Date Author Title
2024-09-18Guy BruneauTime-to-Live Analysis of DShield Data with Vega-Lite
2024-09-18Xavier MertensPython Infostealer Patching Windows Exodus App
2024-08-27Xavier MertensWhy Is Python so Popular to Infect Windows Hosts?
2024-05-31Xavier Mertens"K1w1" InfoStealer Uses gofile.io for Exfiltration
2024-05-22Rob VandenBrinkNMAP Scanning without Scanning (Part 2) - The ipinfo API
2024-02-20Xavier MertensPython InfoStealer With Dynamic Sandbox Detection
2024-01-25Xavier MertensFacebook AdsManager Targeted by a Python Infostealer
2023-12-22Xavier MertensShall We Play a Game?
2023-09-29Xavier MertensAre You Still Storing Passwords In Plain Text Files?
2023-06-19Xavier MertensMalware Delivered Through .inf File
2023-05-04Xavier MertensInfostealer Embedded in a Word Document
2023-03-12Guy BruneauAsynRAT Trojan - Bill Payment (Pago de la factura)
2023-03-01Xavier MertensPython Infostealer Targeting Gamers
2023-02-18Guy BruneauSpear Phishing Handlers for Username/Password
2023-02-04Guy BruneauAssemblyline as a Malware Analysis Sandbox
2023-01-21Guy BruneauDShield Sensor JSON Log to Elasticsearch
2023-01-08Guy BruneauDShield Sensor JSON Log Analysis
2022-12-21Guy BruneauDShield Sensor Setup in Azure
2022-12-18Guy BruneauInfostealer Malware with Double Extension
2022-08-13Guy BruneauPhishing HTML Attachment as Voicemail Audio Transcription
2022-08-11Xavier MertensInfoStealer Script Based on Curl and NSudo
2022-03-23Brad DuncanArkei Variants: From Vidar to Mars Stealer
2022-03-09Xavier MertensInfostealer in a Batch File
2022-02-13Guy BruneauDHL Spear Phishing to Capture Username/Password
2021-12-21Xavier MertensMore Undetected PowerShell Dropper
2021-12-14Johannes UllrichLog4j: Getting ready for the long haul (CVE-2021-44228)
2021-12-01Xavier MertensInfo-Stealer Using webhook.site to Exfiltrate Data
2021-05-08Guy BruneauWho is Probing the Internet for Research Purposes?
2021-04-06Jan KoprivaMalspam with Lokibot vs. Outlook and RFCs
2021-03-31Xavier MertensQuick Analysis of a Modular InfoStealer
2021-03-12Guy BruneauMicrosoft DHCP Logs Shipped to ELK
2020-12-29Jan KoprivaWant to know what's in a folder you don't have a permission to access? Try asking your AV solution...
2020-09-17Xavier MertensSuspicious Endpoint Containment with OSSEC
2019-11-27Brad DuncanFinding an Agent Tesla malware sample
2019-10-09Brad DuncanWhat data does Vidar malware steal from an infected host?
2019-01-24Brad DuncanMalspam with Word docs uses macro to run Powershell script and steal system data
2018-11-11Pasquale StirparoCommunity contribution: joining forces or multiply solutions?
2017-05-06Xavier MertensThe story of the CFO and CEO...
2016-10-02Guy BruneauIs there an Infosec Cybersecurity Talent Shortage?
2015-01-23Adrien de BeaupreInfocon change to yellow for Adobe Flash issues
2014-09-26Richard PorterWhy We Have Moved to InfoCon:Yellow
2014-05-22Johannes UllrichDiscontinuing Support for ISC Alert Task Bar Icon
2014-04-26Guy BruneauNew Project by Linux Foundation - Core Infrastructure Initiative
2014-04-14Kevin ShorttINFOCon Green: Heartbleed - on the mend
2013-02-17Guy BruneauHP ArcSight Connector Appliance and Logger Vulnerabilities
2012-03-16Swa FrantzenINFOCON Yellow - Microsoft RDP - MS12-020
2012-01-19Chris MohanWHOIS contacts are your friends
2012-01-13Guy BruneauSysinternals Updates - http://blogs.technet.com/b/sysinternals/archive/2012/01/13/updates-autoruns-v11-21-coreinfo-v3-03-portmon-v-3-03-process-explorer-v15-12-mark-s-blog-and-mark-at-rsa-2012.aspx
2011-08-15Rob VandenBrink8 Years since the Eastern Seaboard Blackout - Has it Been that Long?
2011-02-05Guy BruneauOpenSSH Legacy Certificate Information Disclosure Vulnerability
2011-01-12Richard PorterHow Many Loyalty Cards do you Carry?
2010-12-26Manuel Humberto Santander PelaezISC infocon monitor app for OS X
2010-10-22Manuel Humberto Santander PelaezIntypedia project
2010-08-05Rob VandenBrinkAccess Controls for Network Infrastructure
2010-07-24Manuel Humberto Santander PelaezTransmiting logon information unsecured in the network
2010-07-20Manuel Humberto Santander PelaezLowering infocon back to green
2010-06-15Manuel Humberto Santander PelaeziPhone 4 Order Security Breach Exposes Private Information
2010-04-21Guy BruneauGoogle Chrome Security Update v4.1.249.1059 Released: http://googlechromereleases.blogspot.com/2010/04/stable-update-security-fixes.html
2010-03-27Guy BruneauHP-UX Running NFS/ONCplus, Inadvertently Enabled NFS
2010-01-17Mark HofmanWhy not Yellow?
2009-11-29Patrick Nolan A Cloudy Weekend
2009-10-22Adrien de BeaupreSysinternals updates: Disk2vhd v1.1, ZoomIt v4.1, Coreinfo v2.0, VMMap v2.4
2009-10-04Guy BruneauSamba Security Information Disclosure and DoS
2009-10-02Stephen HallNew SysInternal fun for the weekend
2009-09-05Mark HofmanCritical Infrastructure and dependencies
2009-08-01Deborah HaleWebsite Warnings
2009-07-13Adrien de Beaupre* Infocon raised to yellow for Excel Web Components ActiveX vulnerability
2009-07-10Guy BruneauWordPress Fixes Multiple vulnerabilities
2009-07-07Marcus Sachs* INFOCON Status - staying green
2009-06-11Rick WannerMIR-ROR Motile Incident Response - Respond Objectively Remediate
2009-03-02Swa FrantzenObama's leaked chopper blueprints: anything we can learn?
2008-09-11David GoldsmithCookieMonster is coming to Pown (err, Town)
2008-08-12Johannes UllrichUpcoming Infocon Test and new Color
2008-07-02Jim ClausingAnother little script I threw together
2008-06-25Deborah HaleReport of Coreflood.dr Infection
2008-04-07John BambenekHP USB Keys Shipped with Malware for your Proliant Server
2006-10-02Jim ClausingBack to green, but the exploits are still running wild