BACKTRACK 5 R2 |
| 2012-04-12 | Guy Bruneau | wicd Privilege Escalation 0day exploit for Backtrack 5 R2 |
BACKTRACK |
| 2012-08-14/a> | Rick Wanner | Backtrack 5 r3 released - http://www.backtrack-linux.org/downloads/ |
| 2012-04-12/a> | Guy Bruneau | wicd Privilege Escalation 0day exploit for Backtrack 5 R2 |
| 2011-05-10/a> | Swa Frantzen | Backtrack 5 released |
| 2010-12-27/a> | Johannes Ullrich | Various sites "Owned and Exposed" |
| 2010-01-11/a> | Adrien de Beaupre | BackTrack 4 final released http://www.remote-exploit.org/news.html http://www.backtrack-linux.org/downloads/ |
5 |
| 2025-04-02/a> | Guy Bruneau | Exploring Statistical Measures to Predict URLs as Legitimate or Intrusive [Guest Diary] |
| 2024-03-15/a> | Yee Ching Tok | 5Ghoul Revisited: Three Months Later |
| 2023-12-07/a> | Yee Ching Tok | 5Ghoul: Impacts, Implications and Next Steps |
| 2023-11-06/a> | Johannes Ullrich | Exploit Activity for CVE-2023-22518, Atlassian Confluence Data Center and Server |
| 2023-08-25/a> | Xavier Mertens | Python Malware Using Postgresql for C2 Communications |
| 2022-12-16/a> | Guy Bruneau | VMware Security Updates |
| 2022-10-27/a> | Tom Webb | Supersizing your DUO and 365 Integration |
| 2022-08-26/a> | Guy Bruneau | HTTP/2 Packet Analysis with Wireshark |
| 2022-08-24/a> | Brad Duncan | Monster Libra (TA551/Shathak) --> IcedID (Bokbot) --> Cobalt Strike & DarkVNC |
| 2022-08-14/a> | Johannes Ullrich | Realtek SDK SIP ALG Vulnerability: A Big Deal, but not much you can do about it. CVE 2022-27255 |
| 2022-06-09/a> | Brad Duncan | TA570 Qakbot (Qbot) tries CVE-2022-30190 (Follina) exploit (ms-msdt) |
| 2022-05-13/a> | Johannes Ullrich | From 0-Day to Mirai: 7 days of BIG-IP Exploits |
| 2022-05-11/a> | Brad Duncan | TA578 using thread-hijacked emails to push ISO files for Bumblebee malware |
| 2022-05-08/a> | Johannes Ullrich | F5 BIG-IP Unauthenticated RCE Vulnerability (CVE-2022-1388) |
| 2021-12-18/a> | Guy Bruneau | VMware Security Update - https://www.vmware.com/security/advisories/VMSA-2021-0030.html |
| 2021-12-02/a> | Brad Duncan | TA551 (Shathak) pushes IcedID (Bokbot) |
| 2021-10-30/a> | Guy Bruneau | Remote Desktop Protocol (RDP) Discovery |
| 2021-09-21/a> | Johannes Ullrich | A First Look at Apple's iOS 15 "Private Relay" feature. |
| 2021-08-11/a> | Brad Duncan | TA551 (Shathak) continues pushing BazarLoader, infections lead to Cobalt Strike |
| 2021-07-18/a> | Didier Stevens | Video: CyberChef BASE85 Decoding |
| 2021-07-17/a> | Didier Stevens | BASE85 Decoding With base64dump.py |
| 2021-07-16/a> | Xavier Mertens | Multiple BaseXX Obfuscations |
| 2021-07-09/a> | Brad Duncan | Hancitor tries XLL as initial malware file |
| 2021-06-30/a> | Johannes Ullrich | CVE-2021-1675: Incomplete Patch and Leaked RCE Exploit |
| 2021-06-19/a> | Xavier Mertens | Easy Access to the NIST RDS Database |
| 2021-02-02/a> | Xavier Mertens | New Example of XSL Script Processing aka "Mitre T1220" |
| 2021-01-26/a> | Brad Duncan | TA551 (Shathak) Word docs push Qakbot (Qbot) |
| 2020-12-12/a> | Didier Stevens | Office 95 Excel 4 Macros |
| 2020-11-21/a> | Guy Bruneau | VMware privilege escalation vulnerabilities (CVE-2020-4004, CVE-2020-4005) - https://www.vmware.com/security/advisories/VMSA-2020-0026.html |
| 2020-10-14/a> | Brad Duncan | More TA551 (Shathak) Word docs push IcedID (Bokbot) |
| 2020-08-20/a> | Rob VandenBrink | Office 365 Mail Forwarding Rules (and other Mail Rules too) |
| 2020-08-07/a> | Brad Duncan | TA551 (Shathak) Word docs push IcedID (Bokbot) |
| 2020-08-04/a> | Johannes Ullrich | Reminder: Patch Cisco ASA / FTD Devices (CVE-2020-3452). Exploitation Continues |
| 2020-07-22/a> | Rick Wanner | A few IoCs related to CVE-2020-5902 |
| 2020-07-15/a> | Johannes Ullrich | PATCH NOW - SIGRed - CVE-2020-1350 - Microsoft DNS Server Vulnerability |
| 2020-07-06/a> | Johannes Ullrich | Summary of CVE-2020-5902 F5 BIG-IP RCE Vulnerability Exploits |
| 2020-07-05/a> | Didier Stevens | CVE-2020-5902 F5 BIG-IP Exploitation Attempt |
| 2019-08-01/a> | Johannes Ullrich | What is Listening On Port 9527/TCP? |
| 2019-07-26/a> | Kevin Shortt | DVRIP Port 34567 - Uptick |
| 2019-06-19/a> | Johannes Ullrich | Critical Actively Exploited WebLogic Flaw Patched CVE-2019-2729 |
| 2019-04-28/a> | Johannes Ullrich | Update about Weblogic CVE-2019-2725 (Exploits Used in the Wild, Patch Status) |
| 2019-04-07/a> | Guy Bruneau | Fake Office 365 Payment Information Update |
| 2018-08-20/a> | Didier Stevens | OpenSSH user enumeration (CVE-2018-15473) |
| 2018-07-18/a> | Kevin Liston | Request for Packets: Port 15454 |
| 2017-01-28/a> | Guy Bruneau | Request for Packets and Logs - TCP 5358 |
| 2016-10-22/a> | Guy Bruneau | Request for Packets TCP 4786 - CVE-2016-6385 |
| 2016-02-28/a> | Guy Bruneau | RFC 6598 - Carrier Grade NAT |
| 2016-02-13/a> | Guy Bruneau | VMware VMSA-2015-0007.3 has been Re-released |
| 2016-01-25/a> | Rob VandenBrink | Assessing Remote Certificates with Powershell |
| 2016-01-08/a> | Mark Hofman | SLOTH, attack on TLS using MD5 |
| 2015-07-12/a> | Guy Bruneau | PHP 5.x Security Updates |
| 2015-04-15/a> | Johannes Ullrich | MS15-034: HTTP.sys (IIS) DoS And Possible Remote Code Execution. PATCH NOW |
| 2015-02-05/a> | Johannes Ullrich | Adobe Flash Player Update Released, Fixing CVE 2015-0313 |
| 2015-01-27/a> | Johannes Ullrich | New Critical GLibc Vulnerability CVE-2015-0235 (aka GHOST) |
| 2014-09-03/a> | Johannes Ullrich | F5 BigIP Unauthenticated rsync Vulnerability |
| 2014-07-10/a> | Rob VandenBrink | Certificate Errors in Office 365 Today |
| 2014-06-12/a> | Johannes Ullrich | Metasploit now includes module to exploit CVE-2014-0195 (OpenSSL DTLS Fragment Vuln.) |
| 2014-05-26/a> | Tony Carothers | NIST 800 Series Publications - New and Improved |
| 2014-03-26/a> | Johannes Ullrich | Let's Finally "Nail" This Port 5000 Traffic - Synology owners needed. |
| 2014-03-06/a> | Mark Baggett | Port 5000 traffic and snort signature |
| 2014-01-13/a> | Johannes Ullrich | Special Webcast today: HTML5, Risky Business or Hidden Security Toolchest? https://www.sans.org/webcasts/html5-risky-business-hidden-security-tool-chest-mobile-web-app-authentication-97650 |
| 2013-10-30/a> | Russ McRee | SIR v15: Five good reasons to leave Windows XP behind |
| 2013-09-17/a> | John Bambenek | Microsoft Releases Out-of-Band Advisory for all Versions of Internet Explorer |
| 2013-08-28/a> | Bojan Zdrnja | MS13-056 (false positive)? alerts |
| 2013-08-16/a> | Kevin Liston | CVE-2013-2251 Apache Struts 2.X OGNL Vulnerability |
| 2013-08-13/a> | Swa Frantzen | Microsoft security advisories: RDP and MD5 deprecation in Microsoft root certificates |
| 2013-06-01/a> | Guy Bruneau | Exploit Sample for Win32/CVE-2012-0158 |
| 2013-05-20/a> | Guy Bruneau | Safe - Tools, Tactics and Techniques |
| 2013-05-19/a> | Kevin Shortt | Port 51616 - Got Packets? |
| 2013-04-18/a> | John Bambenek | ISC Handler Lenny Zeltser's REMnux v4 Reviewed on Hak5 |
| 2013-03-25/a> | Johannes Ullrich | IPv6 Focus Month: IPv6 over IPv4 Preference |
| 2013-02-22/a> | Chris Mohan | PHP 5.4.12 and PHP 5.3.22 released http://www.php.net/ChangeLog-5.php |
| 2013-01-09/a> | Richard Porter | The 80's called - They Want Their Mainframe Back! |
| 2012-10-30/a> | Mark Hofman | Cyber Security Awareness Month - Day 30 - DSD 35 mitigating controls |
| 2012-10-17/a> | Rob VandenBrink | Cyber Security Awareness Month - Day 17 - A Standard for Risk Management - ISO 27005 |
| 2012-09-21/a> | Guy Bruneau | Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801) |
| 2012-08-28/a> | Johannes Ullrich | Firefox 15 Released (includes silent future updates) http://www.mozilla.org/en-US/firefox/15.0/releasenotes/buglist.html |
| 2012-06-18/a> | Guy Bruneau | CVE-2012-1875 exploit is now available |
| 2012-06-12/a> | Swa Frantzen | F5 ssh configuration goof |
| 2012-05-16/a> | Johannes Ullrich | Got Packets? Odd duplicate DNS replies from 10.x IP Addresses |
| 2012-05-07/a> | Guy Bruneau | iOS 5.1.1 Software Update for iPod, iPhone, iPad |
| 2012-04-12/a> | Guy Bruneau | HP ProCurve 5400 zl Switch, Flash Cards Infected with Malware |
| 2012-04-12/a> | Guy Bruneau | wicd Privilege Escalation 0day exploit for Backtrack 5 R2 |
| 2012-04-02/a> | Johannes Ullrich | SHA 1-2-3 |
| 2012-03-09/a> | Guy Bruneau | Nmap 5.61TEST5 released with 43 new scripts,improved OS & version detection, and more available for download - http://nmap.org/download.html |
| 2012-02-24/a> | Guy Bruneau | Cisco Small Business SRP 500 Series Multiple Vulnerabilities - http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120223-srp500 |
| 2012-02-03/a> | Guy Bruneau | PHP 5.3.10 Released, Fixes CVE-2012-0830 available for download http://www.php.net/archive/2012.php#id2012-02-02-1 |
| 2012-01-12/a> | Rob VandenBrink | PHP 5.39 was release on the 10th, amongst other things, it addresses CVE-2011-4885 (prevents attacks based on hash collisions) and CVE-2011-4566 (integer overflow when parsing invalid exif header) |
| 2011-12-22/a> | Johannes Ullrich | Firefox 9 Security Fixes |
| 2011-04-28/a> | Guy Bruneau | VMware ESXi 4.1 Security and Firmware Updates |
| 2011-04-21/a> | Guy Bruneau | Silverlight Update Available |
| 2010-10-30/a> | Guy Bruneau | Security Update for Shockwave Player |
| 2010-10-28/a> | Manuel Humberto Santander Pelaez | CVE-2010-3654 - New dangerous 0-day authplay library adobe products vulnerability |
| 2010-09-17/a> | Robert Danford | Circa 2007 Linux Kernel Vulnerability Resurfaces (Was CVE-2007-4573, Now CVE-2010-3301) |
| 2010-08-13/a> | Guy Bruneau | Shadowserver Binary Whitelisting Service |
| 2010-07-24/a> | Manuel Humberto Santander Pelaez | GnuPG gpgsm bug |
| 2010-06-15/a> | Manuel Humberto Santander Pelaez | Microsoft Windows Help and Support Center vulnerability (CVE 2010-1885) exploit in the wild |
| 2010-04-22/a> | Guy Bruneau | MS10-025 Security Update has been Pulled |
| 2010-03-03/a> | Mark Hofman | MS10-015 re-released |
| 2010-02-19/a> | Mark Hofman | MS10-015 may cause Windows XP to blue screen (but only if you have malware on it) |
| 2010-02-17/a> | Rob VandenBrink | Cisco ASA5500 Security Updates - cisco-sa-20100217-asa |
| 2010-02-01/a> | Rob VandenBrink | NMAP 5.21 - Is UDP Protocol Specific Scanning Important? Why Should I Care? |
| 2009-12-24/a> | Guy Bruneau | F5 BIG-IP ASM and PSM Remote Buffer Overflow |
| 2009-10-23/a> | Johannes Ullrich | Little new tool: reversing md5/sha1 hashes http://isc.sans.org/tools/reversehash.html |
| 2009-10-21/a> | Pedro Bueno | Cyber Security Awareness Month - Day 21 - Port 135 |
| 2009-10-16/a> | Adrien de Beaupre | Cyber Security Awareness Month - Day 16 - Port 1521 - Oracle TNS Listener |
| 2009-10-15/a> | Deborah Hale | Cyber Security Awareness Month - Day 15 - Ports 995, 465, and 993 - Secure Email |
| 2009-10-08/a> | Johannes Ullrich | Cyber Security Awareness Month - Day 8 - Port 25 - SMTP |
| 2009-09-07/a> | Jim Clausing | Request for packets |
| 2009-07-17/a> | Stephen Hall | Firefox 3.5.1 has been released |
| 2009-05-28/a> | Stephen Hall | Microsoft DirectShow vulnerability |
| 2009-03-28/a> | Rick Wanner | New Beta release of Nmap |
| 2009-03-05/a> | Mark Hofman | What's up with port 445? |
| 2009-01-02/a> | Mark Hofman | Blocking access to MD5 signed certs |
| 2008-12-30/a> | Johannes Ullrich | MD5 SSL Summary |
| 2008-12-17/a> | donald smith | Team CYMRU's Malware Hash Registry |
| 2008-08-22/a> | Patrick Nolan | MS08-051 V2.0 Patch issued August 20, 2008 |
| 2008-05-26/a> | Marcus Sachs | Port 1533 on the Rise |
| 2006-09-19/a> | Swa Frantzen | Yet another MSIE 0-day: VML |
| 2006-09-15/a> | Swa Frantzen | MSIE DirectAnimation ActiveX 0-day update |
R2 |
| 2024-03-14/a> | Jan Kopriva | Increase in the number of phishing messages pointing to IPFS and to R2 buckets |
| 2019-03-15/a> | Remco Verhoef | Binary Analysis with Jupyter and Radare2 |
| 2016-10-10/a> | Didier Stevens | Radare2: rahash2 |
| 2012-04-12/a> | Guy Bruneau | wicd Privilege Escalation 0day exploit for Backtrack 5 R2 |
