Threat Level: green Handler on Duty: Manuel Humberto Santander Pelaez

SANS ISC: Diaries by Keyword Diaries by Keyword

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title

SMM SYSTEM MANAGEMENT MODE ATTACK

2009-03-20donald smithStealthier then a MBR rootkit, more powerful then ring 0 control, it’s the soon to be developed SMM root kit.

SMM

2009-03-20/a>donald smithStealthier then a MBR rootkit, more powerful then ring 0 control, it’s the soon to be developed SMM root kit.

SYSTEM

2017-09-11/a>Russ McReeWindows Auditing with WINspect
2017-06-14/a>Xavier MertensSystemd Could Fallback to Google DNS?
2016-01-31/a>Guy BruneauWindows 10 and System Protection for DATA Default is OFF
2015-03-11/a>Rob VandenBrinkApple iTunes Store is seeing an extended outage (11 Mar) - watch https://www.apple.com/support/systemstatus/ for status changes. (12 Mar) - service restored, all green!
2015-03-07/a>Guy BruneauShould it be Mandatory to have an Independent Security Audit after a Breach?
2010-08-09/a>Jim ClausingFree/inexpensive tools for monitoring systems/networks
2010-07-18/a>Manuel Humberto Santander PelaezSAGAN: An open-source event correlation system - Part 1: Installation
2009-03-20/a>donald smithStealthier then a MBR rootkit, more powerful then ring 0 control, it’s the soon to be developed SMM root kit.

MANAGEMENT

2019-09-19/a>Xavier MertensBlacklisting or Whitelisting in the Right Way
2015-07-18/a>Russell EubanksThe Value a "Fresh Set Of Eyes" (FSOE)
2014-01-23/a>Chris MohanLearning from the breaches that happens to others Part 2
2014-01-14/a>Chris MohanSpamming and scanning botnets - is there something I can do to block them from my site?
2013-09-24/a>Tom WebbIDS, NSM, and Log Management with Security Onion 12.04.3
2013-02-25/a>Rob VandenBrinkSilent Traitors - Embedded Devices in your Datacenter
2012-12-27/a>John BambenekIt's 3pm 2 days after Christmas, do you know where your unmanaged SSH keys are?
2012-08-21/a>Adrien de BeaupreRuggedCom fails key management 101 on Rugged Operating System (ROS)
2012-04-23/a>Russ McReeEmergency Operations Centers & Security Incident Management: A Correlation
2011-10-28/a>Russ McReeCritical Control 19: Data Recovery Capability
2010-08-19/a>Rob VandenBrinkChange is Good. Change is Bad. Change is Life.
2009-05-01/a>Adrien de BeaupreIncident Management
2009-03-20/a>donald smithStealthier then a MBR rootkit, more powerful then ring 0 control, it’s the soon to be developed SMM root kit.

MODE

2014-06-01/a>Johannes UllrichWhen was the last time you checked your Comcast cable modem settings?
2014-02-19/a>Russ McReeThreat modeling in the name of security
2010-07-21/a>Adrien de BeaupreAdobe Reader Protected Mode
2009-05-28/a>Jim ClausingMore new volatility plugins
2009-03-20/a>donald smithStealthier then a MBR rootkit, more powerful then ring 0 control, it’s the soon to be developed SMM root kit.
2006-09-13/a>Swa FrantzenPHP - shared hosters, take note.

ATTACK

2019-08-25/a>Guy BruneauAre there any Advantages of Buying Cyber Security Insurance?
2019-07-20/a>Guy BruneauRe-evaluating Network Security - It is Increasingly More Complex
2017-09-06/a>Adrien de BeaupreModern Web Application Penetration Testing , Hash Length Extension Attacks
2016-11-02/a>Rob VandenBrinkWhat Does a Pentest Look Like?
2016-06-03/a>Tom ListonMySQL is YourSQL
2015-03-18/a>Daniel WesemannPass the hash!
2015-02-19/a>Daniel WesemannDNS-based DDoS
2014-02-26/a>Russ McReeOngoing NTP Amplification Attacks
2014-02-17/a>Chris MohanNTP reflection attacks continue
2013-12-02/a>Richard PorterReports of higher than normal SSH Attacks
2013-08-19/a>Guy Bruneau Business Risks and Cyber Attacks
2013-07-27/a>Scott FendleyDefending Against Web Server Denial of Service Attacks
2013-07-13/a>Lenny ZeltserDecoy Personas for Safeguarding Online Identity Using Deception
2012-10-05/a>Richard PorterReports of a Distributed Injection Scan
2011-12-28/a>Daniel WesemannHash collisions vulnerability in web servers
2011-12-01/a>Mark HofmanSQL Injection Attack happening ATM
2011-09-28/a>Richard PorterAll Along the ARP Tower!
2011-01-23/a>Richard PorterCrime is still Crime!
2010-12-23/a>Mark HofmanWhite house greeting cards
2010-08-16/a>Raul SilesDDOS: State of the Art
2010-08-15/a>Manuel Humberto Santander PelaezObfuscated SQL Injection attacks
2010-08-13/a>Tom ListonThe Strange Case of Doctor Jekyll and Mr. ED
2010-03-15/a>Adrien de BeaupreSpamassassin Milter Plugin Remote Root Attack
2010-01-29/a>Johannes UllrichAnalyzing isc.sans.org weblogs, part 2, RFI attacks
2009-11-11/a>Rob VandenBrinkLayer 2 Network Protections against Man in the Middle Attacks
2009-08-28/a>Adrien de BeaupreWPA with TKIP done
2009-06-04/a>Raul SilesTargeted e-mail attacks asking to verify wire transfer details
2009-04-20/a>Jason LamDigital Content on TV
2009-04-02/a>Bojan ZdrnjaJavaScript insertion and log deletion attack tools
2009-03-20/a>donald smithStealthier then a MBR rootkit, more powerful then ring 0 control, it’s the soon to be developed SMM root kit.
2009-02-25/a>Swa FrantzenTargeted link diversion attempts
2009-01-30/a>Mark HofmanRequest for info - Scan and webmail
2009-01-18/a>Maarten Van HorenbeeckTargeted social engineering
2008-12-03/a>Andre LudwigNew ISC Poll! Has your organization suffered a DDoS (Distributed Denial of Service) attack in the last year?
2008-07-09/a>Johannes UllrichUnpatched Word Vulnerability
2008-05-26/a>Marcus SachsPredictable Response
2008-03-27/a>Maarten Van HorenbeeckGuarding the guardians: a story of PGP key ring theft