Diaries by Keyword - SANS Internet Storm Center

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Handler on Duty: Jesse La Grew

Threat Level: green

Date	Author	Title
ARP SPOOFING
2009-03-11	Bojan Zdrnja	Massive ARP spoofing attacks on web sites
ARP
2023-12-15/a>	Xavier Mertens	CSharp Payload Phoning to a CobaltStrike Server
2023-11-18/a>	Xavier Mertens	Quasar RAT Delivered Through Updated SharpLoader
2021-05-29/a>	Guy Bruneau	Spear-phishing Email Targeting Outlook Mail Clients
2021-03-10/a>	Rob VandenBrink	SharpRDP - PSExec without PSExec, PSRemoting without PowerShell
2021-03-04/a>	Xavier Mertens	From VBS, PowerShell, C Sharp, Process Hollowing to RAT
2019-08-15/a>	Didier Stevens	Analysis of a Spearphishing Maldoc
2016-06-15/a>	Richard Porter	Warp Speed Ahead, L7 Open Source Packet Generator: Warp17
2011-09-28/a>	Richard Porter	All Along the ARP Tower!
2009-03-11/a>	Bojan Zdrnja	Massive ARP spoofing attacks on web sites
SPOOFING
2020-12-08/a>	Johannes Ullrich	December 2020 Microsoft Patch Tuesday: Exchange, Sharepoint, Dynamics and DNS Spoofing
2015-05-30/a>	Russell Eubanks	Weekend Learning - Spoofer Project
2015-02-19/a>	Daniel Wesemann	DNS-based DDoS
2013-10-21/a>	Johannes Ullrich	New tricks that may bring DNS spoofing back or: "Why you should enable DNSSEC even if it is a pain to do"
2013-03-29/a>	Chris Mohan	Fake Link removal requests
2012-01-24/a>	Bojan Zdrnja	Is it time to get rid of NetBIOS?
2009-03-11/a>	Bojan Zdrnja	Massive ARP spoofing attacks on web sites
2009-01-31/a>	Swa Frantzen	DNS DDoS - let's use a long term solution
2008-07-08/a>	Johannes Ullrich	Mulitple Vendors DNS Spoofing Vulnerability