA" DNS Records
2015-12-21/a>	Daniel Wesemann	Critical Security Controls: Getting to know the unknown
2015-11-04/a>	Richard Porter	Application Aware and Critical Control 2
2015-05-29/a>	Russell Eubanks	Trust But Verify
2014-10-13/a>	Lorna Hutcheson	For or Against: Port Security for Network Access Control
2014-08-17/a>	Rick Wanner	Part 2: Is your home network unwittingly contributing to NTP DDOS attacks?
2014-07-28/a>	Guy Bruneau	Management and Control of Mobile Device Security
2014-06-11/a>	Daniel Wesemann	Help your pilot fly!
2014-02-10/a>	Rob VandenBrink	A Tale of Two Admins (and no Change Control)
2013-09-02/a>	Guy Bruneau	Multiple Cisco Security Notice
2013-03-13/a>	Mark Baggett	Wipe the drive! Stealthy Malware Persistence Mechanism - Part 1
2012-12-31/a>	Manuel Humberto Santander Pelaez	How to determine which NAC solutions fits best to your needs
2012-11-23/a>	Rob VandenBrink	What's in Your Change Control Form?
2011-11-03/a>	Richard Porter	An Apple, Inc. Sandbox to play in.
2011-10-29/a>	Richard Porter	The Sub Critical Control? Evidence Collection
2011-10-28/a>	Daniel Wesemann	Critical Control 20: Security Skills Assessment and Training to fill Gaps
2011-10-27/a>	Mark Baggett	Critical Control 18: Incident Response Capabilities
2011-10-26/a>	Rick Wanner	Critical Control 17:Penetration Tests and Red Team Exercises
2011-10-17/a>	Rob VandenBrink	Critical Control 11: Account Monitoring and Control
2010-08-22/a>	Rick Wanner	Failure of controls...Spanair crash caused by a Trojan
2010-08-19/a>	Rob VandenBrink	Change is Good. Change is Bad. Change is Life.
2010-08-05/a>	Rob VandenBrink	Access Controls for Network Infrastructure
2010-06-14/a>	Manuel Humberto Santander Pelaez	Python on a microcontroller?
2010-06-07/a>	Manuel Humberto Santander Pelaez	Software Restriction Policy to keep malware away
2009-10-22/a>	Adrien de Beaupre	Cyber Security Awareness Month - Day 22 port 502 TCP - Modbus

ACCESS CONTROL

ACCESS

CONTROL