Threat Level: green Handler on Duty: Yee Ching Tok

SANS ISC: Diaries by Keyword - SANS Internet Storm Center Diaries by Keyword

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title

ACTIVE EXPLOITATION

2009-07-13Adrien de Beaupre* Infocon raised to yellow for Excel Web Components ActiveX vulnerability

ACTIVE

2021-09-24/a>Xavier MertensKeep an Eye on Your Users Mobile Devices (Simple Inventory)
2021-09-08/a>Johannes UllrichMicrosoft Offers Workaround for 0-Day Office Vulnerability (CVE-2021-40444)
2021-06-25/a>Jim ClausingIs this traffic bAD?
2020-10-01/a>Daniel WesemannMaking sense of Azure AD (AAD) activity logs
2018-12-19/a>Xavier MertensUsing OSSEC Active-Response as a DFIR Framework
2015-06-24/a>Rob VandenBrinkThe Powershell Diaries - Finding Problem User Accounts in AD
2013-12-23/a>Rob VandenBrinkHow-To's for the Holidays - Java Whitelisting using AD Group Policy
2011-05-12/a>Johannes UllrichActiveX Flaw Affecting SCADA systems
2010-06-18/a>Tom ListonIMPORTANT INFORMATION: Distributed SSH Brute Force Attacks
2010-02-11/a>Deborah HaleCritical Update for AD RMS
2009-07-13/a>Adrien de BeaupreVulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution
2009-07-13/a>Adrien de Beaupre* Infocon raised to yellow for Excel Web Components ActiveX vulnerability
2008-08-15/a>Jim ClausingAnother MS update that may have escaped notice
2008-08-15/a>Jim ClausingWebEx ActiveX buffer overflow
2008-07-07/a>Scott FendleyMicrosoft Snapshot Viewer Security Advisory
2008-05-29/a>Joel EslerCreative Software AutoUpdate Engine ActiveX stack buffer overflow
2006-09-15/a>Swa FrantzenMSIE DirectAnimation ActiveX 0-day update

EXPLOITATION

2021-03-10/a>Rob VandenBrinkSharpRDP - PSExec without PSExec, PSRemoting without PowerShell
2018-06-05/a>Xavier MertensMalicious Post-Exploitation Batch File
2009-07-13/a>Adrien de Beaupre* Infocon raised to yellow for Excel Web Components ActiveX vulnerability