Diaries by Keyword - SANS Internet Storm Center

Handler on Duty: Didier Stevens

Threat Level: green

Date	Author	Title
POST EXPLOITATION
2021-03-10	Rob VandenBrink	SharpRDP - PSExec without PSExec, PSRemoting without PowerShell
POST
2023-09-09/a>	Guy Bruneau	?Anyone get the ASN of the Truck that Hit Me?!?: Creating a PowerShell Function to Make 3rd Party API Calls for Extending Honeypot Information [Guest Diary]
2023-08-25/a>	Xavier Mertens	Python Malware Using Postgresql for C2 Communications
2022-07-26/a>	Xavier Mertens	How is Your macOS Security Posture?
2021-03-10/a>	Rob VandenBrink	SharpRDP - PSExec without PSExec, PSRemoting without PowerShell
2018-06-05/a>	Xavier Mertens	Malicious Post-Exploitation Batch File
2017-06-28/a>	Brad Duncan	Catching up with Blank Slate: a malspam campaign still going strong
2017-02-02/a>	Rick Wanner	Multiple vulnerabilities discovered in popular printer models
2016-10-25/a>	Xavier Mertens	Another Day, Another Spam...
2015-03-18/a>	Daniel Wesemann	New SANS memory forensics poster
2013-07-16/a>	Johannes Ullrich	Why don't we see more examples of web app attacks via POST?
2013-04-04/a>	Johannes Ullrich	Postgresql Patches Critical Vulnerability
2009-07-12/a>	Mari Nichols	CA Apologizes for False Positive
EXPLOITATION
2023-12-20/a>	Guy Bruneau	How to Protect your Webserver from Directory Enumeration Attack ? Apache2 [Guest Diary]
2021-03-10/a>	Rob VandenBrink	SharpRDP - PSExec without PSExec, PSRemoting without PowerShell
2018-06-05/a>	Xavier Mertens	Malicious Post-Exploitation Batch File
2009-07-13/a>	Adrien de Beaupre	* Infocon raised to yellow for Excel Web Components ActiveX vulnerability