Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Internet Security | DShield Diaries by Keyword

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title
2021-12-31Jan KoprivaDo you want your Agent Tesla in the 300 MB or 8 kB package?
2021-12-30Brad DuncanAgent Tesla Updates SMTP Data Exfiltration Technique
2021-12-20Jan KoprivaPowerPoint attachments, Agent Tesla and code reuse in malware
2021-11-18Xavier MertensJavaScript Downloader Delivers Agent Tesla Trojan
2021-09-24Xavier MertensKeep an Eye on Your Users Mobile Devices (Simple Inventory)
2021-06-30Brad DuncanJune 2021 Forensic Contest: Answers and Analysis
2021-02-12Xavier MertensAgentTesla Dropped Through Automatic Click in Microsoft Help File
2021-02-11Jan KoprivaAgent Tesla hidden in a historical anti-malware tool
2020-10-21Daniel WesemannShipping dangerous goods
2020-05-23Xavier MertensAgentTesla Delivered via a Malicious PowerPoint Add-In
2020-04-28Jan KoprivaAgent Tesla delivered by the same phishing campaign for over a year
2020-03-11Xavier MertensAgent Tesla Delivered via Fake Canon EOS Notification on Free OwnCloud Account
2019-11-27Brad DuncanFinding an Agent Tesla malware sample
2019-09-19Xavier MertensAgent Tesla Trojan Abusing Corporate Email Accounts
2018-12-19Xavier MertensUsing OSSEC Active-Response as a DFIR Framework
2018-08-02Brad DuncanDHL-themed malspam reveals embedded malware in animated gif
2018-05-27Guy BruneauCapture and Analysis of User Agents
2018-01-01Didier StevensWhat is new?
2014-04-05Jim ClausingThose strange e-mails with URLs in them can lead to Android malware
2013-01-15Rob VandenBrinkWhen Disabling IE6 (or Java, or whatever) is not an Option...
2012-06-25Guy BruneauIssues with Windows Update Agent
2012-04-05Johannes UllrichEvil hides everywhere: Web Application Exploits in Headers
2011-08-26Daniel WesemannUser Agent 007
2011-07-13Guy BruneauNew Sguil HTTPRY Agent
2010-02-17Rob VandenBrinkCisco Security Agent Security Updates: cisco-sa-20100217-csa
2008-09-18Bojan ZdrnjaMonitoring HTTP User-Agent fields