Diaries by Keyword - SANS Internet Storm Center

Handler on Duty: Didier Stevens

Threat Level: green

Date	Author	Title
2024-11-06	Jesse La Grew	[Guest Diary] Insights from August Web Traffic Surge
2024-08-22	Johannes Ullrich	OpenAI Scans for Honeypots. Artificially Malicious? Action Abuse?
2022-04-04	Johannes Ullrich	Emptying the Phishtank: Are WordPress sites the Mosquitoes of the Internet?
2022-02-02	Johannes Ullrich	Finding elFinder: Who is looking for your files?
2021-11-30	Johannes Ullrich	Hunting for PHPUnit Installed via Composer
2019-07-18	Xavier Mertens	Malicious PHP Script Back on Stage?
2018-06-13	Xavier Mertens	A Bunch of Compromized Wordpress Sites
2018-01-09	Jim Clausing	Are you watching for brute force attacks on IPv6?
2017-05-05	Xavier Mertens	HTTP Headers... the Achilles' heel of many applications
2017-02-04	Xavier Mertens	Detecting Undisclosed Vulnerabilities with Security Tools & Features
2015-03-13	Guy Bruneau	Blind SQL Injection against WordPress SEO by Yoast
2014-11-20	Johannes Ullrich	Critical WordPress XSS Update
2014-07-22	Daniel Wesemann	WordPress brute force attack via wp.getUsersBlogs
2014-06-19	Tony Carothers	WordPress and Security
2014-03-12	Johannes Ullrich	Wordpress "Pingback" DDoS Attacks
2012-05-22	Johannes Ullrich	nmap 6 released
2012-04-21	Guy Bruneau	WordPress Release Security Update
2012-01-05	Russ McRee	WordPress 3.3.1 fixes 15 issues with WordPress 3.3 including XSS. Download 3.3.1 or visit Dashboard --> Updates in your site admin panel.
2011-06-30	Guy Bruneau	WordPress 3.1.4 Security Update - http://wordpress.org/news/2011/06/wordpress-3-1-4/
2011-06-22	Guy Bruneau	WordPress Forces Password Reset
2011-04-18	John Bambenek	Wordpress.com Security Breach
2011-02-08	Mark Hofman	WordPress 3.0.5 (and 3.1 RC4) are out
2010-12-30	Johannes Ullrich	Critcal Wordpress Security Update http://wordpress.org/news/2010/12/3-0-4-update/
2010-12-02	Kevin Johnson	SQL Injection: Wordpress 3.0.2 released
2010-05-19	Kyle Haugsness	Wordpress blog attacks... again
2010-05-10	Toby Kohlenberg	Another round of WordPress Attacks
2010-02-05	Jim Clausing	WordPress iframe injection?
2009-11-30	Bojan Zdrnja	Distributed Wordpress admin account cracking
2009-10-21	Pedro Bueno	WordPress Hardening
2009-08-11	Swa Frantzen	Wordpress unauthenticated administrator password reset
2008-09-09	Swa Frantzen	wordpress upgrade
2008-04-23	Mari Nichols	What's New, Old and Morphing?