Internet Storm Center
Sign In
Sign Up
Participate: Learn more about our honeypot network
https://isc.sans.edu/tools/honeypot/
Handler on Duty:
Guy Bruneau
Threat Level:
green
Date
Author
Title
USER BEHAVIOR
2021-03-02
Russ McRee
Adversary Simulation with Sim
2019-07-25
Rob VandenBrink
When Users Attack! Users (and Admins) Thwarting Security Controls
USER
2021-09-24/a>
Xavier Mertens
Keep an Eye on Your Users Mobile Devices (Simple Inventory)
2021-04-24/a>
Guy Bruneau
Base64 Hashes Used in Web Scanning
2021-03-02/a>
Russ McRee
Adversary Simulation with Sim
2019-07-25/a>
Rob VandenBrink
When Users Attack! Users (and Admins) Thwarting Security Controls
2019-07-05/a>
Didier Stevens
A "Stream O" Maldoc
2019-07-01/a>
Didier Stevens
Maldoc: Payloads in User Forms
2018-05-27/a>
Guy Bruneau
Capture and Analysis of User Agents
2018-01-01/a>
Didier Stevens
What is new?
2014-04-05/a>
Jim Clausing
Those strange e-mails with URLs in them can lead to Android malware
2013-01-15/a>
Rob VandenBrink
When Disabling IE6 (or Java, or whatever) is not an Option...
2012-07-14/a>
Tony Carothers
User Awareness and Education
2012-04-05/a>
Johannes Ullrich
Evil hides everywhere: Web Application Exploits in Headers
2011-08-26/a>
Daniel Wesemann
User Agent 007
2010-10-19/a>
Rob VandenBrink
Cyber Security Awareness Month - Day 19 - Remote User VPN Tunnels - to Split or not to Split?
2010-10-19/a>
Rob VandenBrink
Cyber Security Awareness Month - Day 19 - Remote User VPN Access – Are things getting too easy, or too hard?
2009-05-28/a>
Jim Clausing
More new volatility plugins
2008-09-18/a>
Bojan Zdrnja
Monitoring HTTP User-Agent fields
BEHAVIOR
2021-03-02/a>
Russ McRee
Adversary Simulation with Sim
2019-07-25/a>
Rob VandenBrink
When Users Attack! Users (and Admins) Thwarting Security Controls
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Forums
Auditing
Diary Discussions
Forensics
General Discussions
Industry News
Network Security
Penetration Testing
Software Security
Contact Us
Contact Us
About Us
Handlers
Slack Channel
Mastodon
Twitter
Learn
about the Internet Storm Center
and our
volunteer InfoSec handlers