Internet Storm Center
Sign In
Sign Up
Handler on Duty:
Didier Stevens
Threat Level:
green
Date
Author
Title
2024-11-17
Johannes Ullrich
Ancient TP-Link Backdoor Discovered by Attackers
2024-04-01
Bojan Zdrnja
The amazingly scary xz sshd backdoor
2023-09-30
Xavier Mertens
Simple Netcat Backdoor in Python Script
2023-06-09
Xavier Mertens
Undetected PowerShell Backdoor Disguised as a Profile File
2023-03-18
Xavier Mertens
Old Backdoor, New Obfuscation
2023-02-09
Xavier Mertens
A Backdoor with Smart Screenshot Capability
2022-10-07
Xavier Mertens
Powershell Backdoor with DGA Capability
2022-05-09
Xavier Mertens
Octopus Backdoor is Back with a New Embedded Obfuscated Bat File
2022-03-18
Johannes Ullrich
Scans for Movable Type Vulnerability (CVE-2021-20837)
2021-12-15
Xavier Mertens
Simple but Undetected PowerShell Backdoor
2021-11-21
Didier Stevens
Backdooring PAM
2021-11-08
Xavier Mertens
(Ab)Using Security Tools & Controls for the Bad
2021-07-02
Xavier Mertens
"inception.py"... Multiple Base64 Encodings
2021-05-28
Xavier Mertens
Malicious PowerShell Hosted on script.google.com
2020-12-24
Xavier Mertens
Malicious Word Document Delivering an Octopus Backdoor
2020-12-10
Xavier Mertens
Python Backdoor Talking to a C2 Through Ngrok
2020-11-25
Xavier Mertens
Live Patching Windows API Calls Using PowerShell
2020-07-11
Guy Bruneau
Scanning Home Internet Facing Devices to Exploit
2018-12-16
Guy Bruneau
Random Port Scan for Open RDP Backdoor
2018-06-13
Xavier Mertens
A Bunch of Compromized Wordpress Sites
2018-03-05
Xavier Mertens
Malicious Bash Script with Multiple Features
2017-09-18
Xavier Mertens
CCleaner 5.33 compromised - http://www.piriform.com/news/release-announcements/2017/9/18/security-notification-for-ccleaner-v5336162-and-ccleaner-cloud-v1073191-for-32-bit-windows-users
2017-09-14
Xavier Mertens
Another webshell, another backdoor!
2017-05-12
Xavier Mertens
When Bad Guys are Pwning Bad Guys...
2017-02-28
Xavier Mertens
Analysis of a Simple PHP Backdoor
2016-01-21
Jim Clausing
Scanning for Fortinet ssh backdoor
2015-06-26
Daniel Wesemann
Cisco default credentials - again!
2014-07-08
Johannes Ullrich
Hardcoded Netgear Prosafe Switch Password
2014-07-02
Johannes Ullrich
Cisco Unified Communications Domain Manager Update
2014-01-10
Basil Alawi S.Taher
Cisco Small Business Devices backdoor fix
2014-01-02
Johannes Ullrich
Scans Increase for New Linksys Backdoor (32764/TCP)
2013-12-24
Daniel Wesemann
Unfriendly crontab additions
2013-12-16
Tom Webb
The case of Minerd
2013-11-05
Daniel Wesemann
Is your vacuum cleaner sending spam?
2012-05-18
Johannes Ullrich
ZTE Score M Android Phone backdoor
2011-07-04
Deborah Hale
VSFTP Backdoor in Source Code
2010-12-15
Johannes Ullrich
OpenBSD IPSec "Backdoor"
2010-12-02
Kevin Johnson
ProFTPD distribution servers compromised
2010-08-30
Adrien de Beaupre
Apple QuickTime potential vulnerability/backdoor
2009-10-05
Adrien de Beaupre
Cyber Security Awareness Month - Day 5 port 31337
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
Follow updates by subscribing to the handler's
diary RSS feed