RUN BOOK |
| 2009-03-20 | Stephen Hall | Making the most of your runbooks |
RUN |
| 2024-02-25/a> | Guy Bruneau | Utilizing the VirusTotal API to Query Files Uploaded to DShield Honeypot [Guest Diary] |
| 2023-06-09/a> | Xavier Mertens | Undetected PowerShell Backdoor Disguised as a Profile File |
| 2021-05-18/a> | Xavier Mertens | From RunDLL32 to JavaScript then PowerShell |
| 2021-01-21/a> | Xavier Mertens | Powershell Dropping a REvil Ransomware |
| 2020-03-13/a> | Rob VandenBrink | Not all Ethernet NICs are Created Equal - Trying to Capture Invalid Ethernet Frames |
| 2015-07-17/a> | Didier Stevens | Autoruns and VirusTotal |
| 2015-02-10/a> | Mark Baggett | Detecting Mimikatz Use On Your Network |
| 2014-01-10/a> | Basil Alawi S.Taher | Windows Autorun-3 |
| 2013-06-21/a> | Guy Bruneau | Sysinternals Updates for Autoruns, Strings & ZoomIt http://blogs.technet.com/b/sysinternals/archive/2013/06/20/updates-autoruns-v11-61-strings-v2-52-zoomit-v4-5.aspx |
| 2012-01-13/a> | Guy Bruneau | Sysinternals Updates - http://blogs.technet.com/b/sysinternals/archive/2012/01/13/updates-autoruns-v11-21-coreinfo-v3-03-portmon-v-3-03-process-explorer-v15-12-mark-s-blog-and-mark-at-rsa-2012.aspx |
| 2009-10-02/a> | Stephen Hall | New SysInternal fun for the weekend |
| 2009-05-11/a> | Mari Nichols | Sysinternals Updates 3 Applications |
| 2009-03-20/a> | Stephen Hall | Making the most of your runbooks |
| 2009-02-25/a> | donald smith | AutoRun disabling patch released |
| 2009-01-15/a> | Bojan Zdrnja | Conficker's autorun and social engineering |
| 2008-12-25/a> | Maarten Van Horenbeeck | Merry Christmas, and beware of digital hitchhikers! |
BOOK |
| 2024-05-27/a> | Jan Kopriva | Files with TXZ extension used as malspam attachments |
| 2024-01-25/a> | Xavier Mertens | Facebook AdsManager Targeted by a Python Infostealer |
| 2024-01-16/a> | Johannes Ullrich | Scans for Ivanti Connect "Secure" VPN Vulnerability (CVE-2023-46805, CVE-2024-21887) |
| 2023-07-12/a> | Brad Duncan | Loader activity for Formbook "QM18" |
| 2023-06-17/a> | Brad Duncan | Formbook from Possible ModiLoader (DBatLoader) |
| 2023-05-15/a> | Jan Kopriva | Ongoing Facebook phishing campaign without a sender and (almost) without links |
| 2022-10-22/a> | Didier Stevens | rtfdump's Find Option |
| 2022-07-28/a> | Johannes Ullrich | Exfiltrating Data With Bookmarks |
| 2021-11-19/a> | Xavier Mertens | Downloader Disguised as Excel Add-In (XLL) |
| 2021-10-04/a> | Johannes Ullrich | Facebook Outage: Yes, its DNS (sort of). A super quick analysis of what is going on. |
| 2020-11-19/a> | Xavier Mertens | PowerShell Dropper Delivering Formbook |
| 2020-07-10/a> | Brad Duncan | Excel spreasheet macro kicks off Formbook infection |
| 2019-11-06/a> | Brad Duncan | More malspam pushing Formbook |
| 2018-06-16/a> | Russ McRee | Anomaly Detection & Threat Hunting with Anomalize |
| 2017-10-03/a> | Brad Duncan | Malspam pushing Formbook info stealer |
| 2014-08-20/a> | Kevin Shortt | Social Engineering Alive and Well |
| 2014-05-22/a> | Rob VandenBrink | Another Site Breached - Time to Change your Passwords! (If you can that is) |
| 2014-01-24/a> | Chris Mohan | Phishing via Social Media |
| 2013-12-11/a> | Johannes Ullrich | Facebook Phishing and Malware via Tumblr Redirects |
| 2013-11-10/a> | Rick Wanner | Microsoft and Facebook announce bug bounty |
| 2013-06-22/a> | Guy Bruneau | Facebook Reports a Potential Leak of User Data |
| 2013-02-25/a> | Johannes Ullrich | Mass-Customized Malware Lures: Don't trust your cat! |
| 2012-10-10/a> | Kevin Shortt | Facebook Scam Spam |
| 2012-02-07/a> | Jim Clausing | Book Review: Practical Packet Analysis, 2nd ed |
| 2011-07-30/a> | Deborah Hale | Links on your Facebook Wall |
| 2011-06-30/a> | Guy Bruneau | Symantec Report - Spam Surge against Social Networks |
| 2011-06-27/a> | Kevin Shortt | Phishy Spam |
| 2011-05-22/a> | Kevin Shortt | Facebook goes two-factor |
| 2011-05-12/a> | Chris Mohan | Reports of another javascript-based spam scam doing the rounds in Facebook |
| 2011-05-10/a> | Swa Frantzen | Time to change your facebook password? |
| 2011-05-03/a> | Johannes Ullrich | Update on Osama Bin Laden themed Malware |
| 2011-01-16/a> | Tony Carothers | Facebook User Data Call for 3rd Party Apps |
| 2011-01-10/a> | Manuel Humberto Santander Pelaez | Facebook virus spreads via photo album chat messages |
| 2010-12-07/a> | Kevin Shortt | You got a sec? |
| 2010-11-22/a> | Lenny Zeltser | Brand Impersonations On-Line: Brandjacking and Social Networks |
| 2010-09-16/a> | Johannes Ullrich | Facebook "Like Pages" |
| 2010-09-04/a> | Kevin Liston | What's not to Like about "Like?" |
| 2010-06-14/a> | Manuel Humberto Santander Pelaez | Rogue facebook application acting like a worm |
| 2010-06-02/a> | Bojan Zdrnja | Clickjacking attacks on Facebook's Like plugin |
| 2010-05-25/a> | donald smith | Face book “joke” leads to firing. |
| 2010-04-29/a> | Bojan Zdrnja | Who needs exploits when you have social engineering? |
| 2010-01-27/a> | Raul Siles | Active SEO poisoning attacks for hot topics |
| 2009-12-09/a> | Swa Frantzen | Facebook announces privacy improvements |
| 2009-06-16/a> | John Bambenek | URL Shortening Service Cligs Hacked |
| 2009-05-24/a> | Raul Siles | Facebook phising using Belgium (.be) domains |
| 2009-05-04/a> | Tom Liston | Facebook phishing malware |
| 2009-03-20/a> | Stephen Hall | Making the most of your runbooks |
| 2009-01-04/a> | Rick Wanner | Twitter/Facebook Phishing Attempt |
