Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: Diaries by Keyword - SANS Internet Storm Center Diaries by Keyword

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title
2021-08-15Didier StevensSimple Tips For Triage Of MALWARE Bazaar's Daily Malware Batches
2021-08-07Didier StevensMALWARE Bazaar "Download daily malware batches"
2021-07-21Johannes Ullrich"Summer of SAM": Microsoft Releases Guidance for CVE-2021-36934
2021-07-20Bojan ZdrnjaSummer of SAM - incorrect permissions on Windows 10/11 hives
2021-05-21Xavier MertensLocking Kernel32.dll As Anti-Debugging Technique
2020-05-06Xavier MertensKeeping an Eye on Malicious Files Life Time
2019-07-10Rob VandenBrinkSamba Project tells us "What's New" - SMBv1 Disabled by Default (finally)
2017-08-01Rob VandenBrinkRooting Out Hosts that Support Older Samba Versions
2017-05-25Xavier MertensCritical Vulnerability in Samba from 3.5.0 onwards
2017-03-18Xavier MertensExample of Multiple Stages Dropper
2017-02-05Xavier MertensMany Malware Samples Found on Pastebin
2016-04-10Didier StevensHandling Malware Samples
2016-03-06Jim ClausingNovel method for slowing down Locky on Samba server using fail2ban
2014-10-09Johannes UllrichCSAM: My servers started speaking IRC, and that is when I started to listen!
2014-10-06Johannes UllrichCSAM: Patch and get pw0ned (not OR).
2014-10-03Johannes UllrichCSAM: The Power of Virustotal to Turn Harmless Binaries Malicious
2014-10-02Johannes UllrichCSAM: My Storage Array SSHs Outbound!
2014-09-22Johannes UllrichCyber Security Awareness Month: What's your favorite/most scary false positive
2014-08-02Chris MohanAll Samba 4.x.x are vulnerable to a remote code execution vulnerability in the nmbd NetBIOS name services daemon
2013-10-18Rob VandenBrinkCSAM - Why am I seeing DNS Requests to IANA.ORG in my Firewall Logs?
2013-10-15Rob VandenBrinkCSAM: Microsoft Logs - NPS and IAS (RADIUS)
2013-10-10Mark HofmanCSAM Some more unusual scans
2013-10-09Johannes UllrichCSAM: SSL Request Logs
2013-10-08Johannes UllrichCSAM: ANY queries used in reflective DoS attack
2013-10-02Johannes UllrichCSAM: Misc. DNS Logs
2012-10-30Mark HofmanCyber Security Awareness Month - Day 30 - DSD 35 mitigating controls
2012-10-23Rob VandenBrinkCyber Security Awareness Month - Day 23: Character Encoding Standards - ASCII and Successors
2012-10-11Rob VandenBrinkCyber Security Awareness Month - Day 11 - Vendor Agnostic Standards (Center for Internet Security)
2012-10-09Johannes UllrichCyber Security Awreness Month - Day 9 - Request for Comment (RFC)
2012-10-06Manuel Humberto Santander PelaezCyber Security Awareness Month - Day 6 - NERC: The standard that enforces security on power SCADA
2012-10-04Johannes UllrichCyber Security Awareness Month - Day 4: Crypto Standards
2012-10-03Kevin ShorttCyber Security Awareness Month - Day 3 - Standard Sudo - Part One
2012-09-21Guy BruneauStoring your Collection of Malware Samples with Malwarehouse
2012-04-10Swa FrantzenSAMBA "root" credential remote code execution.
2012-02-24Guy BruneauBlackBerry PlayBook tablet Samba file sharing Vulnerability - http://www.blackberry.com/btsc/KB29565
2011-11-15Adrien de Beauprewww.disa.mil down?
2011-10-26Rick WannerCritical Control 17:Penetration Tests and Red Team Exercises
2011-08-10Guy BruneauSamba 3.6.0 Released
2010-12-30Rick WannerSamuraiWTF Review over at ISSA Toolsmith
2010-10-31Marcus SachsCyber Security Awareness Month - Day 31 - Tying it all together
2010-10-28Rick WannerCyber Security Awareness Month - Day 27 - Social Media use in the office
2010-10-28Tony CarothersCyber Security Awareness Month - Day 28 - Role of the employee
2010-10-26Pedro BuenoCyber Security Awareness Month - Day 26 - Sharing Office Files
2010-10-24Swa FrantzenCyber Security Awarenes Month - Day 24 - Using work computers at home
2010-10-23Mark HofmanCyber Security Awareness Month - Day 23 - The Importance of compliance
2010-10-22Daniel WesemannCyber Security Awareness Month - Day 22 - Security of removable media
2010-10-21Chris CarboniCyber Security Awareness Month - Day 21 - Impossible Requests from the Boss
2010-10-20Jim ClausingCyber Security Awareness Month - Day 20 - Securing Mobile Devices
2010-10-19Rob VandenBrinkCyber Security Awareness Month - Day 19 - Remote Access Tools
2010-10-19Rob VandenBrinkCyber Security Awareness Month - Day 19 - Remote User VPN Tunnels - to Split or not to Split?
2010-10-19Rob VandenBrinkCyber Security Awareness Month - Day 19 - VPN Architectures – SSL or IPSec?
2010-10-19Rob VandenBrinkCyber Security Awareness Month - Day 19 - Remote User VPN Access – Are things getting too easy, or too hard?
2010-10-19Rob VandenBrinkCyber Security Awareness Month - Day 19 - VPN and Remote Access Tools
2010-10-18Manuel Humberto Santander PelaezCyber Security Awareness Month - Day 18 - What you should tell your boss when there's a crisis
2010-10-17Stephen HallCyber Security Awareness Month - Day 17 - What a boss should and should not have access to
2010-10-13Deborah HaleCyber Security Awareness Month - Day 13 - Online Bullying
2010-10-12Scott FendleyCyber Security Awareness Month - Day 12 - Protecting and Managing Your Digital Identity On Social Media Sites
2010-10-11Rick WannerCyber Security Awareness Month - Day 11 - Safe Browsing for Teens
2010-10-09Kevin ShorttCyber Security Awareness Month - Day 9 - Disposal of an Old Computer
2010-10-08Rick WannerCyber Security Awareness Month - Day 8 - Patch Management and System Updates
2010-10-06Rob VandenBrinkCyber Security Awareness Month - Day 7 - Remote Access and Monitoring Tools
2010-10-06Marcus SachsCyber Security Awareness Month - Day 6 - Computer Monitoring Tools
2010-10-05Rick WannerCyber Security Awareness Month - Day 5 - Sites you should stay away from
2010-10-04Daniel WesemannCyber Security Awareness Month - Day 4 - Managing EMail
2010-10-03Adrien de Beaupre Cyber Security Awareness Month - Day 3 - Recognizing phishing and online scams
2010-10-02Mark HofmanCyber Security Awareness Month - Day 2 - Securing the Family Network
2010-10-01Marcus SachsCyber Security Awareness Month - Day 1 - Securing the Family PC
2010-03-08Raul SilesSamurai WTF 0.8
2009-10-31Rick WannerCyber Security Awareness Month - Day 31, ident
2009-10-30Rob VandenBrinkCyber Security Awareness Month - Day 30 - The "Common" IPSEC VPN Protocols - IKE / ISAKMP (500/udp), ESP (IP Protocol 50), NAT-T-IKE (500/udp, 4500/udp), PPTP (tcp/1723), GRE (IP Protocol 47)
2009-10-28Johannes UllrichCyber Security Awareness Month - Day 28 - ntp (123/udp)
2009-10-25Lorna HutchesonCyber Security Awareness Month - Day 25 - Port 80 and 443
2009-10-22Adrien de BeaupreCyber Security Awareness Month - Day 22 port 502 TCP - Modbus
2009-10-17Rick WannerCyber Security Awareness Month - Day 17 - Port 22/SSH
2009-10-04Guy BruneauSamba Security Information Disclosure and DoS
2009-03-10Swa FrantzenBrowser plug-ins, transparent proxies and same origin policies