Internet Storm Center
Sign In
Sign Up
Handler on Duty:
Didier Stevens
Threat Level:
green
Date
Author
Title
USER AGENT STRING
2018-01-01
Didier Stevens
What is new?
2014-04-05
Jim Clausing
Those strange e-mails with URLs in them can lead to Android malware
2013-01-15
Rob VandenBrink
When Disabling IE6 (or Java, or whatever) is not an Option...
USER
2024-10-16/a>
Johannes Ullrich
The Top 10 Not So Common SSH Usernames and Passwords
2024-02-28/a>
Johannes Ullrich
Exploit Attempts for Unknown Password Reset Vulnerability
2024-01-24/a>
Johannes Ullrich
How Bad User Interfaces Make Security Tools Harmful
2024-01-08/a>
Jesse La Grew
What is that User Agent?
2023-09-05/a>
Jesse La Grew
Common usernames submitted to honeypots
2021-09-24/a>
Xavier Mertens
Keep an Eye on Your Users Mobile Devices (Simple Inventory)
2021-04-24/a>
Guy Bruneau
Base64 Hashes Used in Web Scanning
2021-03-02/a>
Russ McRee
Adversary Simulation with Sim
2019-07-25/a>
Rob VandenBrink
When Users Attack! Users (and Admins) Thwarting Security Controls
2019-07-05/a>
Didier Stevens
A "Stream O" Maldoc
2019-07-01/a>
Didier Stevens
Maldoc: Payloads in User Forms
2018-05-27/a>
Guy Bruneau
Capture and Analysis of User Agents
2018-01-01/a>
Didier Stevens
What is new?
2014-04-05/a>
Jim Clausing
Those strange e-mails with URLs in them can lead to Android malware
2013-01-15/a>
Rob VandenBrink
When Disabling IE6 (or Java, or whatever) is not an Option...
2012-07-14/a>
Tony Carothers
User Awareness and Education
2012-04-05/a>
Johannes Ullrich
Evil hides everywhere: Web Application Exploits in Headers
2011-08-26/a>
Daniel Wesemann
User Agent 007
2010-10-19/a>
Rob VandenBrink
Cyber Security Awareness Month - Day 19 - Remote User VPN Tunnels - to Split or not to Split?
2010-10-19/a>
Rob VandenBrink
Cyber Security Awareness Month - Day 19 - Remote User VPN Access – Are things getting too easy, or too hard?
2009-05-28/a>
Jim Clausing
More new volatility plugins
2008-09-18/a>
Bojan Zdrnja
Monitoring HTTP User-Agent fields
AGENT
2024-04-17/a>
Xavier Mertens
Malicious PDF File Used As Delivery Mechanism
2024-02-03/a>
Guy Bruneau
DShield Sensor Log Collection with Elasticsearch
2024-01-08/a>
Jesse La Grew
What is that User Agent?
2023-08-23/a>
Xavier Mertens
More Exotic Excel Files Dropping AgentTesla
2023-07-01/a>
Russ McRee
Sandfly Security
2021-12-31/a>
Jan Kopriva
Do you want your Agent Tesla in the 300 MB or 8 kB package?
2021-12-30/a>
Brad Duncan
Agent Tesla Updates SMTP Data Exfiltration Technique
2021-12-20/a>
Jan Kopriva
PowerPoint attachments, Agent Tesla and code reuse in malware
2021-11-18/a>
Xavier Mertens
JavaScript Downloader Delivers Agent Tesla Trojan
2021-09-24/a>
Xavier Mertens
Keep an Eye on Your Users Mobile Devices (Simple Inventory)
2021-06-30/a>
Brad Duncan
June 2021 Forensic Contest: Answers and Analysis
2021-02-12/a>
Xavier Mertens
AgentTesla Dropped Through Automatic Click in Microsoft Help File
2021-02-11/a>
Jan Kopriva
Agent Tesla hidden in a historical anti-malware tool
2020-10-21/a>
Daniel Wesemann
Shipping dangerous goods
2020-05-23/a>
Xavier Mertens
AgentTesla Delivered via a Malicious PowerPoint Add-In
2020-04-28/a>
Jan Kopriva
Agent Tesla delivered by the same phishing campaign for over a year
2020-03-11/a>
Xavier Mertens
Agent Tesla Delivered via Fake Canon EOS Notification on Free OwnCloud Account
2019-11-27/a>
Brad Duncan
Finding an Agent Tesla malware sample
2019-09-19/a>
Xavier Mertens
Agent Tesla Trojan Abusing Corporate Email Accounts
2018-12-19/a>
Xavier Mertens
Using OSSEC Active-Response as a DFIR Framework
2018-08-02/a>
Brad Duncan
DHL-themed malspam reveals embedded malware in animated gif
2018-05-27/a>
Guy Bruneau
Capture and Analysis of User Agents
2018-01-01/a>
Didier Stevens
What is new?
2014-04-05/a>
Jim Clausing
Those strange e-mails with URLs in them can lead to Android malware
2013-01-15/a>
Rob VandenBrink
When Disabling IE6 (or Java, or whatever) is not an Option...
2012-06-25/a>
Guy Bruneau
Issues with Windows Update Agent
2012-04-05/a>
Johannes Ullrich
Evil hides everywhere: Web Application Exploits in Headers
2011-08-26/a>
Daniel Wesemann
User Agent 007
2011-07-13/a>
Guy Bruneau
New Sguil HTTPRY Agent
2010-02-17/a>
Rob VandenBrink
Cisco Security Agent Security Updates: cisco-sa-20100217-csa
2008-09-18/a>
Bojan Zdrnja
Monitoring HTTP User-Agent fields
STRING
2024-01-02/a>
Johannes Ullrich
Fingerprinting SSH Identification Strings
2023-08-17/a>
Jesse La Grew
Command Line Parsing - Are These Really Unique Strings?
2022-06-23/a>
Xavier Mertens
FLOSS 2.0 Has Been Released
2022-04-10/a>
Didier Stevens
Video: Method For String Extraction Filtering
2022-04-09/a>
Didier Stevens
Method For String Extraction Filtering
2021-11-25/a>
Didier Stevens
YARA's Private Strings
2021-09-25/a>
Didier Stevens
Strings Analysis: VBA & Excel4 Maldoc
2021-09-25/a>
Didier Stevens
Video: Strings Analysis: VBA & Excel4 Maldoc
2021-07-03/a>
Didier Stevens
Finding Strings With oledump.py
2021-06-28/a>
Didier Stevens
CFBF Files Strings Analysis
2021-01-10/a>
Didier Stevens
Maldoc Analysis With CyberChef
2021-01-09/a>
Didier Stevens
Maldoc Strings Analysis
2021-01-01/a>
Didier Stevens
Strings 2021
2020-10-25/a>
Didier Stevens
Video: Pascal Strings
2020-06-01/a>
Jim Clausing
Stackstrings, type 2
2020-05-22/a>
Didier Stevens
Some Strings to Remember
2020-05-21/a>
Xavier Mertens
Malware Triage with FLOSS: API Calls Based Behavior
2020-04-27/a>
Xavier Mertens
Powershell Payload Stored in a PSCredential Object
2018-12-09/a>
Didier Stevens
Quickie: String Analysis is Still Useful
2018-01-01/a>
Didier Stevens
What is new?
2014-04-05/a>
Jim Clausing
Those strange e-mails with URLs in them can lead to Android malware
2013-06-21/a>
Guy Bruneau
Sysinternals Updates for Autoruns, Strings & ZoomIt http://blogs.technet.com/b/sysinternals/archive/2013/06/20/updates-autoruns-v11-61-strings-v2-52-zoomit-v4-5.aspx
2013-05-20/a>
Guy Bruneau
Sysinternals Updates for Accesschk, Procdump, RAMMap and Strings http://blogs.technet.com/b/sysinternals/archive/2013/05/17/updates-accesschk-v5-11-procdump-v6-0-rammap-v1-22-strings-v2-51.aspx
2013-01-15/a>
Rob VandenBrink
When Disabling IE6 (or Java, or whatever) is not an Option...
2007-01-03/a>
Toby Kohlenberg
VLC Media Player udp URL handler Format String Vulnerability
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
Make the web a better place by
sharing the SANS Internet Storm Center
with others