Diaries by Keyword - SANS Internet Storm Center

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Handler on Duty: Jesse La Grew

Threat Level: green

Date	Author	Title
CRITICAL CONTROLS
2019-07-25	Rob VandenBrink	When Users Attack! Users (and Admins) Thwarting Security Controls
2015-12-21	Daniel Wesemann	Critical Security Controls: Getting to know the unknown
2015-11-04	Richard Porter	Application Aware and Critical Control 2
2015-05-29	Russell Eubanks	Trust But Verify
2011-10-28	Daniel Wesemann	Critical Control 20: Security Skills Assessment and Training to fill Gaps
2011-10-27	Mark Baggett	Critical Control 18: Incident Response Capabilities
2011-10-26	Rick Wanner	Critical Control 17:Penetration Tests and Red Team Exercises
CRITICAL
2019-10-19/a>	Russell Eubanks	What Assumptions Are You Making?
2019-07-25/a>	Rob VandenBrink	When Users Attack! Users (and Admins) Thwarting Security Controls
2017-07-24/a>	Russell Eubanks	Trends Over Time
2017-06-10/a>	Russell Eubanks	An Occasional Look in the Rear View Mirror
2017-05-28/a>	Pasquale Stirparo	Analysis of Competing Hypotheses (ACH part 1)
2017-05-02/a>	Richard Porter	Do you have Intel AMT? Then you have a problem today! Intel Active Management Technology INTEL-SA-00075
2015-12-21/a>	Daniel Wesemann	Critical Security Controls: Getting to know the unknown
2015-11-04/a>	Richard Porter	Application Aware and Critical Control 2
2015-05-29/a>	Russell Eubanks	Trust But Verify
2014-04-12/a>	Guy Bruneau	Critical Security Update for JetPack WordPress Plugin. Bug has existed since Jetpack 1.9, released in October 2012. - http://jetpack.me/2014/04/10/jetpack-security-update/
2012-08-21/a>	Adrien de Beaupre	YYABCAFU - Yes Yet Another Bleeping Critical Adobe Flash Update
2011-11-03/a>	Richard Porter	An Apple, Inc. Sandbox to play in.
2011-10-29/a>	Richard Porter	The Sub Critical Control? Evidence Collection
2011-10-28/a>	Daniel Wesemann	Critical Control 20: Security Skills Assessment and Training to fill Gaps
2011-10-27/a>	Mark Baggett	Critical Control 18: Incident Response Capabilities
2011-10-26/a>	Rick Wanner	Critical Control 17:Penetration Tests and Red Team Exercises
2011-10-17/a>	Rob VandenBrink	Critical Control 11: Account Monitoring and Control
2011-08-15/a>	Rob VandenBrink	8 Years since the Eastern Seaboard Blackout - Has it Been that Long?
2010-04-02/a>	Guy Bruneau	Oracle Java SE and Java for Business Critical Patch Update Advisory
2009-09-05/a>	Mark Hofman	Critical Infrastructure and dependencies
CONTROLS
2022-05-03/a>	Rob VandenBrink	Finding the Real "Last Patched" Day (Interim Version)
2019-10-19/a>	Russell Eubanks	What Assumptions Are You Making?
2019-07-25/a>	Rob VandenBrink	When Users Attack! Users (and Admins) Thwarting Security Controls
2019-07-18/a>	Rob VandenBrink	The Other Side of Critical Control 1: 802.1x Wired Network Access Controls
2017-07-24/a>	Russell Eubanks	Trends Over Time
2017-06-10/a>	Russell Eubanks	An Occasional Look in the Rear View Mirror
2016-11-23/a>	Tom Webb	Mapping Attack Methodology to Controls
2015-12-21/a>	Daniel Wesemann	Critical Security Controls: Getting to know the unknown
2015-11-04/a>	Richard Porter	Application Aware and Critical Control 2
2015-05-29/a>	Russell Eubanks	Trust But Verify
2013-03-13/a>	Mark Baggett	Wipe the drive! Stealthy Malware Persistence Mechanism - Part 1
2011-10-28/a>	Daniel Wesemann	Critical Control 20: Security Skills Assessment and Training to fill Gaps
2011-10-27/a>	Mark Baggett	Critical Control 18: Incident Response Capabilities
2011-10-26/a>	Rick Wanner	Critical Control 17:Penetration Tests and Red Team Exercises
2010-08-22/a>	Rick Wanner	Failure of controls...Spanair crash caused by a Trojan
2010-08-05/a>	Rob VandenBrink	Access Controls for Network Infrastructure
2010-06-07/a>	Manuel Humberto Santander Pelaez	Software Restriction Policy to keep malware away

CRITICAL CONTROLS

CRITICAL

CONTROLS