Internet Storm Center
Sign In
Sign Up
Participate: Learn more about our honeypot network
https://isc.sans.edu/tools/honeypot/
Handler on Duty:
Didier Stevens
Threat Level:
green
Date
Author
Title
2023-03-18
Xavier Mertens
Old Backdoor, New Obfuscation
2023-02-09
Xavier Mertens
A Backdoor with Smart Screenshot Capability
2022-10-07
Xavier Mertens
Powershell Backdoor with DGA Capability
2022-05-09
Xavier Mertens
Octopus Backdoor is Back with a New Embedded Obfuscated Bat File
2022-03-18
Johannes Ullrich
Scans for Movable Type Vulnerability (CVE-2021-20837)
2021-12-15
Xavier Mertens
Simple but Undetected PowerShell Backdoor
2021-11-21
Didier Stevens
Backdooring PAM
2021-11-08
Xavier Mertens
(Ab)Using Security Tools & Controls for the Bad
2021-07-02
Xavier Mertens
"inception.py"... Multiple Base64 Encodings
2021-05-28
Xavier Mertens
Malicious PowerShell Hosted on script.google.com
2020-12-24
Xavier Mertens
Malicious Word Document Delivering an Octopus Backdoor
2020-12-10
Xavier Mertens
Python Backdoor Talking to a C2 Through Ngrok
2020-11-25
Xavier Mertens
Live Patching Windows API Calls Using PowerShell
2020-07-11
Guy Bruneau
Scanning Home Internet Facing Devices to Exploit
2018-12-16
Guy Bruneau
Random Port Scan for Open RDP Backdoor
2018-06-13
Xavier Mertens
A Bunch of Compromized Wordpress Sites
2018-03-05
Xavier Mertens
Malicious Bash Script with Multiple Features
2017-09-18
Xavier Mertens
CCleaner 5.33 compromised - http://www.piriform.com/news/release-announcements/2017/9/18/security-notification-for-ccleaner-v5336162-and-ccleaner-cloud-v1073191-for-32-bit-windows-users
2017-09-14
Xavier Mertens
Another webshell, another backdoor!
2017-05-12
Xavier Mertens
When Bad Guys are Pwning Bad Guys...
2017-02-28
Xavier Mertens
Analysis of a Simple PHP Backdoor
2016-01-21
Jim Clausing
Scanning for Fortinet ssh backdoor
2015-06-26
Daniel Wesemann
Cisco default credentials - again!
2014-07-08
Johannes Ullrich
Hardcoded Netgear Prosafe Switch Password
2014-07-02
Johannes Ullrich
Cisco Unified Communications Domain Manager Update
2014-01-10
Basil Alawi S.Taher
Cisco Small Business Devices backdoor fix
2014-01-02
Johannes Ullrich
Scans Increase for New Linksys Backdoor (32764/TCP)
2013-12-24
Daniel Wesemann
Unfriendly crontab additions
2013-12-16
Tom Webb
The case of Minerd
2013-11-05
Daniel Wesemann
Is your vacuum cleaner sending spam?
2012-05-18
Johannes Ullrich
ZTE Score M Android Phone backdoor
2011-07-04
Deborah Hale
VSFTP Backdoor in Source Code
2010-12-15
Johannes Ullrich
OpenBSD IPSec "Backdoor"
2010-12-02
Kevin Johnson
ProFTPD distribution servers compromised
2010-08-30
Adrien de Beaupre
Apple QuickTime potential vulnerability/backdoor
2009-10-05
Adrien de Beaupre
Cyber Security Awareness Month - Day 5 port 31337
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Forums
Auditing
Diary Discussions
Forensics
General Discussions
Industry News
Network Security
Penetration Testing
Software Security
Contact Us
Contact Us
About Us
Handlers
Slack Channel
Mastodon
Twitter
Have you seen our swag?
Buy SANS ISC Gear