Date Author Title

DO NOT TRACK

2012-05-22Johannes UllrichThe "Do Not Track" header

DO

2025-03-31/a>Johannes UllrichApple Patches Everything: March 31st 2025 Edition
2025-02-05/a>Johannes UllrichPhishing via "com-" prefix domains
2024-12-20/a>Xavier MertensChristmas "Gift" Delivered Through SSH
2024-11-17/a>Johannes UllrichAncient TP-Link Backdoor Discovered by Attackers
2024-10-02/a>Jim ClausingSecurity related Docker containers
2024-09-25/a>Johannes UllrichDNS Reflection Update and Odd Corrupted DNS Requests
2024-08-19/a>Xavier MertensDo you Like Donuts? Here is a Donut Shellcode Delivered Through PowerShell/Python
2024-07-30/a>Johannes UllrichApple Patches Everything. July 2024 Edition
2024-04-29/a>Guy BruneauLinux Trojan - Xorddos with Filename eyshcjdmzg
2024-04-22/a>Jan KoprivaIt appears that the number of industrial devices accessible from the internet has risen by 30 thousand over the past three years
2024-04-01/a>Bojan ZdrnjaThe amazingly scary xz sshd backdoor
2024-03-29/a>Xavier MertensQuick Forensics Analysis of Apache logs
2024-03-05/a>Johannes UllrichApple Releases iOS/iPadOS Updates with Zero Day Fixes.
2024-02-27/a>Johannes UllrichTake Downs and the Rest of Us: Do they matter?
2024-01-22/a>Johannes UllrichApple Updates Everything - New 0 Day in WebKit
2023-12-31/a>Tom WebbPi-Hole Pi4 Docker Deployment
2023-12-11/a>Johannes UllrichApple Patches Everything
2023-11-09/a>Guy BruneauRouters Targeted for Gafgyt Botnet [Guest Diary]
2023-10-25/a>Johannes UllrichApple Patches Everything. Releases iOS 17.1, MacOS 14.1 and updates for older versions fixing exploited vulnerability
2023-10-15/a>Guy BruneauDomain Name Used as Password Captured by DShield Sensor
2023-10-09/a>Didier StevensZIP's DOSTIME & DOSDATE Formats
2023-09-30/a>Xavier MertensSimple Netcat Backdoor in Python Script
2023-08-23/a>Xavier MertensMore Exotic Excel Files Dropping AgentTesla
2023-08-12/a>Guy BruneauDShield Sensor Monitoring with a Docker ELK Stack [Guest Diary]
2023-08-11/a>Xavier MertensShow me All Your Windows!
2023-08-01/a>Johannes UllrichSummary of DNS over HTTPS requests against our honeypots.
2023-07-07/a>Xavier MertensDSSuite (Didier's Toolbox) Docker Image Update
2023-06-29/a>Brad DuncanGuLoader- or DBatLoader/ModiLoader-style infection for Remcos RAT
2023-06-22/a>Johannes UllrichApple Patches Exploited Vulnerabilities in iOS/iPadOS, macOS, watchOS and Safari
2023-06-09/a>Xavier MertensUndetected PowerShell Backdoor Disguised as a Profile File
2023-05-07/a>Didier StevensQuickly Finding Encoded Payloads in Office Documents
2023-04-28/a>Xavier MertensQuick IOC Scan With Docker
2023-03-27/a>Johannes UllrichApple Updates Everything (including Studio Display)
2023-03-22/a>Didier StevensWindows 11 Snipping Tool Privacy Bug: Inspecting PNG Files
2023-03-18/a>Xavier MertensOld Backdoor, New Obfuscation
2023-02-19/a>Didier Stevens"Unsupported 16-bit Application" or HTML?
2023-02-09/a>Xavier MertensA Backdoor with Smart Screenshot Capability
2023-02-05/a>Didier StevensVideo: Analyzing Malicious OneNote Documents
2023-02-01/a>Didier StevensDetecting (Malicious) OneNote Files
2023-01-30/a>Johannes UllrichDecoding DNS over HTTP(s) Requests
2023-01-24/a>Johannes UllrichApple Updates (almost) Everything: Patch Overview
2022-12-19/a>Xavier MertensHunting for Mastodon Servers
2022-11-05/a>Guy BruneauWindows Malware with VHD Extension
2022-11-04/a>Xavier MertensRemcos Downloader with Unicode Obfuscation
2022-10-07/a>Xavier MertensPowershell Backdoor with DGA Capability
2022-09-25/a>Didier StevensDownloading Samples From Takendown Domains
2022-09-24/a>Didier StevensMaldoc Analysis Info On MalwareBazaar
2022-09-16/a>Didier StevensWord Maldoc With CustomXML and Renamed VBAProject.bin
2022-09-10/a>Guy BruneauPhishing Word Documents with Suspicious URL
2022-09-09/a>Didier StevensMaldoc With Decoy BASE64
2022-09-04/a>Didier StevensVideo: VBA Maldoc & UTF7 (APT-C-35)
2022-08-29/a>Didier StevensUpdate: VBA Maldoc & UTF7 (APT-C-35)
2022-08-16/a>Didier StevensVBA Maldoc & UTF7 (APT-C-35)
2022-08-11/a>Xavier MertensInfoStealer Script Based on Curl and NSudo
2022-08-10/a>Johannes UllrichAnd Here They Come Again: DNS Reflection Attacks
2022-08-02/a>Johannes UllrichA Little DDoS in the Morning - Followup
2022-08-01/a>Johannes UllrichA Little DDoS In the Morning
2022-07-20/a>Johannes UllrichApple Patches Everything Day
2022-07-10/a>Guy BruneauExcel 4 Emotet Maldoc Analysis using CyberChef
2022-06-26/a>Didier StevensMy Paste Command
2022-06-24/a>Xavier MertensPython (ab)using The Windows GUI
2022-06-21/a>Johannes UllrichExperimental New Domain / Domain Age API
2022-06-12/a>Didier StevensQuickie: Follina, RTF & Explorer Preview Pane
2022-06-06/a>Didier Stevens"ms-msdt" RTF Maldoc Analysis: oledump Plugins
2022-06-05/a>Didier StevensAnalysis Of An "ms-msdt" RTF Maldoc
2022-05-12/a>Rob VandenBrinkWhen Get-WebRequest Fails You
2022-05-09/a>Xavier MertensOctopus Backdoor is Back with a New Embedded Obfuscated Bat File
2022-05-02/a>Didier StevensDetecting VSTO Office Files With ExifTool
2022-04-28/a>Johannes UllrichA Day of SMB: What does our SMB/RPC Honeypot see? CVE-2022-26809
2022-04-24/a>Didier StevensAnalyzing a Phishing Word Document
2022-04-17/a>Didier StevensVideo: Office Protects You From Malicious ISO Files
2022-04-16/a>Didier StevensOffice Protects You From Malicious ISO Files
2022-04-14/a>Johannes UllrichAn Update on CVE-2022-26809 - MSRPC Vulnerabliity - PATCH NOW
2022-04-13/a>Jan KoprivaHow is Ukrainian internet holding up during the Russian invasion?
2022-04-10/a>Didier StevensVideo: Method For String Extraction Filtering
2022-04-09/a>Didier StevensMethod For String Extraction Filtering
2022-04-06/a>Brad DuncanWindows MetaStealer Malware
2022-03-31/a>Johannes UllrichApple Patches Actively Exploited Vulnerability in macOS, iOS and iPadOS,
2022-03-30/a>Didier StevensQuickie: Parsing XLSB Documents
2022-03-29/a>Johannes UllrichMore Fake/Typosquatting Twitter Accounts Asking for Ukraine Crytocurrency Donations
2022-03-27/a>Didier StevensVideo: Maldoc Cleaned by Anti-Virus
2022-03-24/a>Xavier MertensMalware Delivered Through Free Sharing Tool
2022-03-18/a>Johannes UllrichScans for Movable Type Vulnerability (CVE-2021-20837)
2022-03-14/a>Johannes UllrichApple Updates Everything: MacOS 12.3, XCode 13.3, tvOS 15.4, watchOS 8.5, iPadOS 15.4 and more
2022-02-25/a>Didier StevensWindows, Fixed IPv4 Addresses and APIPA
2022-02-24/a>Xavier MertensUkraine & Russia Situation From a Domain Names Perspective
2022-02-11/a>Xavier MertensCinaRAT Delivered Through HTML ID Attributes
2022-02-10/a>Johannes UllrichiOS/iPadOS and MacOS Update: Single WebKit 0-Day Vulnerability Patched
2022-01-27/a>Johannes UllrichApple Patches Everything
2021-12-28/a>Russ McReeLotL Classifier tests for shells, exfil, and miners
2021-12-15/a>Xavier MertensSimple but Undetected PowerShell Backdoor
2021-11-28/a>Didier StevensVideo: YARA Rules for Office Maldocs
2021-11-23/a>Didier StevensYARA Rule for OOXML Maldocs: Less False Positives
2021-11-21/a>Didier StevensBackdooring PAM
2021-11-19/a>Xavier MertensDownloader Disguised as Excel Add-In (XLL)
2021-11-14/a>Didier StevensVideo: Obfuscated Maldoc: Reversed BASE64
2021-11-10/a>Xavier MertensShadow IT Makes People More Vulnerable to Phishing
2021-11-08/a>Xavier Mertens(Ab)Using Security Tools & Controls for the Bad
2021-10-20/a>Xavier MertensThanks to COVID-19, New Types of Documents are Lost in The Wild
2021-10-14/a>Xavier MertensPort-Forwarding with Windows for the Win
2021-10-03/a>Didier StevensVideo: CVE-2021-40444 Maldocs: Extracting URLs
2021-09-25/a>Didier StevensStrings Analysis: VBA & Excel4 Maldoc
2021-09-25/a>Didier StevensVideo: Strings Analysis: VBA & Excel4 Maldoc
2021-09-22/a>Didier StevensAn XML-Obfuscated Office Document (CVE-2021-40444)
2021-09-19/a>Didier StevensVideo: Simple Analysis Of A CVE-2021-40444 .docx Document
2021-09-18/a>Didier StevensSimple Analysis Of A CVE-2021-40444 .docx Document
2021-09-02/a>Xavier MertensAttackers Will Always Abuse Major Events in our Lifes
2021-07-31/a>Guy BruneauUnsolicited DNS Queries
2021-07-24/a>Bojan ZdrnjaActive Directory Certificate Services (ADCS - PKI) domain admin vulnerability
2021-07-21/a>Johannes Ullrich"Summer of SAM": Microsoft Releases Guidance for CVE-2021-36934
2021-07-19/a>Rick WannerNew Windows Print Spooler Vulnerability - CVE-2021-34481
2021-07-08/a>Xavier MertensUsing Sudo with Python For More Security Controls
2021-07-02/a>Xavier Mertens"inception.py"... Multiple Base64 Encodings
2021-06-28/a>Didier StevensCFBF Files Strings Analysis
2021-05-28/a>Xavier MertensMalicious PowerShell Hosted on script.google.com
2021-05-02/a>Didier StevensPuTTY And FileZilla Use The Same Fingerprint Registry Keys
2021-04-22/a>Xavier MertensHow Safe Are Your Docker Images?
2021-02-28/a>Didier StevensMaldocs: Protection Passwords
2021-02-23/a>Jan KoprivaQakbot in a response to Full Disclosure post
2021-02-22/a>Didier StevensUnprotecting Malicious Documents For Inspection
2021-02-21/a>Didier StevensDDE and oledump
2021-01-26/a>Brad DuncanTA551 (Shathak) Word docs push Qakbot (Qbot)
2021-01-25/a>Rob VandenBrinkFun with NMAP NSE Scripts and DOH (DNS over HTTPS)
2021-01-24/a>Didier StevensVideo: Doc & RTF Malicious Document
2021-01-23/a>Didier StevensCyberChef: Analyzing OOXML Files for URLs
2021-01-19/a>Russ McReeGordon for fast cyber reputation checks
2021-01-18/a>Didier StevensDoc & RTF Malicious Document
2021-01-15/a>Guy BruneauObfuscated DNS Queries
2021-01-10/a>Didier StevensMaldoc Analysis With CyberChef
2021-01-09/a>Didier StevensMaldoc Strings Analysis
2020-12-24/a>Xavier MertensMalicious Word Document Delivering an Octopus Backdoor
2020-12-15/a>Didier StevensAnalyzing FireEye Maldocs
2020-12-10/a>Xavier MertensPython Backdoor Talking to a C2 Through Ngrok
2020-11-25/a>Xavier MertensLive Patching Windows API Calls Using PowerShell
2020-11-22/a>Didier StevensQuick Tip: Extracting all VBA Code from a Maldoc - JSON Format
2020-10-31/a>Didier StevensMore File Selection Gaffes
2020-10-26/a>Didier StevensExcel 4 Macros: "Abnormal Sheet Visibility"
2020-10-14/a>Brad DuncanMore TA551 (Shathak) Word docs push IcedID (Bokbot)
2020-09-30/a>Johannes UllrichScans for FPURL.xml: Reconnaissance or Not?
2020-09-02/a>Xavier MertensPython and Risky Windows API Calls
2020-09-01/a>Johannes UllrichExposed Windows Domain Controllers Used in CLDAP DDoS Attacks
2020-08-31/a>Didier StevensFinding The Original Maldoc
2020-08-29/a>Didier StevensMalicious Excel Sheet with a NULL VT Score: More Info
2020-08-25/a>Xavier MertensKeep An Eye on LOLBins
2020-08-19/a>Xavier MertensExample of Word Document Delivering Qakbot
2020-08-16/a>Didier StevensSmall Challenge: A Simple Word Maldoc - Part 3
2020-08-07/a>Brad DuncanTA551 (Shathak) Word docs push IcedID (Bokbot)
2020-08-02/a>Didier StevensSmall Challenge: A Simple Word Maldoc
2020-07-27/a>Johannes UllrichIn Memory of Donald Smith
2020-07-15/a>Brad DuncanWord docs with macros for IcedID (Bokbot)
2020-07-12/a>Didier StevensMaldoc: VBA Purging Example
2020-07-11/a>Guy BruneauScanning Home Internet Facing Devices to Exploit
2020-06-24/a>Jan KoprivaUsing Shell Links as zero-touch downloaders and to initiate network connections
2020-06-12/a>Xavier MertensMalicious Excel Delivering Fileless Payload
2020-06-01/a>Didier StevensXLMMacroDeobfuscator: An Update
2020-05-29/a>Johannes UllrichThe Impact of Researchers on Our Data
2020-05-24/a>Didier StevensZloader Maldoc Analysis With xlm-deobfuscator
2020-05-20/a>Brad DuncanMicrosoft Word document with malicious macro pushes IcedID (Bokbot)
2020-05-19/a>Rick WannerCisco Advisories for FTD, ASA, Firepower 1000
2020-04-30/a>Xavier MertensCollecting IOCs from IMAP Folder
2020-04-26/a>Didier StevensVideo: Malformed .docm File
2020-04-18/a>Guy BruneauMaldoc Falsely Represented as DOCX Invoice Redirecting to Fake Apple Store
2020-04-06/a>Didier StevensPassword Protected Malicious Excel Files
2020-04-05/a>Guy BruneauMaldoc XLS Invoice with Excel 4 Macros
2020-04-04/a>Didier StevensNew Bypass Technique or Corrupt Word Document?
2020-03-30/a>Jan KoprivaCrashing explorer.exe with(out) a click
2020-03-29/a>Didier StevensObfuscated Excel 4 Macros
2020-03-28/a>Didier StevensCovid19 Domain Classifier
2020-03-27/a>Johannes UllrichHelp us classify Covid19 related domains https://isc.sans.edu/covidclassifier.html (login required)
2020-03-23/a>Didier StevensWindows Zeroday Actively Exploited: Type 1 Font Parsing Remote Code Execution Vulnerability
2020-03-16/a>Jan KoprivaDesktop.ini as a post-exploitation tool
2020-03-09/a>Didier StevensMalicious Spreadsheet With Data Connection and Excel 4 Macros
2020-02-24/a>Didier StevensMaldoc: Excel 4 Macros and VBA, Devil and Angel?
2020-02-23/a>Didier StevensMaldoc: Excel 4 Macros in OOXML Format
2020-02-18/a>Jan KoprivaDiscovering contents of folders in Windows without permissions
2020-02-17/a>Didier Stevenscurl and SSPI
2020-02-15/a>Didier Stevensbsdtar on Windows 10
2020-01-22/a>Brad DuncanGerman language malspam pushes Ursnif
2020-01-09/a>Xavier MertensQuick Analyzis of a(nother) Maldoc
2020-01-09/a>Kevin ShorttWindows 7 - End of Life
2019-12-22/a>Didier StevensExtracting VBA Macros From .DWG Files
2019-12-16/a>Didier StevensMalicious .DWG Files?
2019-12-14/a>Didier Stevens(Lazy) Sunday Maldoc Analysis: A Bit More ...
2019-12-09/a>Didier Stevens(Lazy) Sunday Maldoc Analysis
2019-12-05/a>Jan KoprivaE-mail from Agent Tesla
2019-11-25/a>Xavier MertensMy Little DoH Setup
2019-11-08/a>Xavier MertensMicrosoft Apps Diverted from Their Main Use
2019-08-15/a>Didier StevensAnalysis of a Spearphishing Maldoc
2019-08-14/a>Brad DuncanRecent example of MedusaHTTP malware
2019-07-28/a>Didier StevensVideo: Analyzing Compressed PowerShell Scripts
2019-07-17/a>Xavier MertensAnalyzis of DNS TXT Records
2019-07-16/a>Russ McReeCommando VM: The Complete Mandiant Offensive VM
2019-07-06/a>Didier StevensMalicious XSL Files
2019-07-05/a>Didier StevensA "Stream O" Maldoc
2019-07-02/a>Xavier MertensMalicious Script With Multiple Payloads
2019-07-01/a>Didier StevensMaldoc: Payloads in User Forms
2019-06-27/a>Rob VandenBrinkFinding the Gold in a Pile of Pennies - Long Tail Analysis in PowerShell
2019-06-06/a>Xavier MertensKeep an Eye on Your WMI Logs
2019-05-28/a>Didier StevensOffice Document & BASE64? PowerShell!
2019-05-22/a>Johannes UllrichAn Update on the Microsoft Windows RDP "Bluekeep" Vulnerability (CVE-2019-0708) [now with pcaps]
2019-05-10/a>Xavier MertensDSSuite - A Docker Container with Didier's Tools
2019-05-01/a>Didier StevensVBA Office Document: Which Version?
2019-04-27/a>Didier StevensQuick Tip for Dissecting CVE-2017-11882 Exploits
2019-04-24/a>Rob VandenBrinkWhere have all the Domain Admins gone? Rooting out Unwanted Domain Administrators
2019-04-23/a>Didier StevensMalicious VBA Office Document Without Source Code
2019-03-31/a>Didier StevensMaldoc Analysis of the Weekend by a Reader
2019-03-27/a>Xavier MertensRunning your Own Passive DNS Service
2019-03-25/a>Didier Stevens"VelvetSweatshop" Maldocs: Shellcode Analysis
2019-03-23/a>Didier Stevens"VelvetSweatshop" Maldocs
2019-03-17/a>Didier StevensVideo: Maldoc Analysis: Excel 4.0 Macro
2019-03-16/a>Didier StevensMaldoc: Excel 4.0 Macros
2019-03-05/a>Rob VandenBrinkPowershell, Active Directory and the Windows Host Firewall
2019-02-27/a>Didier StevensMaldoc Analysis by a Reader
2019-02-17/a>Didier StevensVideo: Finding Property Values in Office Documents
2019-02-16/a>Didier StevensFinding Property Values in Office Documents
2019-02-11/a>Didier StevensHave You Seen an Email Virus Recently?
2019-02-10/a>Didier StevensVideo: Maldoc Analysis of the Weekend
2019-02-09/a>Didier StevensMaldoc Analysis of the Weekend
2019-01-26/a>Didier StevensVideo: Analyzing Encrypted Malicious Office Documents
2019-01-14/a>Rob VandenBrinkStill Running Windows 7? Time to think about that upgrade project!
2019-01-11/a>Didier StevensQuick Maldoc Analysis
2019-01-07/a>Didier StevensAnalyzing Encrypted Malicious Office Documents
2019-01-02/a>Didier StevensMaldoc with Nonfunctional Shellcode
2018-12-29/a>Didier StevensVideo: De-DOSfuscation Example
2018-12-19/a>Xavier MertensRestricting PowerShell Capabilities with NetSh
2018-12-19/a>Xavier MertensMicrosoft OOB Patch for Internet Explorer: Scripting Engine Memory Corruption Vulnerability
2018-12-17/a>Didier StevensPassword Protected ZIP with Maldoc
2018-12-16/a>Guy BruneauRandom Port Scan for Open RDP Backdoor
2018-12-15/a>Didier StevensDe-DOSfuscation Example
2018-12-12/a>Didier StevensYet Another DOSfuscation Sample
2018-12-07/a>Remco VerhoefA Dive into malicious Docker Containers
2018-12-03/a>Didier StevensWord maldoc: yet another place to hide a command
2018-11-26/a>Russ McReeViperMonkey: VBA maldoc deobfuscation
2018-11-23/a>Didier StevensVideo: Dissecting a CVE-2017-11882 Exploit
2018-11-21/a>Johannes UllrichCritical Vulnerability in Flash Player
2018-11-10/a>Didier StevensVideo: CyberChef: BASE64/XOR Recipe
2018-11-02/a>Didier StevensTriJklcj2HIUCheDES decryption failed?
2018-10-16/a>Didier StevensCyberChef: BASE64/XOR Recipe
2018-10-13/a>Didier StevensMaldoc: Once More It's XOR
2018-10-01/a>Didier StevensDecoding Custom Substitution Encodings with translate.py
2018-09-30/a>Didier StevensWhen DOSfuscation Helps...
2018-08-25/a>Didier StevensMicrosoft Publisher malware: static analysis
2018-08-05/a>Didier StevensVideo: Maldoc analysis with standard Linux tools
2018-07-30/a>Didier StevensMalicious Word documents using DOSfuscation
2018-06-17/a>Didier StevensEncrypted Office Documents
2018-06-13/a>Xavier MertensA Bunch of Compromized Wordpress Sites
2018-06-05/a>Xavier MertensMalicious Post-Exploitation Batch File
2018-05-07/a>Xavier MertensAdding Persistence Via Scheduled Tasks
2018-05-02/a>Russ McReeWindows Commands Reference - An InfoSec Must Have
2018-05-01/a>Xavier MertensDiving into a Simple Maldoc Generator
2018-04-25/a>Johannes UllrichYet Another Drupal RCE Vulnerability
2018-03-05/a>Xavier MertensMalicious Bash Script with Multiple Features
2018-02-02/a>Xavier MertensSimple but Effective Malicious XLS Sheet
2018-01-28/a>Didier StevensIs this a pentest?
2018-01-26/a>Xavier MertensInvestigating Microsoft BITS Activity
2018-01-23/a>Johannes UllrichApple Updates Everything, Again
2018-01-20/a>Didier StevensAn RTF phish
2018-01-08/a>Bojan ZdrnjaMeltdown and Spectre: clearing up the confusion
2018-01-02/a>Didier StevensPDF documents & URLs: video
2017-12-31/a>Didier StevensAnalyzing TNEF files
2017-12-25/a>Didier StevensDealing with obfuscated RTF files
2017-12-24/a>Didier StevensPDF documents & URLs: update
2017-12-23/a>Didier StevensEncrypted PDFs
2017-12-19/a>Xavier MertensExample of 'MouseOver' Link in a Powerpoint File
2017-12-18/a>Didier StevensPhish or scam? - Part 2
2017-12-17/a>Didier StevensPhish or scam? - Part 1
2017-12-13/a>Xavier MertensTracking Newly Registered Domains
2017-12-09/a>Didier StevensSometimes it's a dud
2017-12-02/a>Xavier MertensUsing Bad Material for the Good
2017-11-25/a>Guy BruneauExim Remote Code Exploit
2017-11-16/a>Xavier MertensSuspicious Domains Tracking Dashboard
2017-11-15/a>Xavier MertensIf you want something done right, do it yourself!
2017-11-11/a>Xavier MertensKeep An Eye on your Root Certificates
2017-11-06/a>Didier StevensMetasploit's Maldoc
2017-11-05/a>Didier StevensExtracting the text from PDF documents
2017-11-04/a>Didier StevensPDF documents & URLs
2017-10-20/a>Rick WannerOne year Anniversary of Dyn DDOS
2017-09-28/a>Xavier MertensThe easy way to analyze huge amounts of PCAP data
2017-09-18/a>Xavier MertensCCleaner 5.33 compromised - http://www.piriform.com/news/release-announcements/2017/9/18/security-notification-for-ccleaner-v5336162-and-ccleaner-cloud-v1073191-for-32-bit-windows-users
2017-09-14/a>Xavier MertensAnother webshell, another backdoor!
2017-09-10/a>Didier StevensIt is a resume - Part 3
2017-08-20/a>Didier StevensIt's Not An Invoice ...
2017-08-17/a>Xavier MertensMaldoc with auto-updated link
2017-08-10/a>Didier StevensMaldoc Analysis with ViperMonkey
2017-07-30/a>Renato MarinhoSMBLoris - the new SMB flaw
2017-07-29/a>Didier StevensMaldoc Submitted and Analyzed
2017-07-28/a>Didier StevensStatic Analysis of Emotet Maldoc
2017-07-15/a>Didier StevensOffice maldoc + .lnk
2017-07-10/a>Didier StevensBasic Office maldoc analysis
2017-07-09/a>Russ McReeAdversary hunting with SOF-ELK
2017-07-07/a>Renato MarinhoDDoS Extortion E-mail: Yet Another Bluff?
2017-07-05/a>Didier StevensSelecting domains with random names
2017-05-20/a>Xavier MertensTyposquatting: Awareness and Hunting
2017-05-12/a>Xavier MertensWhen Bad Guys are Pwning Bad Guys...
2017-05-03/a>Bojan ZdrnjaOAUTH phishing against Google Docs ? beware!
2017-04-28/a>Xavier MertensAnother Day, Another Obfuscation Technique
2017-04-23/a>Didier StevensMalicious Documents: A Bit Of News
2017-04-21/a>Xavier MertensAnalysis of a Maldoc with Multiple Layers of Obfuscation
2017-03-05/a>Didier StevensAnother example of maldoc string obfuscation, with extra bonus: UAC bypass
2017-02-28/a>Xavier MertensAnalysis of a Simple PHP Backdoor
2017-02-26/a>Didier StevensCRA Maldoc Analysis
2017-02-10/a>Brad DuncanHancitor/Pony malspam
2017-01-18/a>Rob VandenBrinkMaking Windows 10 a bit less "Creepy" - Common Privacy Settings
2017-01-12/a>Mark BaggettSystem Resource Utilization Monitor
2016-12-29/a>Rick WannerMore on Protocol 47 denys
2016-12-24/a>Didier StevensPinging All The Way
2016-12-19/a>John BambenekUPDATED x1: Mirai Scanning for Port 6789 Looking for New Victims / Now hitting tcp/23231
2016-12-10/a>Didier StevensSleeping VBS Really Wants To Sleep
2016-12-09/a>Rick WannerMirai - now with DGA
2016-12-05/a>Didier StevensHancitor Maldoc Videos
2016-11-18/a>Didier StevensVBA Shellcode and Windows 10
2016-11-12/a>Didier StevensVBA Shellcode and EMET
2016-11-05/a>Xavier MertensFull Packet Capture for Dummies
2016-10-26/a>Johannes UllrichCritical Flash Player Update APSB16-36
2016-10-22/a>Guy BruneauRequest for Packets TCP 4786 - CVE-2016-6385
2016-10-17/a>Didier StevensMaldoc VBA Anti-Analysis: Video
2016-10-16/a>Didier StevensAnalyzing Office Maldocs With Decoder.xls
2016-10-15/a>Didier StevensMaldoc VBA Anti-Analysis
2016-10-13/a>Jim ClausingNew tool: docker-mount.py
2016-09-26/a>Didier StevensVBA and P-code
2016-09-13/a>Rob VandenBrinkIf it's Free, YOU are the Product
2016-09-13/a>Rob VandenBrinkApple iOS 10 and 10.0.1 Released
2016-08-29/a>Russ McReeRecommended Reading: Intrusion Detection Using Indicators of Compromise Based on Best Practices and Windows Event Logs
2016-08-06/a>Didier Stevensrtfdump
2016-08-02/a>Tom WebbWindows 10 Anniversary Update Available
2016-07-30/a>Didier Stevensrtfobj
2016-07-29/a>Didier StevensMalicious RTF Files
2016-07-19/a>Didier StevensOffice Maldoc: Let's Focus on the VBA Macros Later...
2016-07-12/a>Xavier MertensHunting for Malicious Files with MISP + OSSEC
2016-06-17/a>Johannes UllrichCritical Adobe Flash Update. Patch Now
2016-06-01/a>Xavier MertensDocker Containers Logging
2016-05-29/a>Guy BruneauAnalysis of a Distributed Denial of Service (DDoS)
2016-05-22/a>Pasquale StirparoThe strange case of WinZip MRU Registry key
2016-05-18/a>Russ McReeResources: Windows Auditing & Monitoring, Linux 2FA
2016-05-12/a>Xavier MertensAdobe Released Updates to Fix Critical Vulnerability
2016-04-15/a>Xavier MertensWindows Command Line Persistence?
2016-03-30/a>Xavier MertensWhat to watch with your FIM?
2016-03-29/a>Didier StevensVBE: Encoded VBS Script
2016-03-15/a>Xavier MertensDockerized DShield SSH Honeypot
2016-03-11/a>Jim ClausingForensicating Docker, Part 1
2016-03-08/a>Rick WannerCritical Adobe Updates - March 2016
2016-02-21/a>Didier StevensTip: Quick Analysis of Office Maldoc
2016-02-18/a>Xavier MertensHunting for Executable Code in Windows Environments
2016-02-09/a>Johannes UllrichAdobe Patch Tuesday - February 2016
2016-02-07/a>Rick WannerDDOS is down, but still a concern for ISPs
2016-01-31/a>Guy BruneauWindows 10 and System Protection for DATA Default is OFF
2016-01-21/a>Jim ClausingScanning for Fortinet ssh backdoor
2016-01-13/a>Alex StanfordYou Have Got a New Audio Message - Guest Diary by Pasquale Stirparo
2016-01-11/a>Didier StevensBlackEnergy .XLS Dropper
2015-12-28/a>Rick WannerAdobe Flash and Adobe AIR Updates - https://helpx.adobe.com/security/products/flash-player/apsb16-01.html
2015-12-26/a>Didier StevensMalfunctioning Malware
2015-12-09/a>Xavier MertensEnforcing USB Storage Policy with PowerShell
2015-11-21/a>Didier StevensMaldoc Social Engineering Trick
2015-10-16/a>Alex StanfordAdobe Flash Update
2015-10-13/a>Alex StanfordAdobe Updates Acrobat and Adobe Reader
2015-10-09/a>Guy BruneauAdobe Acrobat and Reader Pre-Announcement
2015-09-28/a>Johannes Ullrich"Transport of London" Malicious E-Mail
2015-09-19/a>Didier StevensDon't launch that file Adobe Reader!
2015-08-28/a>Didier StevensTest File: PDF With Embedded DOC Dropping EICAR
2015-08-26/a>Didier StevensPDF + maldoc1 = maldoc2
2015-08-12/a>Rob VandenBrinkWindows Service Accounts - Why They're Evil and Why Pentesters Love them!
2015-07-27/a>Daniel WesemannAngler's best friends
2015-07-14/a>Johannes UllrichAdobe Updates Flash Player, Shockwave and PDF Reader
2015-07-12/a>Rick WannerAnother Adobe Flash Zero Day http://www.kb.cert.org/vuls/id/338736
2015-06-26/a>Daniel WesemannCisco default credentials - again!
2015-06-23/a>Kevin ShorttXOR DDOS Mitigation and Analysis
2015-06-23/a>Kevin ShorttAdobe Flash Player Update - https://helpx.adobe.com/security/products/flash-player/apsb15-14.html
2015-05-15/a>Didier StevensAnother Maldoc? I'm Afraid So...
2015-05-09/a>Didier StevensMalicious Word Document: This Time The Maldoc Is A MIME File
2015-04-28/a>Daniel WesemannScammy Nepal earthquake donation requests
2015-04-10/a>Didier StevensThe Kill Chain: Now With Pastebin
2015-03-30/a>Didier StevensYARA Rules For Shellcode
2015-03-14/a>Didier StevensMaldoc VBA Sandbox/Virtualization Detection
2015-02-27/a>Rick WannerDDOS are way down? Why?
2015-02-20/a>Tom WebbFast analysis of a Tax Scam
2015-02-19/a>Daniel WesemannDNS-based DDoS
2015-02-05/a>Johannes UllrichAdobe Flash Player Update Released, Fixing CVE 2015-0313
2015-02-02/a>Stephen HallNew Adobe Flash Vulnerability - CVE-2015-0313
2015-01-26/a>Russ McReeAdobe updates Security Advisory for Adobe Flash Player, Infocon returns to green
2015-01-23/a>Adrien de BeaupreInfocon change to yellow for Adobe Flash issues
2014-11-11/a>Johannes UllrichAdobe Flash Update
2014-10-14/a>Johannes UllrichAdobe October 2014 Bulletins for Flash Player and Coldfusion
2014-09-16/a>Daniel Wesemannhttps://yourfakebank.support -- TLD confusion starts!
2014-09-16/a>Mark HofmanFreeBSD Denial of Service advisory (CVE-2004-0230)
2014-08-31/a>Rick Wanner1900/UDP (SSDP) Scanning and DDOS
2014-08-25/a>Jim ClausingUDP port 1900 DDoS traffic
2014-08-17/a>Rick WannerPart 2: Is your home network unwittingly contributing to NTP DDOS attacks?
2014-08-17/a>Rick WannerPart 1: Is your home network unwittingly contributing to NTP DDOS attacks?
2014-08-15/a>Tom WebbAppLocker Event Logs with OSSEC 2.8
2014-08-12/a>Adrien de BeaupreAdobe updates for 2014/08
2014-07-09/a>Daniel WesemannWho owns your typo?
2014-07-08/a>Johannes UllrichHardcoded Netgear Prosafe Switch Password
2014-07-05/a>Guy BruneauJava Support ends for Windows XP
2014-07-02/a>Johannes UllrichCisco Unified Communications Domain Manager Update
2014-06-24/a>Kevin ShorttNTP DDoS Counts Have Dropped
2014-06-02/a>Rick WannerUsing nmap to scan for DDOS reflectors
2014-04-30/a>Russ McReeUltraDNS DDOS
2014-04-28/a>Russ McReeAdobe Security Bulletin: Security updates available for Adobe Flash Player http://adobe.ly/QVjO72
2014-04-08/a>Rick WannerSecurity Updates available for Adobe Flash Player - http://helpx.adobe.com/security/products/flash-player/apsb14-09.html
2014-04-06/a>Basil Alawi S.Taher"Power Worm" PowerShell based Malware
2014-04-04/a>Rob VandenBrinkWindows 8.1 Released
2014-03-24/a>Johannes UllrichNew Microsoft Advisory: Unpatched Word Flaw used in Targeted Attacks
2014-03-13/a>Daniel WesemannAdobe Shockwave Player critical update: http://helpx.adobe.com/security/products/shockwave/apsb14-10.html
2014-03-12/a>Johannes UllrichWordpress "Pingback" DDoS Attacks
2014-03-11/a>Johannes UllrichAdobe Updates: Flash Player
2014-03-04/a>Daniel WesemannXPired!
2014-02-20/a>Stephen HallAbobe out of band patch announcement (APSB14-07)
2014-02-17/a>Chris MohanNTP reflection attacks continue
2014-02-11/a>Johannes UllrichAdobe February 2014 Patch Tuesday
2014-02-05/a>Johannes UllrichTo Merrillville or Sochi: How Dangerous is it to travel?
2014-02-04/a>Johannes UllrichAdobe Flash Player Emergency Patch
2014-01-30/a>Johannes UllrichNew gTLDs appearing in the root zone
2014-01-14/a>Johannes UllrichAdobe Patch Tuesday January 2014
2014-01-10/a>Basil Alawi S.TaherWindows Autorun-3
2014-01-10/a>Basil Alawi S.TaherCisco Small Business Devices backdoor fix
2014-01-04/a>Tom WebbMonitoring Windows Networks Using Syslog (Part One)
2014-01-02/a>Johannes UllrichScans Increase for New Linksys Backdoor (32764/TCP)
2013-12-24/a>Daniel WesemannUnfriendly crontab additions
2013-12-21/a>Guy BruneauStrange DNS Queries - Request for Packets
2013-12-21/a>Daniel WesemannAdobe phishing underway
2013-12-16/a>Tom WebbThe case of Minerd
2013-12-10/a>Rob VandenBrinkAdobe Updates today as well.
2013-11-22/a>Rick WannerPort 0 DDOS
2013-11-22/a>Rick WannerTales of Password Reuse
2013-11-05/a>Daniel WesemannIs your vacuum cleaner sending spam?
2013-10-30/a>Russ McReeSIR v15: Five good reasons to leave Windows XP behind
2013-10-24/a>Johannes UllrichAre you a small business that experienced a DoS attack?
2013-10-09/a>Johannes UllrichOther Patch Tuesday Updates (Adobe, Apple)
2013-10-08/a>Johannes UllrichCSAM: ANY queries used in reflective DoS attack
2013-10-05/a>Richard PorterAdobe Breach Notification, Notifications?
2013-10-04/a>Johannes UllrichThe Adobe Breach FAQ
2013-10-03/a>Johannes UllrichOctober Patch Tuesday Preview (CVE-2013-3893 patch coming!)
2013-10-02/a>John BambenekObamacare related domain registration spike, Government shutdown domain registration beginning
2013-09-23/a>Rob VandenBrinkHow do you spell "PSK"?
2013-09-10/a>Swa FrantzenAdobe September 2013 Black Tuesday Overview
2013-07-27/a>Scott FendleyDefending Against Web Server Denial of Service Attacks
2013-07-12/a>Johannes UllrichDNS resolution is failing for Microsofts Teredo server (teredo.ipv6.microsoft.com)
2013-07-12/a>Johannes UllrichMicrosoft Teredo Server "Sunset"
2013-07-09/a>Swa FrantzenAdobe July 2013 Black Tuesday Overview
2013-06-11/a>Swa FrantzenAdobe June 2013 Black Tuesday Overview
2013-06-05/a>Richard PorterBIND 9 Update fixing CVE-2013-3919
2013-05-21/a>Adrien de BeaupreMoore, Oklahoma tornado charitable organization scams, malware, and phishing
2013-05-20/a>Guy BruneauSafe - Tools, Tactics and Techniques
2013-05-14/a>Swa FrantzenAdobe May 2013 Black Tuesday Overview
2013-05-10/a>Johannes UllrichMicrosoft and Adobe Patch Tuesday Pre-Release
2013-05-09/a>John BambenekAdobe Releases 0-day Security Advisory for Coldfusion, Exploit Code Available. Advisory here: http://www.adobe.com/support/security/advisories/apsa13-03.html
2013-05-08/a>Johannes Ullrich"De Flashing" the ISC Web Site and Flash XSS issues
2013-04-21/a>John BambenekA Chargen-based DDoS? Chargen is still a thing?
2013-04-09/a>Swa FrantzenAdobe April 2013 Black Tuesday Overview
2013-03-28/a>John BambenekWhere Were You During the Great DDoS Cybergeddon of 2013?
2013-03-27/a>Rob VandenBrinkSeveral Cisco IOS DOS Issues Resolved
2013-03-19/a>Johannes UllrichWindows 7 SP1 and Windows Server 2008 R2 SP1 Being "pushed" today
2013-03-19/a>Johannes UllrichScam of the day: More fake CNN e-mails
2013-03-18/a>Kevin ShorttSpamhaus DDOS
2013-03-12/a>Swa FrantzenAdobe March 2013 Black Tueday
2013-03-09/a>Guy BruneauIPv6 Focus Month: IPv6 Encapsulation - Protocol 41
2013-02-28/a>Daniel WesemannParsing Windows Eventlogs in Powershell
2013-02-27/a>Adam SwangerAdobe Flash Player Security Update - http://www.adobe.com/support/security/bulletins/apsb13-08.html
2013-02-20/a>Johannes UllrichUpdate Palooza
2013-02-17/a>Guy BruneauAdobe Acrobat and Reader Security Update Planned this Week
2013-02-16/a>Lorna HutchesonFedora RedHat Vulnerabilty Released
2013-02-13/a>Swa FrantzenMore adobe reader and acrobat (PDF) trouble
2013-02-07/a>John BambenekAdobe Releases Patches for 0-day Vulnerability in Flash Player for Windows and Mac, Upgrade now: http://www.adobe.com/support/security/bulletins/apsb13-04.html
2013-01-09/a>Rob VandenBrinkSecurity Updates for Adobe Reader / Acrobat - http://www.adobe.com/support/security/bulletins/apsb13-02.html
2013-01-09/a>Rob VandenBrinkSecurity Updates for Adobe Flash - http://www.adobe.com/support/security/bulletins/apsb13-01.html
2013-01-08/a>Richard PorterAdobe Security Bulletins http://blogs.adobe.com/psirt/2013/01/adobe-security-bulletins-posted-4.html
2013-01-04/a>Daniel WesemannPatch pre-notification from Adobe and Microsoft
2012-12-06/a>Daniel WesemannComodo DNS hiccup on usertrust.com
2012-11-08/a>Daniel WesemannAdobe Patches
2012-10-24/a>Rob VandenBrinkTime to run Windows Update - - Microsoft Updates KB2755801 for Windows RT / IE10 / Flash Player - http://technet.microsoft.com/en-us/security/advisory/2755801
2012-10-10/a>Kevin ShorttCyber Security Awareness Month - Day 10 - Standard Sudo - Part Two
2012-10-09/a>Johannes UllrichAdobe Flash Player update http://www.adobe.com/support/security/bulletins/apsb12-22.html
2012-10-03/a>Kevin ShorttCyber Security Awareness Month - Day 3 - Standard Sudo - Part One
2012-09-20/a>Russ McReeFinancial sector advisory: attacks and threats against financial institutions
2012-08-21/a>Adrien de BeaupreYYABCAFU - Yes Yet Another Bleeping Critical Adobe Flash Update
2012-08-15/a>Guy BruneauCisco IOS XR Software Route Processor DoS Vulnerability - http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr
2012-08-14/a>Rick WannerAdobe Security Bulletins - http://blogs.adobe.com/psirt/2012/08/adobe-security-bulletins-posted-2.html
2012-07-19/a>Mark BaggettDiagnosing Malware with Resource Monitor
2012-07-03/a>Johannes Ullrichocsp.comodoca.com blocklisted (by comodo itself)
2012-06-25/a>Guy BruneauIssues with Windows Update Agent
2012-06-12/a>Swa FrantzenAdobe June 2012 Black Tuesday patches
2012-05-25/a>Guy BruneauTechnical Analysis of Flash Player CVE-2012-0779
2012-05-22/a>Johannes UllrichThe "Do Not Track" header
2012-05-21/a>Kevin ShorttDNS ANY Request Cannon - Need More Packets
2012-05-18/a>Johannes UllrichZTE Score M Android Phone backdoor
2012-05-12/a>Tony CarothersAdobe Update to Vulnerabilities
2012-05-08/a>Bojan ZdrnjaWindows Firewall Bypass Vulnerability and NetBIOS NS
2012-05-06/a>Jim ClausingTool updates and Win 8
2012-05-04/a>Guy BruneauAdobe Security Flash Update
2012-04-10/a>Swa FrantzenWindows Vista RIP
2012-04-10/a>Swa FrantzenAdobe April 2012 Black Tuesday Update
2012-04-06/a>Johannes UllrichAdobe Patch Tuesday Prerelease (Reader/Acrobat) http://www.adobe.com/support/security/bulletins/apsb12-08.html
2012-03-30/a>Daniel WesemannTomorrow, the world will end
2012-03-28/a>Kevin ShorttAdobe Flash Player APSB12-07 - 28 March 2012
2012-03-16/a>Russ McReeMS12-020 RDP vulnerabilities: Patch, Mitigate, Detect
2012-03-13/a>Lenny ZeltserPlease transfer this email to your CEO or appropriate person, thanks
2012-03-05/a>Johannes UllrichAdobe Flash Player Security Update
2012-02-16/a>Johannes UllrichAdobe Flash Player Update
2012-02-14/a>Johannes UllrichAdobe Shockwave Player and RoboHelp for Word Patches
2012-01-22/a>Johannes UllrichJavascript DDoS Tool Analysis
2012-01-10/a>Adrien de BeaupreAdobe January 2012 Black Tuesday overview
2011-12-28/a>Daniel WesemannHash collisions vulnerability in web servers
2011-12-21/a>Johannes UllrichNew Vulnerability in Windows 7 64 bit
2011-12-13/a>Johannes UllrichDecember 2011 Adobe Black Tuesday
2011-12-08/a>Adrien de BeaupreNewest Adobe Flash 11.1.102.55 and Previous 0 Day Exploit
2011-12-07/a>Lenny ZeltserAdobe Acrobat Latest Zero-Day Vulnerability Fix Coming to All Platforms by January 10
2011-11-15/a>Adrien de Beauprewww.disa.mil down?
2011-11-11/a>Rick WannerAdobe Air updated to 3.1.0.4880
2011-11-08/a>Swa FrantzenAbobe November 2011 Black Tuesday Overview
2011-11-03/a>Richard PorterAn Apple, Inc. Sandbox to play in.
2011-10-05/a>Johannes UllrichAdobe SSL Certificate Problem (fixed)
2011-10-01/a>Mark HofmanAdobe Photoshop for Windows Vulnerability (CVE-2011-2443)
2011-09-21/a>Swa FrantzenEmergency patch expected for Flash Player
2011-09-21/a>Guy BruneauAdobe Release Flash Player 10.3.183.10 available at http://get.adobe.com/flashplayer/
2011-09-09/a>Guy BruneauAdobe Publish its List of Trusted Root Certificate - http://www.adobe.com/security/approved-trust-list.html
2011-09-09/a>Guy BruneauAdobe plan to release critical security updates next Tuesday for Acrobat and Reader http://www.adobe.com/support/security/bulletins/apsb11-24.html
2011-08-30/a>Johannes UllrichApache patch out for "byte range" DoS vulnerability http://www.apache.org/dist/httpd/Announcement2.2.html
2011-08-26/a>Daniel WesemannAdobe Flash stability update to 10.3.183.7. See http://forums.adobe.com/message/3883150
2011-08-25/a>Kevin ShorttRevival of an Unpatched Apache HTTPD DoS
2011-08-09/a>Swa FrantzenAdobe August 2011 Black Tuesday Overview
2011-07-09/a>Chris MohanSafer Windows Incident Response
2011-07-04/a>Deborah HaleVSFTP Backdoor in Source Code
2011-06-30/a>Rob VandenBrinkUpdate for RSA Authentication Manager
2011-06-30/a>Guy BruneauAdobe Release Flash Player 10.3.181.34 available at http://get.adobe.com/flashplayer/
2011-06-14/a>Swa FrantzenAdobe releases patches
2011-06-09/a>Richard PorterOne Browser to Rule them All?
2011-06-06/a>Johannes UllrichAdobe releases Flash Player patch on a Sunday to combat latest 0day http://www.adobe.com/support/security/bulletins/apsb11-13.html
2011-06-01/a>Johannes UllrichEnabling Privacy Enhanced Addresses for IPv6
2011-05-20/a>Guy BruneauDistributed Denial of Service Cheat Sheet
2011-05-12/a>Chris MohanSecurity updates available for Flash Player, RoboHelp, Audition, and Flash Media Server
2011-05-03/a>Johannes UllrichAnalyzing Teredo with tshark and Wireshark
2011-04-21/a>Guy BruneauAdobe Reader and Acrobat Security Updates
2011-04-14/a>Johannes UllrichUpdate to Adobe Flash 0-day: Patch will be out soon
2011-04-11/a>Johannes UllrichYet another Adobe Flash/Reader/Acrobat 0 day
2011-04-05/a>Mark HofmanSony DDOS
2011-04-05/a>Mark HofmanDNS.be DDOS
2011-03-27/a>Guy BruneauStrange Shockwave File with Surprising Attachments
2011-03-23/a>Johannes UllrichMicrosoft Advisory about fraudulent SSL Certificates
2011-03-23/a>Johannes UllrichComodo RA Compromise
2011-03-22/a>Kevin ShorttAdobe Reader/Acrobat Security Update - http://www.adobe.com/support/security/bulletins/apsb11-06.html
2011-03-15/a>Lenny ZeltserLimiting Exploit Capabilities by Using Windows Integrity Levels
2011-03-14/a>Bojan ZdrnjaAdobe Flash 0-day being used in targeted attacks
2011-03-04/a>Mark HofmanDDOS, the new black?
2011-03-02/a>Chris MohanUpdates: Firefox 3.6.14/3.5.17, Thunderbird 3.1.8, Adobe Flash v10.2.152.32 & WireShark 1.4.4
2011-02-24/a>Johannes UllrichWindows 7 / 2008 R2 Service Pack 1 Problems
2011-02-23/a>Johannes UllrichWindows 7 Service Pack 1 out
2011-02-16/a>Jason LamWindows 0-day SMB mrxsmb.dll vulnerability
2011-02-12/a>Kevin ListonDDoS Analysis Process
2011-02-10/a>Chris MohanBefriending Windows Security Log Events
2011-02-09/a>Mark HofmanAdobe Patches (shockwave, Flash, Reader & Coldfusion)
2011-01-29/a>Mark HofmanSourceforge attack
2011-01-27/a>Guy BruneauISC DHCP DHCPv6 Vulnerability
2011-01-24/a>Rob VandenBrinkWhere have all the COM Ports Gone? - How enumerating COM ports led to me finding a “misplaced” Microsoft tool
2011-01-06/a>Johannes UllrichFlash Local-with-filesystem Sandbox Bypass
2011-01-04/a>Johannes UllrichMicrosoft Advisory: Vulnerability in Graphics Rendering Engine
2010-12-22/a>John BambenekIIS 7.5 0-Day DoS (processing FTP requests)
2010-12-15/a>Johannes UllrichOpenBSD IPSec "Backdoor"
2010-12-09/a>Mark HofmanHaving a look at the DDOS tool used in the attacks today
2010-12-08/a>Rob VandenBrinkInteresting DDOS activity around Wikileaks
2010-12-02/a>Kevin JohnsonProFTPD distribution servers compromised
2010-11-24/a>Bojan ZdrnjaPrivilege escalation 0-day in almost all Windows versions
2010-11-22/a>Lenny ZeltserAdobe Acrobat Spam Going Strong - More to Come?
2010-11-19/a>Jason LamAdobe Reader X - Sandbox
2010-11-17/a>Guy BruneauConficker B++ Activated on Nov 15
2010-11-04/a>Johannes UllrichToday's Adobe Patches and Vulnerablities
2010-10-28/a>Manuel Humberto Santander PelaezCVE-2010-3654 - New dangerous 0-day authplay library adobe products vulnerability
2010-10-26/a>Pedro BuenoCyber Security Awareness Month - Day 26 - Sharing Office Files
2010-10-06/a>Robert DanfordAdobe updates: http://www.adobe.com/support/security/bulletins/apsb10-21.html
2010-09-14/a>Adrien de BeaupreAdobe Flash v10.1.82.76 and earlier vulnerability in-the-wild
2010-09-14/a>Adrien de BeaupreBlackEnergy DDoS
2010-09-13/a>Manuel Humberto Santander Pelaez Enhanced Mitigation Experience Toolkit can block Adobe 0-day exploit
2010-09-13/a>Manuel Humberto Santander PelaezAdobe SING table parsing exploit (CVE-2010-2883) in the wild
2010-09-12/a>Manuel Humberto Santander PelaezAdobe Acrobat pushstring Memory Corruption paper
2010-09-08/a>John BambenekAdobe Acrobat/Reader 0-day in Wild, Adobe Issues Advisory
2010-08-30/a>Adrien de BeaupreApple QuickTime potential vulnerability/backdoor
2010-08-25/a>Pedro BuenoAdobe released security update for Shockwave player that fix several CVEs: APSB1020
2010-08-19/a>Rob VandenBrinkDon points us to multiple Adobe updates (Reader and Acrobat 9.3.4 among them) ==> http://www.adobe.com/support/downloads/new.jsp
2010-08-18/a>Guy BruneauAdobe out-of-cycle Updates
2010-08-16/a>Raul SilesDDOS: State of the Art
2010-08-13/a>Guy BruneauCisco IOS Software 15.1(2)T TCP DoS
2010-08-10/a>Jason LamAdobe critical security updates
2010-08-07/a>Stephen HallDnsMadeEasy under a "quite large and unique" ddos.
2010-08-05/a>Manuel Humberto Santander PelaezAdobe Acrobat Font Parsing Integer Overflow Vulnerability
2010-08-04/a>Adrien de BeaupreMultiple Cisco Advisories
2010-08-02/a>Manuel Humberto Santander PelaezSecuring Windows Internet Kiosk
2010-07-21/a>Adrien de BeaupreAdobe Reader Protected Mode
2010-06-29/a>donald smithAdobe Reader 9.3.3/8.2.3 addressing CVE-2010-1297
2010-06-16/a>Kevin ShorttAdobe Flash Player 10.1 - Security Update Available
2010-06-15/a>Manuel Humberto Santander PelaezMicrosoft Windows Help and Support Center vulnerability (CVE 2010-1885) exploit in the wild
2010-06-09/a>Deborah HaleAdobe POC in the Wild
2010-06-09/a>Deborah HaleBest Practice to Prevent PDF Attacks
2010-06-05/a>Guy BruneauSecurity Advisory for Flash Player, Adobe Reader and Acrobat
2010-05-12/a>Rob VandenBrinkAdobe Shockwave Update
2010-05-08/a>Guy BruneauWireshark DOCSIS Dissector DoS Vulnerability
2010-04-13/a>Adrien de BeaupreSecurity update available for Adobe Reader and Acrobat
2010-04-09/a>Mark HofmanAdobe launch issue response/work around.
2010-03-31/a>Johannes UllrichPDF Arbitrary Code Execution - vulnerable by design.
2010-03-24/a>Johannes Ullrich".sys" Directories Delivering Driveby Downloads
2010-03-24/a>Kyle HaugsnessWax nostalgic - commodore64 updated to present time
2010-02-16/a>Jim ClausingTeredo request for packets
2010-02-16/a>Johannes UllrichTeredo "stray packet" analysis
2010-02-16/a>Robert DanfordAdobe Updates: http://www.adobe.com/support/security/bulletins/apsb10-07.html http://www.adobe.com/support/security/bulletins/apsb10-06.html
2010-02-12/a>G. N. WhiteAdobe Flash Player 10.0.45.2 and AIR 1.5.3.9130 released to correct vulnerability CVE-2010-0186 Details: http://www.adobe.com/support/security/bulletins/apsb10-06.html
2010-02-11/a>Deborah HaleThe Mysterious Blue Screen
2010-02-02/a>Guy BruneauAdobe ColdFusion Information Disclosure
2010-02-02/a>Johannes UllrichPushdo Update
2010-01-30/a>Stephen HallGot PushDo SSL packets?
2010-01-22/a>Mari NicholsPass-down for a Successful Incident Response
2010-01-21/a>Chris CarboniSecurity Update Available for Shockwave Player
2010-01-19/a>Jim Clausing49Gbps DDoS, IPv4 exhaustion, and DNSSEC, oh my!
2010-01-14/a>Bojan ZdrnjaPDF Babushka
2010-01-12/a>Johannes UllrichMicrosoft Advices XP Users to Uninstall Flash Player 6
2010-01-12/a>Johannes UllrichPre-Announced Adobe Reader and Acrobat Patch Found!
2010-01-07/a>Daniel WesemannStatic analysis of malicious PDFs
2010-01-07/a>Daniel WesemannStatic analysis of malicous PDFs (Part #2)
2010-01-06/a>Johannes UllrichDenial of Service Attack Aftermath (and what did Iran have to do with it?)
2009-12-30/a>Guy BruneauKDC DoS in cross-realm referral processing
2009-12-24/a>Guy BruneauF5 BIG-IP ASM and PSM Remote Buffer Overflow
2009-12-15/a>Johannes UllrichAdobe 0-day in the wild - again
2009-12-09/a>Swa FrantzenAdobe flash player and air patched
2009-12-09/a>Swa Frantzenntpd upgrade to prevent spoofed looping
2009-12-03/a>Mark HofmanNext week will be a big patch week - Adobe is also releasing patches "Adobe is planning to release an update for Adobe Flash Player 10.0.32.18 and earlier versions, and an update to Adobe AIR 1.5.2 and earlier versions, to resolve critical security issues
2009-11-14/a>Adrien de BeaupreMicrosoft advisory for Windows 7 / Windows Server 2008 R2 Remote SMB DoS Exploit released
2009-11-13/a>Deborah HalePushdo/Cutwail Spambot - A Little Known BIG Problem
2009-11-12/a>Rob VandenBrinkWindows 7 / Windows Server 2008 Remote SMB Exploit
2009-11-03/a>Bojan ZdrnjaAdobe released Shockwave Player 11.5.2.602 which fixes several critical security vulnerabilities
2009-10-24/a>Marcus SachsWindows 7 - How is it doing?
2009-10-13/a>Daniel WesemannAdobe Reader and Acrobat - Black Tuesday continues
2009-10-08/a>Johannes UllrichNew Adobe Vulnerability Exploited in Targeted Attacks
2009-10-05/a>Adrien de BeaupreCyber Security Awareness Month - Day 5 port 31337
2009-10-04/a>Guy BruneauSamba Security Information Disclosure and DoS
2009-09-09/a>Mark HofmanPossible DDOS on gov.au sites starting tonight?
2009-09-08/a>Guy BruneauVista/2008/Windows 7 SMB2 BSOD 0Day
2009-09-08/a>Guy BruneauCisco Security Advisory TCP DoS
2009-08-26/a>Johannes UllrichWSUS 3.0 SP2 released
2009-08-18/a>Deborah HaleSecurity Bulletin for ColdFusion and JRun
2009-08-08/a>Guy BruneauXML Libraries Data Parsing Vulnerabilities
2009-07-31/a>Deborah HaleAdobe Patch is out
2009-07-29/a>Bojan ZdrnjaBIND 9 DoS attacks in the wild
2009-07-22/a>Bojan ZdrnjaYA0D (Yet Another 0-Day) in Adobe Flash player
2009-07-16/a>Guy BruneauChanges in Windows Security Center
2009-07-09/a>John BambenekLatest Updates on Ongoing DDoS on Governmental/Commercial Websites in USA and S. Korea
2009-07-08/a>Marcus SachsRFI: DDoS Against Government and Civilian Web Sites
2009-07-02/a>Daniel WesemannTime to update updating on PCs for 3rd party apps
2009-06-24/a>Kyle HaugsnessAdobe Shockwave Player Update
2009-06-23/a>Bojan ZdrnjaSlowloris and Iranian DDoS attacks
2009-06-21/a>Bojan ZdrnjaApache HTTP DoS tool mitigation
2009-06-18/a>Bojan ZdrnjaApache HTTP DoS tool released
2009-06-09/a>Swa FrantzenAdobe June Black Tuesday upgrades
2009-05-24/a>Raul SilesAnalyzing malicious PDF documents
2009-05-22/a>Mark HofmanPatching and Adobe
2009-05-12/a>Swa FrantzenAdobe Acrobat (reader) patches released
2009-05-02/a>Rick WannerMore Swine/Mexican/H1N1 related domains
2009-05-01/a>Adrien de BeaupreAdobe Flash Media Server privilege escalation security bulletin
2009-04-29/a>Jason LamTwo Adobe 0-day vulnerabilities
2009-04-27/a>Johannes UllrichSwine Flu (Mexican Flu) related domains
2009-04-20/a>Jason LamDigital Content on TV
2009-04-16/a>Adrien de BeaupreStrange Windows Event Log entry
2009-04-09/a>Johannes UllrichConficker update with payload
2009-04-02/a>Handlers A view from the CWG Trenches
2009-03-28/a>Rick WannerNew Beta release of Nmap
2009-03-18/a>Adrien de BeaupreAdobe Security Bulletin Adobe Reader and Acrobat
2009-03-10/a>Swa FrantzenAdobe Acrobat 9.1 released
2009-03-08/a>Marcus SachsBehind the Estonia Cyber Attacks
2009-02-25/a>Andre LudwigAdobe Acrobat pdf 0-day exploit, No JavaScript needed!
2009-02-25/a>Andre LudwigAdobe flash player patch
2009-02-25/a>Andre LudwigPreview/Iphone/Linux pdf issues
2009-02-13/a>Andre LudwigThird party information on conficker
2009-02-12/a>Mark HofmanAustralian Bushfires
2009-01-31/a>Swa FrantzenDNS DDoS - let's use a long term solution
2009-01-31/a>Swa FrantzenWindows 7 - not so secure ?
2009-01-31/a>Swa FrantzenVMware updates
2009-01-16/a>G. N. WhiteConficker.B/Downadup.B/Kido: F-Secure publishes details pertaining to their counting methodology of compromised machines
2009-01-15/a>Bojan ZdrnjaConficker's autorun and social engineering
2009-01-12/a>William SaluskyDownadup / Conficker - MS08-067 exploit and Windows domain account lockout
2008-12-09/a>Swa FrantzenContacting us might be hard today
2008-12-05/a>Daniel WesemannBeen updatin' your Flash player lately?
2008-12-03/a>Andre LudwigNew ISC Poll! Has your organization suffered a DDoS (Distributed Denial of Service) attack in the last year?
2008-11-29/a>Pedro BuenoUbuntu users: Time to update!
2008-11-17/a>Jim ClausingCritical update to Adobe AIR
2008-11-11/a>Swa FrantzenAcrobat continued activity in the wild
2008-11-06/a>Joel EslerMore Adobe Updates
2008-10-15/a>Mari NicholsAdobe Flash 10 Released
2008-09-09/a>Swa Frantzenwordpress upgrade
2008-08-15/a>Jim ClausingOMFW 2008 reflections
2008-07-20/a>Kevin ListonDenial of Service Attack Against Georgia-- Are You Participating?
2008-07-17/a>Mari NicholsAdobe Reader 9 Released
2008-07-11/a>Raul SilesHow to Determine if Adobe Acrobat or Reader 8.1.2 Security Update 1 is Installed?
2008-06-13/a>Johannes UllrichFloods: More of the same (2)
2008-06-12/a>Bojan ZdrnjaSafari on Windows - not looking good
2008-05-27/a>Adrien de BeaupreAdobe flash player vuln
2008-05-26/a>Marcus SachsPredictable Response
2008-05-17/a>Jim ClausingDisaster donation scams continue
2008-05-17/a>Lorna HutchesonXP SP3 Issues
2008-05-12/a>Scott FendleyAdobe Releases Security Updates
2008-05-06/a>John BambenekWindows XP Service Pack 3 Released
2008-05-01/a>Adrien de BeaupreWindows XP SteadyState
2008-04-29/a>Bojan ZdrnjaWindows Service Pack blocker tool
2008-04-18/a>John BambenekThe Patch Window is Gone: Automated Patch-Based Exploit Generation
2008-04-16/a>William StearnsWindows XP Service Pack 3 - unofficial schedule: Apr 21-28
2008-04-10/a>Deborah HaleDSLReports Being Attacked Again
2008-04-09/a>Raul SilesCritical vulnerabilities in Adobe Flash Player
2008-03-20/a>Joel EslerPotential Vulnerability in Flash CS3 Professional, Flash Professional 8 and Flash Basic 8?
2008-03-12/a>Joel EslerAdobe security updates
2007-01-03/a>Toby KohlenbergVLC Media Player udp URL handler Format String Vulnerability
2006-11-29/a>Toby KohlenbergNew Adobe vulnerability
2006-11-14/a>Swa FrantzenAdobe Flash update available
2006-11-14/a>Jim ClausingMS06-069: Adobe Flash Player
2006-09-12/a>Swa FrantzenAdobe Flash player upgrade time

NOT

2024-04-17/a>Xavier MertensMalicious PDF File Used As Delivery Mechanism
2023-08-21/a>Xavier MertensQuick Malware Triage With Inotify Tools
2023-03-02/a>Didier StevensYARA: Detect The Unexpected ...
2023-02-05/a>Didier StevensVideo: Analyzing Malicious OneNote Documents
2023-02-01/a>Didier StevensDetecting (Malicious) OneNote Files
2023-01-25/a>Xavier MertensA First Malicious OneNote Document
2022-12-20/a>Xavier MertensLinux File System Monitoring & Actions
2022-09-18/a>Didier StevensVideo: Grep & Tail -f With Notepad++
2022-09-05/a>Didier StevensQuickie: Grep & Tail -f With Notepad++
2022-07-05/a>Jan KoprivaEternalBlue 5 years after WannaCry and NotPetya
2022-06-24/a>Xavier MertensPython (ab)using The Windows GUI
2018-06-16/a>Russ McReeAnomaly Detection & Threat Hunting with Anomalize
2017-06-28/a>Brad DuncanPetya? I hardly know ya! - an ISC update on the 2017-06-27 ransomware outbreak
2015-04-08/a>Tom WebbIs it a breach or not?
2014-06-28/a>Mark HofmanNo more Microsoft advisory email notifications?
2013-10-05/a>Richard PorterAdobe Breach Notification, Notifications?
2013-04-04/a>Johannes UllrichMicrosoft April Patch Tuesday Advance Notification
2013-03-29/a>Chris MohanDoes your breach email notification look like a phish?
2013-03-02/a>Scott FendleyEvernote Security Issue
2013-01-15/a>Russ McReeCisco introducing Cisco Security Notices 16 JAN 2013
2012-07-05/a>Adrien de BeaupreMicrosoft advanced notification for July 2012 patch Tuesday
2012-05-22/a>Johannes UllrichThe "Do Not Track" header
2011-12-08/a>Adrien de BeaupreMicrosoft Security Bulletin Advance Notification for December 2011
2011-09-20/a>Swa FrantzenDiginotar declared bankrupt
2011-09-19/a>Guy BruneauMS Security Advisory Update - Fraudulent DigiNotar Certificates
2011-09-15/a>Swa FrantzenDigiNotar looses their accreditation for qualified certificates
2011-09-13/a>Swa FrantzenMore DigiNotar intermediate certificates blocklisted at Microsoft
2011-09-07/a>Lenny ZeltserGlobalSign Temporarily Stops Issuing Certificates to Investigate a Potential Breach
2011-09-06/a>Swa FrantzenDigiNotar audit - intermediate report available
2011-09-06/a>Johannes UllrichMicrosoft Releases Diginotar Related Patch and Advisory
2011-09-01/a>Swa FrantzenDigiNotar breach - the story so far
2011-08-31/a>Johannes UllrichFirefox/Thunderbird 6.0.1 released to blocklist bad DigiNotar SSL certificates
2011-07-29/a>Richard PorterApple Lion talking on TCP 5223
2011-06-21/a>Chris MohanStartSSL, a web authentication authority, suspend services after a security breach
2011-04-28/a>Chris MohanDSL Reports advise 9,000 accounts were compromised
2011-04-03/a>Richard PorterExtreme Disclosure? Not yet but a great trend!
2010-02-09/a>Adrien de BeaupreWhen is a 0day not a 0day? Samba symlink bad default config
2009-11-05/a>Swa FrantzenRIM fixes random code execution vulnerability
2009-07-23/a>John BambenekMissouri Passes Breach Notification Law: Gap Still Exists for Banking Account Information
2009-04-24/a>John BambenekData Leak Prevention: Proactive Security Requirements of Breach Notification Laws
2008-04-08/a>Swa FrantzenNotes file viewer vulnerabilities

TRACK

2014-08-29/a>Johannes UllrichFalse Positive or Not? Difficult to Analyze Javascript
2013-03-06/a>Adam SwangerIPv6 Focus Month: Guest Diary: Stephen Groat - Geolocation Using IPv6 Addresses
2012-08-14/a>Rick WannerBacktrack 5 r3 released - http://www.backtrack-linux.org/downloads/
2012-05-22/a>Johannes UllrichThe "Do Not Track" header
2012-04-12/a>Guy Bruneauwicd Privilege Escalation 0day exploit for Backtrack 5 R2
2011-05-10/a>Swa FrantzenBacktrack 5 released
2010-12-27/a>Johannes UllrichVarious sites "Owned and Exposed"
2010-05-19/a>Jason LamEFF paper about browser tracking
2010-01-11/a>Adrien de BeaupreBackTrack 4 final released http://www.remote-exploit.org/news.html http://www.backtrack-linux.org/downloads/
2008-09-16/a>donald smithDon't open that invoice.zip file its not from UPS