MS SQL SERVER |
| 2008-12-15 | Toby Kohlenberg | New MS SQL Server vulnerability |
MS |
| 2025-04-24/a> | Johannes Ullrich | Attacks against Teltonika Networks SMS Gateways |
| 2024-10-17/a> | Guy Bruneau | Scanning Activity from Subnet 15.184.0.0/16 |
| 2024-08-29/a> | Xavier Mertens | Live Patching DLLs with Python |
| 2024-08-14/a> | Xavier Mertens | Multiple Malware Dropped Through MSI Package |
| 2024-06-17/a> | Xavier Mertens | New NetSupport Campaign Delivered Through MSIX Packages |
| 2024-04-22/a> | Jan Kopriva | It appears that the number of industrial devices accessible from the internet has risen by 30 thousand over the past three years |
| 2024-02-09/a> | Xavier Mertens | MSIX With Heavily Obfuscated PowerShell Script |
| 2023-11-18/a> | Xavier Mertens | Quasar RAT Delivered Through Updated SharpLoader |
| 2023-11-15/a> | Xavier Mertens | Redline Dropped Through MSIX Package |
| 2023-08-16/a> | Yee Ching Tok | A Gentle Reminder: The Evolving Nature of Digital Scams |
| 2023-08-10/a> | Bojan Zdrnja | Some things never change ? such as SQL Authentication ?encryption? |
| 2023-06-19/a> | Xavier Mertens | Malware Delivered Through .inf File |
| 2023-02-26/a> | Didier Stevens | oledump & MSI Files |
| 2022-09-23/a> | Xavier Mertens | Kids Like Cookies, Malware Too! |
| 2022-06-12/a> | Didier Stevens | Quickie: Follina, RTF & Explorer Preview Pane |
| 2022-05-31/a> | Xavier Mertens | First Exploitation of Follina Seen in the Wild |
| 2022-05-30/a> | Xavier Mertens | New Microsoft Office Attack Vector via "ms-msdt" Protocol Scheme (CVE-2022-30190) |
| 2022-05-14/a> | Didier Stevens | Quick Analysis Of Phishing MSG |
| 2022-04-14/a> | Johannes Ullrich | An Update on CVE-2022-26809 - MSRPC Vulnerabliity - PATCH NOW |
| 2022-03-18/a> | Johannes Ullrich | Scans for Movable Type Vulnerability (CVE-2021-20837) |
| 2022-01-31/a> | Xavier Mertens | Be careful with RPMSG files |
| 2022-01-09/a> | Didier Stevens | Extracting Cobalt Strike Beacons from MSBuild Scripts |
| 2021-12-16/a> | Brad Duncan | How the "Contact Forms" campaign tricks people |
| 2021-10-03/a> | Didier Stevens | Video: CVE-2021-40444 Maldocs: Extracting URLs |
| 2021-07-02/a> | Xavier Mertens | Kaseya VSA Users Hit by Ransomware |
| 2021-05-14/a> | Xavier Mertens | "Open" Access to Industrial Systems Interface is Also Far From Zero |
| 2021-05-12/a> | Jan Kopriva | Number of industrial control systems on the internet is lower then in 2020...but still far from zero |
| 2021-05-08/a> | Guy Bruneau | Who is Probing the Internet for Research Purposes? |
| 2021-04-28/a> | Xavier Mertens | Deeper Analyzis of my Last Malicious PowerPoint Add-On |
| 2021-04-13/a> | Richard Porter | Microsoft April 2021 Patch Tuesday |
| 2021-02-26/a> | Guy Bruneau | Pretending to be an Outlook Version Update |
| 2020-10-12/a> | Didier Stevens | Nested .MSGs: Turtles All The Way Down |
| 2020-10-11/a> | Didier Stevens | Analyzing MSG Files With plugin_msg_summary |
| 2020-09-29/a> | Xavier Mertens | Managing Remote Access for Partners & Contractors |
| 2020-08-22/a> | Guy Bruneau | Remote Desktop (TCP/3389) and Telnet (TCP/23), What might they have in Common? |
| 2019-11-18/a> | Johannes Ullrich | SMS and 2FA: Another Reason to Move away from It. |
| 2019-10-20/a> | Guy Bruneau | Scanning Activity for NVMS-9000 Digital Video Recorder |
| 2019-08-28/a> | Xavier Mertens | Malware Samples Compiling Their Next Stage on Premise |
| 2019-04-04/a> | Xavier Mertens | New Waves of Scans Detected by an Old Rule |
| 2018-10-21/a> | Didier Stevens | MSG Files: Compressed RTF |
| 2018-08-19/a> | Didier Stevens | Video: Peeking into msg files - revisited |
| 2018-08-11/a> | Didier Stevens | Peeking into msg files - revisited |
| 2018-07-23/a> | Didier Stevens | Analyzing MSG files |
| 2018-06-12/a> | Johannes Ullrich | Microsoft June 2018 Patch Tuesday |
| 2018-05-25/a> | Xavier Mertens | Antivirus Evasion? Easy as 1,2,3 |
| 2017-10-15/a> | Didier Stevens | Peeking into .msg files |
| 2017-07-24/a> | Renato Marinho | Uber drivers new threat: the "passenger" |
| 2017-07-16/a> | Renato Marinho | SMS Phishing induces victims to photograph its own token card |
| 2017-07-01/a> | Rick Wanner | Using nmap to scan for MS17-010 (CVE-2017-0143 EternalBlue) |
| 2017-05-13/a> | Guy Bruneau | Microsoft Released Guidance for WannaCrypt |
| 2017-04-26/a> | Johannes Ullrich | If there are some unexploited MSSQL Servers With Weak Passwords Left: They got you now (again) |
| 2017-03-31/a> | Xavier Mertens | Pro & Con of Outsourcing your SOC |
| 2017-01-10/a> | Johannes Ullrich | January 2017 Microsoft Patch Tuesday |
| 2016-02-23/a> | Xavier Mertens | VMware VMSA-2016-0002 |
| 2016-02-13/a> | Guy Bruneau | VMware VMSA-2015-0007.3 has been Re-released |
| 2016-02-09/a> | Johannes Ullrich | Microsoft February 2016 Patch Tuesday |
| 2016-01-24/a> | Didier Stevens | Obfuscated MIME Files |
| 2016-01-12/a> | Alex Stanford | January 2016 Microsoft Patch Tuesday |
| 2015-12-08/a> | Johannes Ullrich | December 2015 Microsoft Patch Tuesday |
| 2015-11-10/a> | Johannes Ullrich | November 2015 Microsoft Patch Tuesday |
| 2015-10-13/a> | Alex Stanford | October 2015 Microsoft Patch Tuesday |
| 2015-09-08/a> | Lenny Zeltser | A Close Look at PayPal Overpayment Scams That Target Craigslist Sellers |
| 2015-09-08/a> | Johannes Ullrich | September 2015 Microsoft Patch Tuesday |
| 2015-08-11/a> | Manuel Humberto Santander Pelaez | August 2015 Microsoft Patch Tuesday |
| 2015-07-14/a> | Johannes Ullrich | July 2015 Microsoft Patch Tuesday |
| 2015-06-09/a> | Johannes Ullrich | Microsoft Patch Tuesday Summary for June 2015 |
| 2015-05-15/a> | Didier Stevens | Another Maldoc? I'm Afraid So... |
| 2015-05-12/a> | Johannes Ullrich | May 2015 Microsoft Patch Tuesday Summary |
| 2015-05-09/a> | Didier Stevens | Malicious Word Document: This Time The Maldoc Is A MIME File |
| 2015-04-28/a> | Daniel Wesemann | Scammy Nepal earthquake donation requests |
| 2015-04-15/a> | Johannes Ullrich | MS15-034: HTTP.sys (IIS) DoS And Possible Remote Code Execution. PATCH NOW |
| 2015-04-14/a> | Alex Stanford | Microsoft Patch Tuesday - April 2015 |
| 2015-03-10/a> | Johannes Ullrich | Microsoft March Patch Tuesday |
| 2015-02-10/a> | Mark Baggett | Microsoft Update Advisory for February 2015 |
| 2015-01-13/a> | Johannes Ullrich | Microsoft Patch Tuesday - January 2015 (Really? Telnet?) |
| 2014-12-09/a> | Alex Stanford | Microsoft Patch Tuesday - December 2014 |
| 2014-11-18/a> | Jim Clausing | Microsoft November out-of-cycle patch MS14-068 |
| 2014-11-11/a> | Johannes Ullrich | Microsoft November 2014 Patch Tuesday |
| 2014-10-14/a> | Johannes Ullrich | Microsoft October 2014 Patch Tuesday |
| 2014-09-09/a> | Alex Stanford | Microsoft Patch Tuesday - September 2014 |
| 2014-08-12/a> | Alex Stanford | Microsoft Patch Tuesday - August 2014 |
| 2014-07-08/a> | Alex Stanford | Microsoft Patch Tuesday - July |
| 2014-06-10/a> | Alex Stanford | Microsoft Patch Tuesday June 2014 |
| 2014-05-13/a> | Johannes Ullrich | Microsoft May 2014 Patch Tuesday |
| 2014-05-01/a> | Johannes Ullrich | Microsoft Announces Special Patch for IE 0-day (Win XP included!) |
| 2014-04-08/a> | Richard Porter | April 2014 Microsoft Patches |
| 2014-03-11/a> | Johannes Ullrich | Microsoft Patch Tuesday March 2014 |
| 2014-02-11/a> | Johannes Ullrich | February 2014 Microsoft Patch Tuesday |
| 2014-01-14/a> | Johannes Ullrich | Microsoft Patch Tuesday January 2014 |
| 2013-12-10/a> | Johannes Ullrich | Microsoft December Patch Tuesday |
| 2013-11-12/a> | Johannes Ullrich | November 2013 Microsoft Patch Tuesday |
| 2013-11-09/a> | Guy Bruneau | IE Zero-Day Vulnerability Exploiting msvcrt.dll |
| 2013-11-01/a> | Russ McRee | Secunia's PSI Country Report - Q3 2013 |
| 2013-10-08/a> | Johannes Ullrich | Microsoft October 2013 Patch Tuesday |
| 2013-10-04/a> | Pedro Bueno | CSAM: WebHosting BruteForce logs |
| 2013-10-03/a> | Johannes Ullrich | October Patch Tuesday Preview (CVE-2013-3893 patch coming!) |
| 2013-10-02/a> | John Bambenek | Obamacare related domain registration spike, Government shutdown domain registration beginning |
| 2013-09-19/a> | Bojan Zdrnja | Arrays in requests, PHP and DedeCMS |
| 2013-09-10/a> | Swa Frantzen | Microsoft September 2013 Black Tuesday Overview |
| 2013-09-07/a> | Guy Bruneau | Microsoft September Patch Pre-Announcement |
| 2013-08-28/a> | Bojan Zdrnja | MS13-056 (false positive)? alerts |
| 2013-08-15/a> | Johannes Ullrich | Microsoft Pulls MS013-061 due to problems with Exchange Server 2013 http://blogs.technet.com/b/exchange/archive/2013/08/14/exchange-2013-security-update-ms13-061-status-update.aspx |
| 2013-08-13/a> | Swa Frantzen | Microsoft August 2013 Black Tuesday Overview |
| 2013-07-21/a> | Guy Bruneau | Ubuntu Forums Security Breach |
| 2013-07-09/a> | Swa Frantzen | Microsoft July 2013 Black Tuesday Overview |
| 2013-06-11/a> | Swa Frantzen | Microsoft June 2013 Black Tuesday Overview |
| 2013-06-11/a> | Swa Frantzen | Other Microsoft Black Tuesday News |
| 2013-05-14/a> | Swa Frantzen | Microsoft May 2013 Black Tuesday Overview |
| 2013-05-09/a> | Johannes Ullrich | Microsoft released a Fix-it for the Internet Explorer 8 Vulnerability http://support.microsoft.com/kb/2847140 |
| 2013-04-17/a> | John Bambenek | UPDATEDx1: Boston-Related Malware Campaigns Have Begun - Now with Waco Plant Explosion Fun |
| 2013-04-09/a> | Swa Frantzen | Microsoft April 2013 Black Tuesday Overview |
| 2013-03-12/a> | Swa Frantzen | Microsoft March 2013 Black Tuesday Overview |
| 2013-03-03/a> | Richard Porter | Uptick in MSSQL Activity |
| 2013-02-12/a> | Adam Swanger | Microsoft February 2013 Black Tuesday Update - Overview |
| 2013-01-14/a> | Richard Porter | January 2013 Microsoft Out of Cycle Patch |
| 2013-01-09/a> | Rob VandenBrink | Security Update - Cisco Prime LMS (cisco-sa-20130109-lms - remote execution as root vulnerability) - advisory at: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-lms |
| 2013-01-08/a> | Richard Porter | Microsoft January 2013 Black Tuesday Update - Overview |
| 2012-12-11/a> | John Bambenek | Microsoft December 2012 Black Tuesday Update - Overview |
| 2012-11-13/a> | Jim Clausing | Microsoft November 2012 Black Tuesday Update - Overview |
| 2012-10-09/a> | Johannes Ullrich | Microsoft October 2012 Black Tuesday Update - Overview |
| 2012-09-11/a> | Adam Swanger | Microsoft September 2012 Black Tuesday Update - Overview |
| 2012-08-22/a> | Adrien de Beaupre | Phishing/spam via SMS |
| 2012-08-14/a> | Rick Wanner | Microsoft August 2012 Black Tuesday Update - Overview |
| 2012-07-30/a> | Guy Bruneau | End of Days for MS-CHAPv2 |
| 2012-07-10/a> | Swa Frantzen | Microsoft July 2012 Black Tuesday Update - Overview |
| 2012-06-12/a> | Swa Frantzen | Microsoft June 2012 Black Tuesday Update - Overview |
| 2012-06-12/a> | Swa Frantzen | Microsoft Security Advisory 2719615 - MSXML - CVE-2012-1889 |
| 2012-05-08/a> | Adam Swanger | Microsoft May 2012 Black Tuesday Update - Overview |
| 2012-05-05/a> | Tony Carothers | Vulnerability Exploit for Snow Leopard |
| 2012-04-27/a> | Mark Hofman | Microsoft has added MSSQL 2008 R2 SP1 to the list of affected software for MS12-027 (Thanks Ryan). More info here --> http://technet.microsoft.com/security/bulletin/ms12-027 |
| 2012-04-26/a> | Richard Porter | Packetstorm Security and Metasploit have Exploit code for MS12-027 |
| 2012-04-10/a> | Swa Frantzen | Windows Vista RIP |
| 2012-04-10/a> | Swa Frantzen | Microsoft April 2012 Black Tuesday Update - Overview |
| 2012-03-13/a> | Lenny Zeltser | March 2012 Microsoft Black Tuesday |
| 2012-02-14/a> | Johannes Ullrich | February 2012 Microsoft Black Tuesday |
| 2012-01-10/a> | Adrien de Beaupre | January 2012 Microsoft Black Tuesday Summary |
| 2012-01-06/a> | Guy Bruneau | January 2012 Patch Tuesday Pre-release |
| 2011-12-13/a> | Johannes Ullrich | December 2011 Microsoft Black Tuesday Summary |
| 2011-11-08/a> | Swa Frantzen | Microsoft November 2011 Black Tuesday Overview |
| 2011-11-03/a> | Guy Bruneau | November 2011 Patch Tuesday Pre-release |
| 2011-10-11/a> | Swa Frantzen | Microsoft Black Tuesday Overview October 2011 |
| 2011-10-11/a> | Swa Frantzen | Microsoft Security Intelligence Report (SIR) - Volume 11 |
| 2011-09-30/a> | Tony Carothers | Microsoft Security Essentials Mis-identifes Chrome |
| 2011-09-13/a> | Swa Frantzen | Microsoft September 2011 Black Tuesday |
| 2011-09-13/a> | Swa Frantzen | More DigiNotar intermediate certificates blocklisted at Microsoft |
| 2011-09-09/a> | Johannes Ullrich | Early Patch Tuesday Today: Microsoft September 2011 Patches |
| 2011-08-11/a> | Johannes Ullrich | As part of this weeks patch tuesday, microsoft also re-release MS11-043 to address stability issues. |
| 2011-08-09/a> | Swa Frantzen | Microsoft August 2011 Black Tuesday Overview |
| 2011-07-19/a> | Richard Porter | SMS Phishing at the SANSFire 2011 Handler Dinner |
| 2011-07-12/a> | Swa Frantzen | Microsoft July 2011 Black Tuesday Overview |
| 2011-06-14/a> | Swa Frantzen | Microsoft June 2011 Black Tuesday Overview |
| 2011-05-10/a> | Swa Frantzen | May 2011 Microsoft Black Tuesday Overview |
| 2011-04-15/a> | Kevin Liston | MS11-020 (KB2508429) Upgrading from Critical to PATCH NOW |
| 2011-04-11/a> | Jim Clausing | April 2011 Microsoft Black Tuesday Summary |
| 2011-03-08/a> | Jim Clausing | March 2011 Microsoft Black Tuesday Summary |
| 2011-02-08/a> | Joel Esler | Feburary 2011 Microsoft Black Tuesday Summary |
| 2011-01-11/a> | Kevin Shortt | January 2011 Microsoft Black Tuesday Summary |
| 2011-01-08/a> | Guy Bruneau | January 2011 Patch Tuesday Pre-release |
| 2011-01-05/a> | Johannes Ullrich | Currently Unpatched Windows / Internet Explorer Vulnerabilities |
| 2010-12-23/a> | Mark Hofman | Older AV Scam Active again. |
| 2010-12-15/a> | Manuel Humberto Santander Pelaez | HP StorageWorks P2000 G3 MSA hardcoded user |
| 2010-12-14/a> | Manuel Humberto Santander Pelaez | December 2010 Microsoft Black Tuesday Summary |
| 2010-12-01/a> | Deborah Hale | A Gentle Reminder - It is that time of year again |
| 2010-11-09/a> | Johannes Ullrich | November 2010 Microsoft Black Tuesday Summary |
| 2010-10-12/a> | Adrien de Beaupre | October 2010 Microsoft Black Tuesday Summary |
| 2010-10-08/a> | Rick Wanner | Patch Tuesday Pre-release -- 16 updates |
| 2010-09-30/a> | Pedro Bueno | MS OOB .NET patch is now also available via Windows Update. |
| 2010-09-14/a> | Adrien de Beaupre | September 2010 Microsoft Black Tuesday Summary |
| 2010-08-29/a> | Swa Frantzen | DLL hijacking - what are you doing ? |
| 2010-08-22/a> | Manuel Humberto Santander Pelaez | SCADA: A big challenge for information security professionals |
| 2010-08-10/a> | Jim Clausing | August 2010 Micrsoft Black Tuesday Summary |
| 2010-07-26/a> | Guy Bruneau | SophosLabs Released Free Tool to Validate Microsoft Shortcut |
| 2010-07-13/a> | Jim Clausing | July 2010 Microsoft Black Tuesday Summary |
| 2010-07-08/a> | Kyle Haugsness | New poll on MSRC |
| 2010-06-08/a> | Manuel Humberto Santander Pelaez | June 2010 Microsoft Black Tuesday Summary |
| 2010-05-11/a> | Scott Fendley | May 2010 Microsoft Patches |
| 2010-04-22/a> | Guy Bruneau | MS10-025 Security Update has been Pulled |
| 2010-04-16/a> | G. N. White | MS10-021: Encountering A Failed WinXP Update |
| 2010-04-13/a> | Johannes Ullrich | Microsoft April 2010 Patch Tuesday |
| 2010-03-29/a> | Pedro Bueno | Microsoft to release out-of-band security bulletin tomorrow for IE6/IE7 with cumulative fix. |
| 2010-03-09/a> | John Bambenek | March 2010 - Microsoft Patch Tuesday Diary |
| 2010-03-03/a> | Mark Hofman | MS10-015 re-released |
| 2010-03-01/a> | Mark Hofman | AS/NZ "Online Offensive - Fight fraud online" week March 1-7 |
| 2010-02-19/a> | Mark Hofman | MS10-015 may cause Windows XP to blue screen (but only if you have malware on it) |
| 2010-02-11/a> | Deborah Hale | Critical Update for AD RMS |
| 2010-02-09/a> | Johannes Ullrich | February 2010 Black Tuesday Overview |
| 2010-01-21/a> | Johannes Ullrich | Microsoft January Out of Band Patch |
| 2010-01-13/a> | Johannes Ullrich | SMS Donations Advertised via Twitter |
| 2010-01-12/a> | Johannes Ullrich | Microsoft Security Bulletin: January 2010 |
| 2009-12-08/a> | Deborah Hale | December 2009 Black Tuesday Overview |
| 2009-11-10/a> | Swa Frantzen | Microsoft November Black Tuesday Overview |
| 2009-10-14/a> | Johannes Ullrich | Odd Apache/MSIE issue with downloads from ISC |
| 2009-10-13/a> | Johannes Ullrich | Microsoft October 2009 Black Tuesday Overview |
| 2009-09-08/a> | Guy Bruneau | Microsoft September 2009 Black Tuesday Overview |
| 2009-08-18/a> | Bojan Zdrnja | MS09-039 exploit in the wild? |
| 2009-08-11/a> | Swa Frantzen | Microsoft August 2009 Black Tuesday Overview |
| 2009-07-14/a> | Swa Frantzen | Microsoft July Black Tuesday Overview |
| 2009-07-06/a> | Stephen Hall | 0-day in Microsoft DirectShow (msvidctl.dll) used in drive-by attacks |
| 2009-06-09/a> | Swa Frantzen | Microsoft June Black Tuesday Overview |
| 2009-05-20/a> | Pedro Bueno | Cyber Warfare and Kylin thoughts |
| 2009-05-12/a> | Swa Frantzen | May Black Tuesday Overview |
| 2009-05-10/a> | Mari Nichols | Is your Symantec Antivirus Alerting working correctly? |
| 2009-04-23/a> | Kyle Haugsness | Possible MS09-013 activity |
| 2009-04-14/a> | Swa Frantzen | April Black Tuesday Overview |
| 2009-03-10/a> | Swa Frantzen | March black Tuesday overview |
| 2009-02-19/a> | Bojan Zdrnja | MS09-002, XML/DOC and initial infection vector |
| 2009-02-17/a> | Bojan Zdrnja | MS09-002 exploit in the wild |
| 2009-02-13/a> | Andre Ludwig | Third party information on conficker |
| 2009-02-10/a> | Swa Frantzen | February Black Tuesday Overview |
| 2009-01-13/a> | Johannes Ullrich | January Black Tuesday Overview |
| 2009-01-12/a> | William Salusky | Downadup / Conficker - MS08-067 exploit and Windows domain account lockout |
| 2008-12-15/a> | Toby Kohlenberg | New MS SQL Server vulnerability |
| 2008-12-12/a> | Johannes Ullrich | MSIE 0-day Spreading Via SQL Injection |
| 2008-12-09/a> | Swa Frantzen | December Black Tuesday Overview |
| 2008-12-09/a> | Swa Frantzen | Contacting us might be hard today |
| 2008-11-29/a> | Pedro Bueno | Possible Mumbai Scams? |
| 2008-11-11/a> | Swa Frantzen | November Black Tuesday Overview |
| 2008-10-14/a> | Swa Frantzen | October Black Tuesday Overview |
| 2008-09-09/a> | Swa Frantzen | September 2008 Black Tuesday Overview |
| 2008-08-22/a> | Patrick Nolan | MS08-051 V2.0 Patch issued August 20, 2008 |
| 2008-08-15/a> | Jim Clausing | Another MS update that may have escaped notice |
| 2008-08-12/a> | Stephen Hall | August 2008 Black Tuesday Overview |
| 2008-07-08/a> | Swa Frantzen | July 2008 black tuesday overview |
| 2008-06-13/a> | Johannes Ullrich | Floods: More of the same (2) |
| 2008-06-10/a> | Swa Frantzen | June 2008 Black Tuesday Overview |
| 2008-05-19/a> | Maarten Van Horenbeeck | Text message and telephone aid scams |
| 2008-05-17/a> | Lorna Hutcheson | XP SP3 Issues |
| 2008-05-13/a> | Swa Frantzen | May 2008 black tuesday overview |
| 2008-04-22/a> | donald smith | Maximus root kit downloads via MySpace social engineering trick. |
| 2008-04-10/a> | Deborah Hale | Symantec Threatcon Level 2 |
| 2008-04-08/a> | Swa Frantzen | April 2008 - Black Tuesday Overview |
| 2008-03-11/a> | Swa Frantzen | March Black Tuesday Overview |
| 2008-02-12/a> | Swa Frantzen | February Black Tuesday Overview |
| 2008-01-08/a> | Swa Frantzen | January Black Tuesday overview |
| 2007-12-11/a> | Swa Frantzen | December black tuesday overview |
| 2007-11-13/a> | Swa Frantzen | november black tuesday overview |
| 2007-10-09/a> | Swa Frantzen | October Black Tuesday overview |
| 2007-09-11/a> | Swa Frantzen | September microsoft patch overview |
| 2007-08-14/a> | Swa Frantzen | August 'Black Tuesday' overview |
| 2007-07-10/a> | Swa Frantzen | July 'Black Tuesday' overview |
| 2007-06-12/a> | Johannes Ullrich | June 2007, Microsoft Patch Tuesday Overview. |
| 2007-05-08/a> | Swa Frantzen | May 2007, Black Tuesday patch overview |
| 2007-04-10/a> | Swa Frantzen | Microsoft black Tuesday patches - April 2007 |
| 2007-04-03/a> | Swa Frantzen | * Microsoft out of cycle patch |
| 2007-02-13/a> | Swa Frantzen | Microsoft Black Tuesday patches - February 2007 |
| 2007-01-09/a> | Swa Frantzen | Microsoft Patches - January 2007 - overview |
| 2006-12-12/a> | Swa Frantzen | Microsoft Black Tuesday - December 2006 overview |
| 2006-11-14/a> | Jim Clausing | MS06-071: MSXML Core Services |
| 2006-11-14/a> | Swa Frantzen | Microsoft Black Tuesday Overview |
| 2006-10-10/a> | Johannes Ullrich | MS06-056: ASP.NET XSS Information Disclosure Vulnerability (moderate) |
| 2006-10-10/a> | Johannes Ullrich | MS06-061: XSLT/MSXML Buffer Overflow Code Execution Vulnerability (moderate) |
| 2006-10-10/a> | Kyle Haugsness | MS06-063: Mailslot DoS (Server service) |
| 2006-10-09/a> | Swa Frantzen | Microsoft black tuesday - October 2006 STATUS |
| 2006-10-05/a> | Swa Frantzen | MS06-053 revisited ? |
| 2006-09-30/a> | Swa Frantzen | Yellow: WebViewFolderIcon setslice exploit spreading |
| 2006-09-28/a> | Swa Frantzen | MSIE: One patched, one pops up again (setslice) |
| 2006-09-22/a> | Swa Frantzen | Yellow: MSIE VML exploit spreading |
| 2006-09-19/a> | Swa Frantzen | Yet another MSIE 0-day: VML |
| 2006-09-15/a> | Swa Frantzen | MSIE DirectAnimation ActiveX 0-day update |
| 2006-09-12/a> | Swa Frantzen | Microsoft security patches for September 2006 |
| 2006-08-17/a> | Swa Frantzen | Microsoft August 2006 Patches: STATUS |
SQL |
| 2025-02-20/a> | Guy Bruneau | Using ES|QL in Kibana to Queries DShield Honeypot Logs |
| 2025-01-16/a> | Jesse La Grew | Extracting Practical Observations from Impractical Datasets |
| 2023-08-25/a> | Xavier Mertens | Python Malware Using Postgresql for C2 Communications |
| 2023-08-10/a> | Bojan Zdrnja | Some things never change ? such as SQL Authentication ?encryption? |
| 2023-07-23/a> | Guy Bruneau | Install & Configure Filebeat on Raspberry Pi ARM64 to Parse DShield Sensor Logs |
| 2021-06-12/a> | Guy Bruneau | Fortinet Targeted for Unpatched SSL VPN Discovery Activity |
| 2020-07-30/a> | Johannes Ullrich | Python Developers: Prepare!!! |
| 2017-08-07/a> | Xavier Mertens | Increase of phpMyAdmin scans |
| 2017-08-02/a> | Bojan Zdrnja | Attacking NoSQL applications (part 2) |
| 2017-04-26/a> | Johannes Ullrich | If there are some unexploited MSSQL Servers With Weak Passwords Left: They got you now (again) |
| 2016-12-06/a> | Bojan Zdrnja | Attacking NoSQL applications |
| 2016-08-11/a> | Pasquale Stirparo | Looking for the insider: Forensic Artifacts on iOS Messaging App |
| 2016-06-03/a> | Tom Liston | MySQL is YourSQL |
| 2016-04-27/a> | Tom Webb | Kippos Cousin Cowrie |
| 2016-02-15/a> | Bojan Zdrnja | Exploiting (pretty) blind SQL injections |
| 2013-10-19/a> | Johannes Ullrich | Yet Another WHMCS SQL Injection Exploit |
| 2013-07-16/a> | Johannes Ullrich | Why don't we see more examples of web app attacks via POST? |
| 2013-04-04/a> | Johannes Ullrich | Postgresql Patches Critical Vulnerability |
| 2013-03-03/a> | Richard Porter | Uptick in MSSQL Activity |
| 2013-01-25/a> | Johannes Ullrich | Vulnerability Scans via Search Engines (Request for Logs) |
| 2013-01-09/a> | Rob VandenBrink | SQL Injection Flaw in Ruby on Rails |
| 2012-12-02/a> | Guy Bruneau | Zero Day MySQL Buffer Overflow |
| 2012-10-05/a> | Richard Porter | Reports of a Distributed Injection Scan |
| 2012-09-21/a> | Guy Bruneau | Storing your Collection of Malware Samples with Malwarehouse |
| 2012-07-31/a> | Daniel Wesemann | SQL injection, lilupophilupop-style |
| 2012-06-11/a> | Johannes Ullrich | Exploit Available for Trivial MySQL Password Bypass |
| 2011-12-01/a> | Mark Hofman | SQL Injection Attack happening ATM |
| 2011-06-06/a> | Johannes Ullrich | The Havij SQL Injection Tool |
| 2011-04-19/a> | Bojan Zdrnja | SQL injection: why can’t we learn? |
| 2011-04-01/a> | John Bambenek | LizaMoon Mass SQL-Injection Attack Infected at least 500k Websites |
| 2010-12-02/a> | Kevin Johnson | SQL Injection: Wordpress 3.0.2 released |
| 2010-08-15/a> | Manuel Humberto Santander Pelaez | Obfuscated SQL Injection attacks |
| 2010-05-21/a> | Rick Wanner | MySQL 5.1.47 is now available - http://www.mysql.com/downloads/mysql/ |
| 2010-05-16/a> | Rick Wanner | Upcoming MySQL patch fixes several critical vulnerabilites |
| 2009-07-16/a> | Bojan Zdrnja | OWC exploits used in SQL injection attacks |
| 2009-05-19/a> | Bojan Zdrnja | Advanced blind SQL injection (with Oracle examples) |
| 2009-05-09/a> | Patrick Nolan | Shared SQL Injection Lessons Learned blog item |
| 2009-04-21/a> | Bojan Zdrnja | Web application vulnerabilities |
| 2009-02-11/a> | Robert Danford | ProFTPd SQL Authentication Vulnerability exploit activity |
| 2008-12-23/a> | Patrick Nolan | MS ACK's Vulnerability in SQL Server which Could Allow Remote Code Execution |
| 2008-12-15/a> | Toby Kohlenberg | New MS SQL Server vulnerability |
| 2008-12-12/a> | Johannes Ullrich | MSIE 0-day Spreading Via SQL Injection |
| 2008-12-01/a> | Jason Lam | Input filtering and escaping in SQL injection mitigation |
| 2008-11-20/a> | Jason Lam | Large quantity SQL Injection mitigation |
| 2008-09-29/a> | Daniel Wesemann | ASPROX mutant |
| 2008-09-01/a> | John Bambenek | The Number of Machines Controlled by Botnets Has Jumped 4x in Last 3 Months |
| 2008-08-23/a> | Mark Hofman | SQL injections - an update |
| 2008-08-08/a> | Mark Hofman | More SQL Injections - very active right now |
| 2008-07-24/a> | Bojan Zdrnja | What's brewing in Danmec's pot? |
| 2008-06-30/a> | Marcus Sachs | More SQL Injection with Fast Flux hosting |
| 2008-06-24/a> | Jason Lam | SQL Injection mitigation in ASP |
| 2008-06-24/a> | Jason Lam | Microsoft SQL Injection Prevention Strategy |
| 2008-06-23/a> | donald smith | Preventing SQL injection |
| 2008-06-13/a> | Johannes Ullrich | SQL Injection: More of the same |
| 2008-05-20/a> | Raul Siles | List of malicious domains inserted through SQL injection |
| 2008-04-24/a> | donald smith | Hundreds of thousands of SQL injections |
| 2008-04-16/a> | Bojan Zdrnja | The 10.000 web sites infection mystery solved |
| 2008-03-14/a> | Kevin Liston | 2117966.net-- mass iframe injection |
| 2008-01-09/a> | Bojan Zdrnja | Mass exploits with SQL Injection |
| 2007-02-24/a> | Jason Lam | Prepared Statements and SQL injections |
SERVER |
| 2024-04-22/a> | Jan Kopriva | It appears that the number of industrial devices accessible from the internet has risen by 30 thousand over the past three years |
| 2022-12-19/a> | Xavier Mertens | Hunting for Mastodon Servers |
| 2022-06-17/a> | Bojan Zdrnja | Critical vulnerability in Splunk Enterprise?s deployment server functionality |
| 2021-05-22/a> | Xavier Mertens | "Serverless" Phishing Campaign |
| 2020-05-29/a> | Johannes Ullrich | The Impact of Researchers on Our Data |
| 2017-09-16/a> | Guy Bruneau | VMware ESXi, vCenter Server, Fusion and Workstation updates resolve multiple security vulnerabilities - https://www.vmware.com/security/advisories/VMSA-2017-0015.html |
| 2015-05-20/a> | Brad Duncan | Logjam - vulnerabilities in Diffie-Hellman key exchange affect browsers and servers using TLS |
| 2013-07-27/a> | Scott Fendley | Defending Against Web Server Denial of Service Attacks |
| 2013-03-26/a> | Daniel Wesemann | How your Webhosting Account is Getting Abused |
| 2011-12-28/a> | Daniel Wesemann | Hash collisions vulnerability in web servers |
| 2011-09-04/a> | Lorna Hutcheson | Several Sites Defaced |
| 2011-06-30/a> | Rob VandenBrink | Update for RSA Authentication Manager |
| 2010-10-03/a> | Adrien de Beaupre | H went down. |
| 2010-09-16/a> | Johannes Ullrich | OpenX Ad-Server Vulnerability |
| 2010-03-24/a> | Johannes Ullrich | ".sys" Directories Delivering Driveby Downloads |
| 2009-11-14/a> | Adrien de Beaupre | Microsoft advisory for Windows 7 / Windows Server 2008 R2 Remote SMB DoS Exploit released |
| 2009-11-12/a> | Rob VandenBrink | Windows 7 / Windows Server 2008 Remote SMB Exploit |
| 2009-04-07/a> | Johannes Ullrich | SSH scanning from compromised mail servers |
| 2008-12-15/a> | Toby Kohlenberg | New MS SQL Server vulnerability |
| 2008-05-19/a> | Maarten Van Horenbeeck | Route filtering and its impact on the DNS fabric |
| 2006-10-03/a> | Swa Frantzen | Detecting attacks against servers |
