Date Author Title
2024-03-19Johannes UllrichAttacker Hunting Firewalls
2024-01-24Johannes UllrichHow Bad User Interfaces Make Security Tools Harmful
2024-01-18Johannes UllrichMore Scans for Ivanti Connect "Secure" VPN. Exploits Public
2024-01-16Johannes UllrichScans for Ivanti Connect "Secure" VPN Vulnerability (CVE-2023-46805, CVE-2024-21887)
2023-11-17Jan KoprivaPhishing page with trivial anti-analysis features
2022-06-01Jan KoprivaHTML phishing attachments - now with anti-analysis features
2022-03-27Didier StevensVideo: Maldoc Cleaned by Anti-Virus
2021-07-06Xavier MertensPython DLL Injection Check
2021-05-21Xavier MertensLocking Kernel32.dll As Anti-Debugging Technique
2020-12-29Jan KoprivaWant to know what's in a folder you don't have a permission to access? Try asking your AV solution...
2020-11-25Xavier MertensLive Patching Windows API Calls Using PowerShell
2020-11-19Xavier MertensPowerShell Dropper Delivering Formbook
2020-08-31Didier StevensFinding The Original Maldoc
2020-08-29Didier StevensMalicious Excel Sheet with a NULL VT Score: More Info
2020-06-16Johannes UllrichOdd "Protest" Spam (Scam?) Targeting Atlanta Police Foundation
2020-06-04Xavier MertensAnti-Debugging Technique based on Memory Protection
2020-01-23Xavier MertensComplex Obfuscation VS Simple Trick
2019-07-16Russ McReeCommando VM: The Complete Mandiant Offensive VM
2019-07-11Johannes UllrichRemembering Mike Assante
2018-06-25Didier StevensGuilty by association
2016-12-24Didier StevensPinging All The Way
2016-10-17Didier StevensMaldoc VBA Anti-Analysis: Video
2016-10-15Didier StevensMaldoc VBA Anti-Analysis
2015-12-05Guy BruneauAre you looking to setup your own Malware Sandbox?
2015-07-03Didier StevensAnalyzing Quarantine Files
2015-06-28Didier StevensThe EICAR Test File
2015-02-06Johannes UllrichAnthem, TurboTax and How Things "Fit Together" Sometimes
2014-08-06Johannes UllrichExploit Available for Symantec End Point Protection
2014-08-04Russ McReeThreats & Indicators: A Security Intelligence Lifecycle
2014-07-30Rick WannerSymantec Endpoint Protection Privilege Escalation Zero Day
2014-05-27Kevin ShorttAvast forums hacked
2014-03-11Basil Alawi S.TaherIntroduction to Memory Analysis with Mandiant Redline
2014-03-02Stephen HallSymantec goes yellow
2014-02-14Chris MohanSYM14-004 Symantec Endpoint Protection Management Vulnerabilities - http://www.symantec.com/business/support/index?page=content&id=TECH214866
2014-01-01Russ McReeSix degrees of celebration: Juniper, ANT, Shodan, Maltego, Cisco, and Tails
2013-12-28Russ McReeWeekend Reading List 27 DEC
2013-08-03Deborah HaleWhat Anti-virus Program Is Right For You?
2013-06-07Daniel Wesemann100% Compliant (for 65% of the systems)
2013-05-20Guy BruneauSafe - Tools, Tactics and Techniques
2013-04-26Russ McReeWhat is "up to date anti-virus software"?
2013-04-17John BambenekUPDATEDx1: Boston-Related Malware Campaigns Have Begun - Now with Waco Plant Explosion Fun
2012-12-10Johannes UllrichYour CPA License has not been revoked
2012-11-02Daniel WesemannThe shortcomings of anti-virus software
2012-06-19Daniel Wesemann Vulnerabilityqueerprocessbrittleness
2012-05-16Johannes UllrichAvira Antivirus false positives http://forum.avira.com/wbb/index.php?page=Thread&threadID=144875
2012-04-26Richard PorterDefine Irony: A medical device with a Virus?
2012-04-13Daniel WesemannAnti-virus scanning exclusions
2012-01-25Bojan ZdrnjapcAnywhere users – patch now!
2011-08-15Mark HofmanHow to find unwanted files on workstations
2011-07-11John BambenekAnother Defense Contractor Hacked in AntiSec Hacktivism Spree
2011-06-02Johannes UllrichSome Insight into Apple's Anti-Virus Signatures
2011-05-31Johannes UllrichApple Improving OS X Anti-Malware Feature
2011-05-19Daniel WesemannFake AV Bingo
2011-03-17Kevin ListonSo You Got an AV Alert. Now What?
2011-03-09Kevin ShorttAVG Anti-Virus 2011 False Positives - Luhe.Exploit.PDF.B
2011-03-01Daniel WesemannAV software and "sharing samples"
2011-01-18Daniel WesemannYet another rogue anti-virus
2011-01-12Richard PorterYet Another Data Broker? AOL Lifestream.
2010-11-11Daniel WesemannFake AV scams via Skype Chat
2010-07-25Rick WannerUpdated version of Mandiant's Web Historian
2010-05-26Bojan ZdrnjaMalware modularization and AV detection evasion
2010-05-16Rick WannerSymantec triggers on World of Warcraft update
2010-02-15Johannes UllrichVarious Olympics Related Dangerous Google Searches
2010-02-07Rick WannerMandiant Mtrends Report
2009-12-29Rick WannerWhat's up with port 12174? Possible Symantec server compromise?
2009-12-14Adrien de BeaupreAnti-forensics, COFEE vs. DECAF
2009-12-03Mark HofmanAvast false positives
2009-09-25Lenny ZeltserCategories of Common Malware Traits
2009-09-17Bojan ZdrnjaWhy is Rogue/Fake AV so successful?
2009-09-04Adrien de BeaupreFake anti-virus
2009-08-29Guy BruneauImmunet Protect - Cloud and Community Malware Protection
2009-08-19Daniel WesemannChecking your protection
2009-08-13Johannes UllrichCA eTrust update crashes systems
2009-07-11Marcus SachsImageshack
2009-05-19Rick WannerNew Version of Mandiant Highlighter
2009-03-10Swa Frantzenconspiracy fodder: pifts.exe
2009-02-05Rick WannerMandiant Memoryze review, Hilighter, other Mandiant tools!
2008-09-15donald smithFake antivirus 2009 and search engine results
2008-04-22donald smithSymantec decomposer rar bypass allowed malicious content.
2008-04-07John BambenekHP USB Keys Shipped with Malware for your Proliant Server
2006-10-30William SaluskyToD - Configuration Management - maintaining security awareness