Internet Storm Center
Sign In
Sign Up
Handler on Duty:
Didier Stevens
Threat Level:
green
Date
Author
Title
2024-04-17
Xavier Mertens
Malicious PDF File Used As Delivery Mechanism
2024-02-03
Guy Bruneau
DShield Sensor Log Collection with Elasticsearch
2024-01-08
Jesse La Grew
What is that User Agent?
2023-08-23
Xavier Mertens
More Exotic Excel Files Dropping AgentTesla
2023-07-01
Russ McRee
Sandfly Security
2021-12-31
Jan Kopriva
Do you want your Agent Tesla in the 300 MB or 8 kB package?
2021-12-30
Brad Duncan
Agent Tesla Updates SMTP Data Exfiltration Technique
2021-12-20
Jan Kopriva
PowerPoint attachments, Agent Tesla and code reuse in malware
2021-11-18
Xavier Mertens
JavaScript Downloader Delivers Agent Tesla Trojan
2021-09-24
Xavier Mertens
Keep an Eye on Your Users Mobile Devices (Simple Inventory)
2021-06-30
Brad Duncan
June 2021 Forensic Contest: Answers and Analysis
2021-02-12
Xavier Mertens
AgentTesla Dropped Through Automatic Click in Microsoft Help File
2021-02-11
Jan Kopriva
Agent Tesla hidden in a historical anti-malware tool
2020-10-21
Daniel Wesemann
Shipping dangerous goods
2020-05-23
Xavier Mertens
AgentTesla Delivered via a Malicious PowerPoint Add-In
2020-04-28
Jan Kopriva
Agent Tesla delivered by the same phishing campaign for over a year
2020-03-11
Xavier Mertens
Agent Tesla Delivered via Fake Canon EOS Notification on Free OwnCloud Account
2019-11-27
Brad Duncan
Finding an Agent Tesla malware sample
2019-09-19
Xavier Mertens
Agent Tesla Trojan Abusing Corporate Email Accounts
2018-12-19
Xavier Mertens
Using OSSEC Active-Response as a DFIR Framework
2018-08-02
Brad Duncan
DHL-themed malspam reveals embedded malware in animated gif
2018-05-27
Guy Bruneau
Capture and Analysis of User Agents
2018-01-01
Didier Stevens
What is new?
2014-04-05
Jim Clausing
Those strange e-mails with URLs in them can lead to Android malware
2013-01-15
Rob VandenBrink
When Disabling IE6 (or Java, or whatever) is not an Option...
2012-06-25
Guy Bruneau
Issues with Windows Update Agent
2012-04-05
Johannes Ullrich
Evil hides everywhere: Web Application Exploits in Headers
2011-08-26
Daniel Wesemann
User Agent 007
2011-07-13
Guy Bruneau
New Sguil HTTPRY Agent
2010-02-17
Rob VandenBrink
Cisco Security Agent Security Updates: cisco-sa-20100217-csa
2008-09-18
Bojan Zdrnja
Monitoring HTTP User-Agent fields
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
Follow updates by subscribing to the handler's
diary RSS feed