Date Author Title

CHANGE CONTROL PROCESS

2014-02-10Rob VandenBrinkA Tale of Two Admins (and no Change Control)

CHANGE

2022-12-22/a>Guy BruneauExchange OWASSRF Exploited for Remote Code Execution
2022-01-02/a>Guy BruneauExchange Server - Email Trapped in Transport Queues
2021-11-15/a>Rob VandenBrinkChanging your AD Password Using the Clipboard - Not as Easy as You'd Think!
2021-09-24/a>Xavier MertensKeep an Eye on Your Users Mobile Devices (Simple Inventory)
2021-08-13/a>Guy BruneauScanning for Microsoft Exchange eDiscovery
2021-03-03/a>Johannes UllrichMicrosoft Releases Exchange Emergency Patch to Fix Actively Exploited Vulnerability
2020-12-08/a>Johannes UllrichDecember 2020 Microsoft Patch Tuesday: Exchange, Sharepoint, Dynamics and DNS Spoofing
2019-01-28/a>Bojan ZdrnjaRelaying Exchange?s NTLM authentication to domain admin (and more)
2017-05-17/a>Richard PorterWait What? We don?t have to change passwords every 90 days?
2016-10-08/a>Russell EubanksUnauthorized Change Detected!
2014-09-26/a>Richard PorterWhy We Have Moved to InfoCon:Yellow
2014-05-22/a>Rob VandenBrinkAnother Site Breached - Time to Change your Passwords! (If you can that is)
2014-04-27/a>Tony CarothersThe Dreaded "D" Word of IT
2014-02-10/a>Rob VandenBrinkA Tale of Two Admins (and no Change Control)
2013-11-29/a>Russ McReeMS Exchange update, includes failed backup fix: http://support.microsoft.com/kb/2892464
2013-08-15/a>Johannes UllrichMicrosoft Pulls MS013-061 due to problems with Exchange Server 2013 http://blogs.technet.com/b/exchange/archive/2013/08/14/exchange-2013-security-update-ms13-061-status-update.aspx
2013-02-22/a>Chris MohanPHP 5.4.12 and PHP 5.3.22 released http://www.php.net/ChangeLog-5.php
2012-12-18/a>Dan GoldbergMitigating the impact of organizational change: a risk assessment
2012-11-23/a>Rob VandenBrinkWhat's in Your Change Control Form?
2012-07-25/a>Johannes UllrichMicrosoft Exchange/Sharepoint and others: Oracle Outside In Vulnerability
2012-05-30/a>Rob VandenBrinkToo Big to Fail / Too Big to Learn?
2012-02-23/a>donald smithDNS-Changer "clean DNS" extension requested
2012-02-20/a>Rick WannerDNSChanger resolver shutdown deadline is March 8th
2011-11-09/a>Russ McReeOperation Ghost Click: FBI bags crime ring responsible for $14 million in losses
2011-08-05/a>donald smithNew Mac Trojan: BASH/QHost.WB
2010-08-19/a>Rob VandenBrinkChange is Good. Change is Bad. Change is Life.
2008-11-25/a>Andre LudwigOS X Dns Changers part three
2008-11-25/a>Andre LudwigTmobile G1 handsets having DNS problems?

CONTROL

2024-04-22/a>Jan KoprivaIt appears that the number of industrial devices accessible from the internet has risen by 30 thousand over the past three years
2022-05-03/a>Rob VandenBrinkFinding the Real "Last Patched" Day (Interim Version)
2021-07-08/a>Xavier MertensUsing Sudo with Python For More Security Controls
2021-05-12/a>Jan KoprivaNumber of industrial control systems on the internet is lower then in 2020...but still far from zero
2019-10-19/a>Russell EubanksWhat Assumptions Are You Making?
2019-07-25/a>Rob VandenBrinkWhen Users Attack! Users (and Admins) Thwarting Security Controls
2019-07-18/a>Rob VandenBrinkThe Other Side of Critical Control 1: 802.1x Wired Network Access Controls
2017-07-24/a>Russell EubanksTrends Over Time
2017-06-10/a>Russell EubanksAn Occasional Look in the Rear View Mirror
2016-11-23/a>Tom WebbMapping Attack Methodology to Controls
2016-10-08/a>Russell EubanksUnauthorized Change Detected!
2016-07-26/a>Johannes UllrichCommand and Control Channels Using "AAAA" DNS Records
2015-12-21/a>Daniel WesemannCritical Security Controls: Getting to know the unknown
2015-11-04/a>Richard PorterApplication Aware and Critical Control 2
2015-05-29/a>Russell EubanksTrust But Verify
2014-10-13/a>Lorna HutchesonFor or Against: Port Security for Network Access Control
2014-08-17/a>Rick WannerPart 2: Is your home network unwittingly contributing to NTP DDOS attacks?
2014-07-28/a>Guy BruneauManagement and Control of Mobile Device Security
2014-06-11/a>Daniel WesemannHelp your pilot fly!
2014-02-10/a>Rob VandenBrinkA Tale of Two Admins (and no Change Control)
2013-09-02/a>Guy BruneauMultiple Cisco Security Notice
2013-03-13/a>Mark BaggettWipe the drive! Stealthy Malware Persistence Mechanism - Part 1
2012-12-31/a>Manuel Humberto Santander PelaezHow to determine which NAC solutions fits best to your needs
2012-11-23/a>Rob VandenBrinkWhat's in Your Change Control Form?
2011-11-03/a>Richard PorterAn Apple, Inc. Sandbox to play in.
2011-10-29/a>Richard PorterThe Sub Critical Control? Evidence Collection
2011-10-28/a>Daniel WesemannCritical Control 20: Security Skills Assessment and Training to fill Gaps
2011-10-27/a>Mark BaggettCritical Control 18: Incident Response Capabilities
2011-10-26/a>Rick WannerCritical Control 17:Penetration Tests and Red Team Exercises
2011-10-17/a>Rob VandenBrinkCritical Control 11: Account Monitoring and Control
2010-08-22/a>Rick WannerFailure of controls...Spanair crash caused by a Trojan
2010-08-19/a>Rob VandenBrinkChange is Good. Change is Bad. Change is Life.
2010-08-05/a>Rob VandenBrinkAccess Controls for Network Infrastructure
2010-06-14/a>Manuel Humberto Santander PelaezPython on a microcontroller?
2010-06-07/a>Manuel Humberto Santander PelaezSoftware Restriction Policy to keep malware away
2009-10-22/a>Adrien de BeaupreCyber Security Awareness Month - Day 22 port 502 TCP - Modbus

PROCESS

2024-10-03/a>Guy BruneauKickstart Your DShield Honeypot [Guest Diary]
2024-07-25/a>Xavier MertensXWorm Hidden With Process Hollowing
2023-11-09/a>Xavier MertensVisual Examples of Code Injection
2023-08-26/a>Xavier MertensmacOS: Who?s Behind This Network Connection?
2023-05-24/a>Jesse La GrewMore Data Enrichment for Cowrie Logs
2022-09-14/a>Xavier MertensEasy Process Injection within Python
2022-03-15/a>Xavier MertensClean Binaries with Suspicious Behaviour
2021-05-30/a>Didier StevensSysinternals: Procmon, Sysmon, TcpView and Process Explorer update
2021-03-04/a>Xavier MertensFrom VBS, PowerShell, C Sharp, Process Hollowing to RAT
2021-01-17/a>Didier StevensNew Release of Sysmon Adding Detection for Process Tampering
2020-02-16/a>Guy BruneauSOAR or not to SOAR?
2019-06-27/a>Rob VandenBrinkFinding the Gold in a Pile of Pennies - Long Tail Analysis in PowerShell
2018-09-20/a>Xavier MertensHunting for Suspicious Processes with OSSEC
2018-07-03/a>Didier StevensProgress indication for scripts on Windows
2015-07-17/a>Didier StevensProcess Explorer and VirusTotal
2014-04-27/a>Tony CarothersThe Dreaded "D" Word of IT
2014-02-27/a>Richard PorterDDoS and BCP 38
2014-02-10/a>Rob VandenBrinkA Tale of Two Admins (and no Change Control)
2014-02-07/a>Rob VandenBrinkHello Virustotal? It's Microsoft Calling.
2013-02-06/a>Adam SwangerSysinternals in particular Process Explorer update https://blogs.technet.com/b/sysinternals/?Redirected=true
2012-01-13/a>Guy BruneauSysinternals Updates - http://blogs.technet.com/b/sysinternals/archive/2012/01/13/updates-autoruns-v11-21-coreinfo-v3-03-portmon-v-3-03-process-explorer-v15-12-mark-s-blog-and-mark-at-rsa-2012.aspx
2011-12-19/a>Guy BruneauProcess Explorer Update 15.11 with bugfixes - http://technet.microsoft.com/en-us/sysinternals/bb896653
2010-01-23/a>Lorna HutchesonThe necessary evils: Policies, Processes and Procedures
2009-10-22/a>Adrien de BeaupreCyber Security Awareness Month - Day 22 port 502 TCP - Modbus
2009-09-19/a>Rick WannerSysinternals Tools Updates
2009-08-30/a>Tony CarothersHow do I recover from.....?