Internet Storm Center
Sign In
Sign Up
SANS Network Security: Las Vegas Sept 4-9.
Handler on Duty:
Guy Bruneau
Threat Level:
green
Date
Author
Title
GIVING BACK
2013-01-30
Richard Porter
Getting Involved with the Local Community
GIVING
2013-01-30/a>
Richard Porter
Getting Involved with the Local Community
2010-10-11/a>
Adrien de Beaupre
OT: Happy Thanksgiving Day Canada
BACK
2024-04-16/a>
Yee Ching Tok
Rolling Back Packages on Ubuntu/Debian
2024-04-01/a>
Bojan Zdrnja
The amazingly scary xz sshd backdoor
2023-09-30/a>
Xavier Mertens
Simple Netcat Backdoor in Python Script
2023-06-09/a>
Xavier Mertens
Undetected PowerShell Backdoor Disguised as a Profile File
2023-03-18/a>
Xavier Mertens
Old Backdoor, New Obfuscation
2023-02-21/a>
Xavier Mertens
Phishing Page Branded with Your Corporate Website
2023-02-09/a>
Xavier Mertens
A Backdoor with Smart Screenshot Capability
2022-10-07/a>
Xavier Mertens
Powershell Backdoor with DGA Capability
2022-05-09/a>
Xavier Mertens
Octopus Backdoor is Back with a New Embedded Obfuscated Bat File
2022-03-18/a>
Johannes Ullrich
Scans for Movable Type Vulnerability (CVE-2021-20837)
2022-02-01/a>
Xavier Mertens
Automation is Nice But Don't Replace Your Knowledge
2021-12-15/a>
Xavier Mertens
Simple but Undetected PowerShell Backdoor
2021-11-21/a>
Didier Stevens
Backdooring PAM
2021-11-08/a>
Xavier Mertens
(Ab)Using Security Tools & Controls for the Bad
2021-07-02/a>
Xavier Mertens
"inception.py"... Multiple Base64 Encodings
2021-05-28/a>
Xavier Mertens
Malicious PowerShell Hosted on script.google.com
2020-12-24/a>
Xavier Mertens
Malicious Word Document Delivering an Octopus Backdoor
2020-12-10/a>
Xavier Mertens
Python Backdoor Talking to a C2 Through Ngrok
2020-11-25/a>
Xavier Mertens
Live Patching Windows API Calls Using PowerShell
2020-09-16/a>
Johannes Ullrich
Do Vulnerabilities Ever Get Old? Recent "Mirai" Variant Scanning for 20 Year Old Amanda Version?
2020-07-11/a>
Guy Bruneau
Scanning Home Internet Facing Devices to Exploit
2018-12-16/a>
Guy Bruneau
Random Port Scan for Open RDP Backdoor
2018-09-04/a>
Rob VandenBrink
Let's Trade: You Read My Email, I'll Read Your Password!
2018-06-13/a>
Xavier Mertens
A Bunch of Compromized Wordpress Sites
2018-03-05/a>
Xavier Mertens
Malicious Bash Script with Multiple Features
2018-03-03/a>
Xavier Mertens
Reminder: Beware of the "Cloud"
2017-09-18/a>
Xavier Mertens
CCleaner 5.33 compromised - http://www.piriform.com/news/release-announcements/2017/9/18/security-notification-for-ccleaner-v5336162-and-ccleaner-cloud-v1073191-for-32-bit-windows-users
2017-09-14/a>
Xavier Mertens
Another webshell, another backdoor!
2017-07-12/a>
Xavier Mertens
Backup Scripts, the FIM of the Poor
2017-05-12/a>
Xavier Mertens
When Bad Guys are Pwning Bad Guys...
2017-02-28/a>
Xavier Mertens
Analysis of a Simple PHP Backdoor
2017-02-17/a>
Rob VandenBrink
RTRBK - Router / Switch / Firewall Backups in PowerShell (tool drop)
2017-01-14/a>
Xavier Mertens
Backup Files Are Good but Can Be Evil
2016-01-21/a>
Jim Clausing
Scanning for Fortinet ssh backdoor
2015-12-13/a>
Didier Stevens
Use The Privilege
2015-06-26/a>
Daniel Wesemann
Cisco default credentials - again!
2015-02-09/a>
Chris Mohan
Backups are part of the overall business continuity and disaster recovery plan
2014-07-08/a>
Johannes Ullrich
Hardcoded Netgear Prosafe Switch Password
2014-07-02/a>
Johannes Ullrich
Cisco Unified Communications Domain Manager Update
2014-03-12/a>
Johannes Ullrich
Wordpress "Pingback" DDoS Attacks
2014-01-10/a>
Basil Alawi S.Taher
Cisco Small Business Devices backdoor fix
2014-01-02/a>
Johannes Ullrich
Scans Increase for New Linksys Backdoor (32764/TCP)
2013-12-24/a>
Daniel Wesemann
Unfriendly crontab additions
2013-12-16/a>
Tom Webb
The case of Minerd
2013-11-05/a>
Daniel Wesemann
Is your vacuum cleaner sending spam?
2013-09-10/a>
Swa Frantzen
Microsoft September 2013 Black Tuesday Overview
2013-09-03/a>
Rob VandenBrink
Is "Reputation Backscatter" a Thing?
2013-07-09/a>
Swa Frantzen
Microsoft July 2013 Black Tuesday Overview
2013-06-11/a>
Swa Frantzen
Microsoft June 2013 Black Tuesday Overview
2013-06-11/a>
Swa Frantzen
Other Microsoft Black Tuesday News
2013-05-14/a>
Swa Frantzen
Microsoft May 2013 Black Tuesday Overview
2013-05-14/a>
Swa Frantzen
Firefox & Thunderbird released
2013-03-12/a>
Swa Frantzen
Microsoft March 2013 Black Tuesday Overview
2013-01-30/a>
Richard Porter
Getting Involved with the Local Community
2012-12-04/a>
Johannes Ullrich
Where do your backup tapes go to die?
2012-08-14/a>
Rick Wanner
Backtrack 5 r3 released - http://www.backtrack-linux.org/downloads/
2012-05-18/a>
Johannes Ullrich
ZTE Score M Android Phone backdoor
2012-04-14/a>
Rick Wanner
Flashback Trojan Removal Tool Released
2012-04-12/a>
Guy Bruneau
wicd Privilege Escalation 0day exploit for Backtrack 5 R2
2012-04-12/a>
Guy Bruneau
Apple Java Updates for Mac OS X
2012-03-05/a>
Johannes Ullrich
Flashback Malware now with Twitter C&C
2012-02-24/a>
Guy Bruneau
Flashback Trojan in the Wild
2011-10-28/a>
Russ McRee
Critical Control 19: Data Recovery Capability
2011-07-04/a>
Deborah Hale
VSFTP Backdoor in Source Code
2011-05-10/a>
Swa Frantzen
Backtrack 5 released
2011-01-14/a>
Chris Mohan
How does your family backup their memories?
2010-12-27/a>
Johannes Ullrich
Various sites "Owned and Exposed"
2010-12-15/a>
Johannes Ullrich
OpenBSD IPSec "Backdoor"
2010-12-02/a>
Kevin Johnson
ProFTPD distribution servers compromised
2010-08-30/a>
Adrien de Beaupre
Apple QuickTime potential vulnerability/backdoor
2010-01-11/a>
Adrien de Beaupre
BackTrack 4 final released http://www.remote-exploit.org/news.html http://www.backtrack-linux.org/downloads/
2009-10-19/a>
Daniel Wesemann
Backed up, lately ?
2009-10-17/a>
Rick Wanner
Unusual traffic from Loopback to Unused ARIN address
2009-10-05/a>
Adrien de Beaupre
Cyber Security Awareness Month - Day 5 port 31337
2009-08-30/a>
Tony Carothers
How do I recover from.....?
2009-05-12/a>
Swa Frantzen
May Black Tuesday Overview
2009-01-03/a>
Rick Wanner
RAID != Backup
2008-10-25/a>
Rick Wanner
Day 26 - Restoring Systems from Backup
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
Follow updates by subscribing to the handler's
diary RSS feed