Diaries by Keyword - SANS Internet Storm Center

Handler on Duty: Didier Stevens

Threat Level: green

Date	Author	Title
2024-05-27	Jan Kopriva	Files with TXZ extension used as malspam attachments
2023-12-13	Guy Bruneau	T-shooting Terraform for DShield Honeypot in Azure [Guest Diary]
2023-12-06	Guy Bruneau	Revealing the Hidden Risks of QR Codes [Guest Diary]
2023-07-12	Brad Duncan	Loader activity for Formbook "QM18"
2023-06-17	Brad Duncan	Formbook from Possible ModiLoader (DBatLoader)
2022-10-22	Didier Stevens	rtfdump's Find Option
2022-06-15	Johannes Ullrich	Terraforming Honeypots. Installing DShield Sensors in the Cloud
2022-03-23	Brad Duncan	Arkei Variants: From Vidar to Mars Stealer
2021-12-16	Brad Duncan	How the "Contact Forms" campaign tricks people
2021-11-19	Xavier Mertens	Downloader Disguised as Excel Add-In (XLL)
2021-10-31	Didier Stevens	Video: Phishing ZIP With Malformed Filename
2021-10-24	Didier Stevens	Phishing ZIP With Malformed Filename
2020-12-29	Jan Kopriva	Want to know what's in a folder you don't have a permission to access? Try asking your AV solution...
2020-11-19	Xavier Mertens	PowerShell Dropper Delivering Formbook
2020-07-10	Brad Duncan	Excel spreasheet macro kicks off Formbook infection
2020-04-26	Didier Stevens	Video: Malformed .docm File
2020-03-15	Guy Bruneau	VPN Access and Activity Monitoring
2019-11-06	Brad Duncan	More malspam pushing Formbook
2019-07-10	Rob VandenBrink	Dumping File Contents in Hex (in PowerShell)
2019-07-05	Didier Stevens	A "Stream O" Maldoc
2019-07-01	Didier Stevens	Maldoc: Payloads in User Forms
2018-08-23	Xavier Mertens	Simple Phishing Through formcrafts.com
2017-10-03	Brad Duncan	Malspam pushing Formbook info stealer
2013-02-17	Guy Bruneau	HP ArcSight Connector Appliance and Logger Vulnerabilities
2011-02-19	Guy Bruneau	Snort Data Acquisition Library
2011-02-05	Guy Bruneau	OpenSSH Legacy Certificate Information Disclosure Vulnerability
2011-01-12	Richard Porter	How Many Loyalty Cards do you Carry?
2010-10-22	Manuel Humberto Santander Pelaez	Intypedia project
2010-07-24	Manuel Humberto Santander Pelaez	Transmiting logon information unsecured in the network
2010-06-15	Manuel Humberto Santander Pelaez	iPhone 4 Order Security Breach Exposes Private Information
2010-04-21	Guy Bruneau	Google Chrome Security Update v4.1.249.1059 Released: http://googlechromereleases.blogspot.com/2010/04/stable-update-security-fixes.html
2010-03-27	Guy Bruneau	HP-UX Running NFS/ONCplus, Inadvertently Enabled NFS
2009-11-29	Patrick Nolan	A Cloudy Weekend
2009-10-04	Guy Bruneau	Samba Security Information Disclosure and DoS
2009-07-17	John Bambenek	Cross-Platform, Cross-Browser DoS Vulnerability
2009-07-10	Guy Bruneau	WordPress Fixes Multiple vulnerabilities
2009-03-02	Swa Frantzen	Obama's leaked chopper blueprints: anything we can learn?
2008-09-11	David Goldsmith	CookieMonster is coming to Pown (err, Town)
2008-04-07	John Bambenek	HP USB Keys Shipped with Malware for your Proliant Server
2007-01-03	Toby Kohlenberg	VLC Media Player udp URL handler Format String Vulnerability