Internet Storm Center
Sign In
Sign Up
Handler on Duty:
Didier Stevens
Threat Level:
green
Date
Author
Title
2024-09-16
Xavier Mertens
Managing PE Files With Overlays
2024-07-26
Xavier Mertens
ExelaStealer Delivered "From Russia With Love"
2023-12-15
Xavier Mertens
CSharp Payload Phoning to a CobaltStrike Server
2023-07-12
Brad Duncan
Loader activity for Formbook "QM18"
2023-06-24
Guy Bruneau
Email Spam with Attachment Modiloader
2023-06-19
Xavier Mertens
Malware Delivered Through .inf File
2023-05-30
Brad Duncan
Malspam pushes ModiLoader (DBatLoader) infection for Remcos RAT
2022-07-07
Brad Duncan
Emotet infection with Cobalt Strike
2022-05-30
Xavier Mertens
New Microsoft Office Attack Vector via "ms-msdt" Protocol Scheme (CVE-2022-30190)
2022-04-06
Brad Duncan
Windows MetaStealer Malware
2022-01-25
Bojan Zdrnja
Local privilege escalation vulnerability in polkit's pkexec (CVE-2021-4034)
2021-10-01
Xavier Mertens
New Tool to Add to Your LOLBAS List: cvtres.exe
2021-02-13
Guy Bruneau
vSphere Replication updates address a command injection vulnerability (CVE-2021-21976) - https://www.vmware.com/security/advisories/VMSA-2021-0001.html
2020-09-15
Brad Duncan
Traffic Analysis Quiz: Oh No... Another Infection!
2020-08-05
Brad Duncan
Traffic Analysis Quiz: What's the Malware From This Infection?
2020-03-26
Xavier Mertens
Very Large Sample as Evasion Technique?
2020-02-14
Xavier Mertens
Keep an Eye on Command-Line Browsers
2019-11-13
Brad Duncan
An example of malspam pushing Lokibot malware, November 2019
2019-08-28
Xavier Mertens
Malware Samples Compiling Their Next Stage on Premise
2018-10-10
Xavier Mertens
New Campaign Using Old Equation Editor Vulnerability
2018-05-25
Xavier Mertens
Antivirus Evasion? Easy as 1,2,3
2018-05-07
Xavier Mertens
Adding Persistence Via Scheduled Tasks
2017-11-25
Guy Bruneau
Exim Remote Code Exploit
2017-03-19
Xavier Mertens
Searching for Base64-encoded PE Files
2017-01-30
Didier Stevens
py2exe Decompiling - Part 2
2016-04-15
Xavier Mertens
Windows Command Line Persistence?
2016-02-18
Xavier Mertens
Hunting for Executable Code in Windows Environments
2015-10-12
Guy Bruneau
Critical Vulnerability in Multiple Cisco Products - Apache Struts 2 Command Execution http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-struts2
2015-04-08
Tom Webb
Is it a breach or not?
2013-09-18
Rob VandenBrink
Cisco DCNM Update Released
2013-05-20
Guy Bruneau
Safe - Tools, Tactics and Techniques
2013-04-15
Rob VandenBrink
Oops - You Mean That Deleted Server was a Certificate Authority?
2013-02-16
Lorna Hutcheson
Fedora RedHat Vulnerabilty Released
2012-03-16
Russ McRee
MS12-020 RDP vulnerabilities: Patch, Mitigate, Detect
2011-08-11
Guy Bruneau
BlackBerry Enterprise Server Critical Update
2010-05-12
Rob VandenBrink
Adobe Shockwave Update
2010-03-10
Rob VandenBrink
Microsoft Security Advisory 981374 - Remote Code Execution Vulnerability for IE6 and IE7
2010-02-28
Mari Nichols
Disasters take practice
2009-08-08
Guy Bruneau
XML Libraries Data Parsing Vulnerabilities
2009-05-29
Lorna Hutcheson
VMWare Patches Released
2009-05-11
Mari Nichols
Sysinternals Updates 3 Applications
2009-03-10
Swa Frantzen
conspiracy fodder: pifts.exe
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
Learn
about the Internet Storm Center
and our
volunteer InfoSec handlers