Diaries by Keyword - SANS Internet Storm Center

Handler on Duty: Didier Stevens

Threat Level: green

Date	Author	Title
2024-01-08	Jesse La Grew	What is that User Agent?
2022-08-10	Johannes Ullrich	And Here They Come Again: DNS Reflection Attacks
2022-03-26	Guy Bruneau	Is buying Cyber Insurance a Must Now?
2022-02-03	Johannes Ullrich	Keeping Track of Your Attack Surface for Cheap
2021-02-01	Rob VandenBrink	Taking a Shot at Reverse Shell Attacks, CNC Phone Home and Data Exfil from Servers
2019-08-25	Guy Bruneau	Are there any Advantages of Buying Cyber Security Insurance?
2019-07-20	Guy Bruneau	Re-evaluating Network Security - It is Increasingly More Complex
2017-09-06	Adrien de Beaupre	Modern Web Application Penetration Testing , Hash Length Extension Attacks
2016-11-02	Rob VandenBrink	What Does a Pentest Look Like?
2016-06-03	Tom Liston	MySQL is YourSQL
2015-03-18	Daniel Wesemann	Pass the hash!
2015-02-19	Daniel Wesemann	DNS-based DDoS
2014-02-26	Russ McRee	Ongoing NTP Amplification Attacks
2014-02-17	Chris Mohan	NTP reflection attacks continue
2013-12-02	Richard Porter	Reports of higher than normal SSH Attacks
2013-08-19	Guy Bruneau	Business Risks and Cyber Attacks
2013-07-27	Scott Fendley	Defending Against Web Server Denial of Service Attacks
2013-07-13	Lenny Zeltser	Decoy Personas for Safeguarding Online Identity Using Deception
2012-10-05	Richard Porter	Reports of a Distributed Injection Scan
2011-12-28	Daniel Wesemann	Hash collisions vulnerability in web servers
2011-12-01	Mark Hofman	SQL Injection Attack happening ATM
2011-09-28	Richard Porter	All Along the ARP Tower!
2011-01-23	Richard Porter	Crime is still Crime!
2010-12-23	Mark Hofman	White house greeting cards
2010-08-16	Raul Siles	DDOS: State of the Art
2010-08-15	Manuel Humberto Santander Pelaez	Obfuscated SQL Injection attacks
2010-08-13	Tom Liston	The Strange Case of Doctor Jekyll and Mr. ED
2010-03-15	Adrien de Beaupre	Spamassassin Milter Plugin Remote Root Attack
2010-01-29	Johannes Ullrich	Analyzing isc.sans.org weblogs, part 2, RFI attacks
2009-11-11	Rob VandenBrink	Layer 2 Network Protections against Man in the Middle Attacks
2009-08-28	Adrien de Beaupre	WPA with TKIP done
2009-06-04	Raul Siles	Targeted e-mail attacks asking to verify wire transfer details
2009-04-20	Jason Lam	Digital Content on TV
2009-04-02	Bojan Zdrnja	JavaScript insertion and log deletion attack tools
2009-03-20	donald smith	Stealthier then a MBR rootkit, more powerful then ring 0 control, it’s the soon to be developed SMM root kit.
2009-02-25	Swa Frantzen	Targeted link diversion attempts
2009-01-30	Mark Hofman	Request for info - Scan and webmail
2009-01-18	Maarten Van Horenbeeck	Targeted social engineering
2008-12-03	Andre Ludwig	New ISC Poll! Has your organization suffered a DDoS (Distributed Denial of Service) attack in the last year?
2008-07-09	Johannes Ullrich	Unpatched Word Vulnerability
2008-05-26	Marcus Sachs	Predictable Response
2008-03-27	Maarten Van Horenbeeck	Guarding the guardians: a story of PGP key ring theft