Internet Storm Center
Sign In
Sign Up
Watch ISC TV. Great for NOCs, SOCs and Living Rooms:
https://isctv.sans.edu
Handler on Duty:
Didier Stevens
Threat Level:
green
Date
Author
Title
RED TEAM
2019-11-29
Russ McRee
ISC Snapshot: Search with SauronEye
2019-08-21
Russ McRee
KAPE: Kroll Artifact Parser and Extractor
2019-07-16
Russ McRee
Commando VM: The Complete Mandiant Offensive VM
2019-04-05
Russ McRee
Beagle: Graph transforms for DFIR data & logs
2018-10-17
Russ McRee
RedHunt Linux - Adversary Emulation, Threat Hunting & Intelligence
RED
2022-10-04/a>
Johannes Ullrich
Credential Harvesting with Telegram API
2022-09-15/a>
Xavier Mertens
Malicious Word Document with a Frameset
2022-07-08/a>
Johannes Ullrich
ISC Website Redesign
2022-03-10/a>
Xavier Mertens
Credentials Leaks on VirusTotal
2022-03-07/a>
Johannes Ullrich
No Bitcoin - No Problem: Follow Up to Last Weeks Donation Scam
2022-03-04/a>
Johannes Ullrich
Scam E-Mail Impersonating Red Cross
2022-01-20/a>
Xavier Mertens
RedLine Stealer Delivered Through FTP
2022-01-16/a>
Guy Bruneau
10 Most Popular Targeted Ports in the Past 3 Weeks
2021-11-08/a>
Xavier Mertens
(Ab)Using Security Tools & Controls for the Bad
2021-06-18/a>
Daniel Wesemann
Open redirects ... and why Phishers love them
2021-05-29/a>
Guy Bruneau
Spear-phishing Email Targeting Outlook Mail Clients
2021-03-06/a>
Xavier Mertens
Spotting the Red Team on VirusTotal!
2020-11-18/a>
Xavier Mertens
When Security Controls Lead to Security Issues
2020-07-16/a>
John Bambenek
Hunting for SigRed Exploitation
2020-07-15/a>
Johannes Ullrich
PATCH NOW - SIGRed - CVE-2020-1350 - Microsoft DNS Server Vulnerability
2020-04-27/a>
Xavier Mertens
Powershell Payload Stored in a PSCredential Object
2020-02-27/a>
Xavier Mertens
Offensive Tools Are For Blue Teams Too
2020-02-25/a>
Jan Kopriva
Quick look at a couple of current online scam campaigns
2019-11-29/a>
Russ McRee
ISC Snapshot: Search with SauronEye
2019-11-09/a>
Guy Bruneau
Fake Netflix Update Request by Text
2019-11-08/a>
Xavier Mertens
Microsoft Apps Diverted from Their Main Use
2019-08-28/a>
Johannes Ullrich
[Guest Diary] Open Redirect: A Small But Very Common Vulnerability
2019-08-21/a>
Russ McRee
KAPE: Kroll Artifact Parser and Extractor
2019-07-16/a>
Russ McRee
Commando VM: The Complete Mandiant Offensive VM
2019-04-05/a>
Russ McRee
Beagle: Graph transforms for DFIR data & logs
2018-10-17/a>
Russ McRee
RedHunt Linux - Adversary Emulation, Threat Hunting & Intelligence
2018-03-08/a>
Xavier Mertens
CRIMEB4NK IRC Bot
2017-12-27/a>
Guy Bruneau
What are your Security Challenges for 2018?
2016-09-09/a>
Xavier Mertens
Collecting Users Credentials from Locked Devices
2016-06-29/a>
Xavier Mertens
Phishing Campaign with Blurred Images
2016-01-05/a>
Guy Bruneau
What are you Concerned the Most in 2016?
2015-05-23/a>
Guy Bruneau
Business Value in "Big Data"
2015-03-18/a>
Daniel Wesemann
Pass the hash!
2015-01-31/a>
Guy Bruneau
Beware of Phishing and Spam Super Bowl Fans!
2014-11-24/a>
Richard Porter
Someone is using this? PoS: Compressor
2014-09-12/a>
Chris Mohan
Are credential dumps worth reviewing?
2014-07-03/a>
Johannes Ullrich
Credit Card Processing in 700 Words or Less
2014-06-13/a>
Richard Porter
A welcomed response, PF Chang's
2013-12-19/a>
Rob VandenBrink
Target US - Credit Card Data Breach
2013-09-23/a>
Rob VandenBrink
How do you spell "PSK"?
2013-07-12/a>
Johannes Ullrich
Microsoft Teredo Server "Sunset"
2013-07-12/a>
Johannes Ullrich
DNS resolution is failing for Microsofts Teredo server (teredo.ipv6.microsoft.com)
2013-03-09/a>
Guy Bruneau
IPv6 Focus Month: IPv6 Encapsulation - Protocol 41
2013-02-21/a>
Pedro Bueno
NBC site redirecting to Exploit kit
2011-05-03/a>
Johannes Ullrich
Analyzing Teredo with tshark and Wireshark
2011-01-03/a>
Johannes Ullrich
What Will Matter in 2011
2010-07-24/a>
Manuel Humberto Santander Pelaez
Transmiting logon information unsecured in the network
2010-06-15/a>
Manuel Humberto Santander Pelaez
Mastercard delivering cards with OTP device included
2010-04-22/a>
John Bambenek
Data Redaction: You're Doing it Wrong
2010-02-16/a>
Jim Clausing
Teredo request for packets
2010-02-16/a>
Johannes Ullrich
Teredo "stray packet" analysis
2009-07-28/a>
Adrien de Beaupre
YYAMCCBA
2009-05-18/a>
Rick Wanner
JSRedir-R/Gumblar badness
TEAM
2022-09-23/a>
Xavier Mertens
Kids Like Cookies, Malware Too!
2022-09-19/a>
Russ McRee
Chainsaw: Hunt, search, and extract event log records
2022-06-10/a>
Russ McRee
EPSScall: An Exploit Prediction Scoring System App
2021-12-28/a>
Russ McRee
LotL Classifier tests for shells, exfil, and miners
2021-03-06/a>
Xavier Mertens
Spotting the Red Team on VirusTotal!
2021-03-02/a>
Russ McRee
Adversary Simulation with Sim
2021-01-19/a>
Russ McRee
Gordon for fast cyber reputation checks
2020-10-23/a>
Russ McRee
Sooty: SOC Analyst's All-in-One Tool
2020-08-12/a>
Russ McRee
To the Brim at the Gates of Mordor Pt. 1
2020-06-30/a>
Russ McRee
ISC Snapshot: SpectX IP Hitcount Query
2020-04-21/a>
Russ McRee
SpectX: Log Parser for DFIR
2020-02-27/a>
Xavier Mertens
Offensive Tools Are For Blue Teams Too
2020-01-21/a>
Russ McRee
DeepBlueCLI: Powershell Threat Hunting
2019-11-29/a>
Russ McRee
ISC Snapshot: Search with SauronEye
2019-11-08/a>
Xavier Mertens
Microsoft Apps Diverted from Their Main Use
2019-10-06/a>
Russ McRee
visNetwork for Network Data
2019-08-21/a>
Russ McRee
KAPE: Kroll Artifact Parser and Extractor
2019-07-16/a>
Russ McRee
Commando VM: The Complete Mandiant Offensive VM
2019-04-05/a>
Russ McRee
Beagle: Graph transforms for DFIR data & logs
2019-02-05/a>
Rob VandenBrink
Mitigations against Mimikatz Style Attacks
2018-10-17/a>
Russ McRee
RedHunt Linux - Adversary Emulation, Threat Hunting & Intelligence
2018-06-16/a>
Russ McRee
Anomaly Detection & Threat Hunting with Anomalize
2012-04-23/a>
Russ McRee
Emergency Operations Centers & Security Incident Management: A Correlation
2011-03-25/a>
Kevin Liston
APT Tabletop Exercise
2010-01-22/a>
Mari Nichols
Pass-down for a Successful Incident Response
2010-01-14/a>
Bojan Zdrnja
DRG (Dragon Research Group) Distro available for general release
2009-03-22/a>
Mari Nichols
Dealing with Security Challenges
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Forums
Auditing
Diary Discussions
Forensics
General Discussions
Industry News
Network Security
Penetration Testing
Software Security
Contact Us
Contact Us
About Us
Handlers
Slack Channel
Mastodon
Twitter
Have you heard our daily podcast covering the latest
information security threats
?