Date Author Title

RUN BOOK

2009-03-20Stephen HallMaking the most of your runbooks

RUN

2024-02-25/a>Guy BruneauUtilizing the VirusTotal API to Query Files Uploaded to DShield Honeypot [Guest Diary]
2023-06-09/a>Xavier MertensUndetected PowerShell Backdoor Disguised as a Profile File
2021-05-18/a>Xavier MertensFrom RunDLL32 to JavaScript then PowerShell
2021-01-21/a>Xavier MertensPowershell Dropping a REvil Ransomware
2020-03-13/a>Rob VandenBrinkNot all Ethernet NICs are Created Equal - Trying to Capture Invalid Ethernet Frames
2015-07-17/a>Didier StevensAutoruns and VirusTotal
2015-02-10/a>Mark BaggettDetecting Mimikatz Use On Your Network
2014-01-10/a>Basil Alawi S.TaherWindows Autorun-3
2013-06-21/a>Guy BruneauSysinternals Updates for Autoruns, Strings & ZoomIt http://blogs.technet.com/b/sysinternals/archive/2013/06/20/updates-autoruns-v11-61-strings-v2-52-zoomit-v4-5.aspx
2012-01-13/a>Guy BruneauSysinternals Updates - http://blogs.technet.com/b/sysinternals/archive/2012/01/13/updates-autoruns-v11-21-coreinfo-v3-03-portmon-v-3-03-process-explorer-v15-12-mark-s-blog-and-mark-at-rsa-2012.aspx
2009-10-02/a>Stephen HallNew SysInternal fun for the weekend
2009-05-11/a>Mari NicholsSysinternals Updates 3 Applications
2009-03-20/a>Stephen HallMaking the most of your runbooks
2009-02-25/a>donald smithAutoRun disabling patch released
2009-01-15/a>Bojan ZdrnjaConficker's autorun and social engineering
2008-12-25/a>Maarten Van HorenbeeckMerry Christmas, and beware of digital hitchhikers!

BOOK

2024-05-27/a>Jan KoprivaFiles with TXZ extension used as malspam attachments
2024-01-25/a>Xavier MertensFacebook AdsManager Targeted by a Python Infostealer
2024-01-16/a>Johannes UllrichScans for Ivanti Connect "Secure" VPN Vulnerability (CVE-2023-46805, CVE-2024-21887)
2023-07-12/a>Brad DuncanLoader activity for Formbook "QM18"
2023-06-17/a>Brad DuncanFormbook from Possible ModiLoader (DBatLoader)
2023-05-15/a>Jan KoprivaOngoing Facebook phishing campaign without a sender and (almost) without links
2022-10-22/a>Didier Stevensrtfdump's Find Option
2022-07-28/a>Johannes UllrichExfiltrating Data With Bookmarks
2021-11-19/a>Xavier MertensDownloader Disguised as Excel Add-In (XLL)
2021-10-04/a>Johannes UllrichFacebook Outage: Yes, its DNS (sort of). A super quick analysis of what is going on.
2020-11-19/a>Xavier MertensPowerShell Dropper Delivering Formbook
2020-07-10/a>Brad DuncanExcel spreasheet macro kicks off Formbook infection
2019-11-06/a>Brad DuncanMore malspam pushing Formbook
2018-06-16/a>Russ McReeAnomaly Detection & Threat Hunting with Anomalize
2017-10-03/a>Brad DuncanMalspam pushing Formbook info stealer
2014-08-20/a>Kevin ShorttSocial Engineering Alive and Well
2014-05-22/a>Rob VandenBrinkAnother Site Breached - Time to Change your Passwords! (If you can that is)
2014-01-24/a>Chris MohanPhishing via Social Media
2013-12-11/a>Johannes UllrichFacebook Phishing and Malware via Tumblr Redirects
2013-11-10/a>Rick WannerMicrosoft and Facebook announce bug bounty
2013-06-22/a>Guy BruneauFacebook Reports a Potential Leak of User Data
2013-02-25/a>Johannes UllrichMass-Customized Malware Lures: Don't trust your cat!
2012-10-10/a>Kevin ShorttFacebook Scam Spam
2012-02-07/a>Jim ClausingBook Review: Practical Packet Analysis, 2nd ed
2011-07-30/a>Deborah HaleLinks on your Facebook Wall
2011-06-30/a>Guy BruneauSymantec Report - Spam Surge against Social Networks
2011-06-27/a>Kevin ShorttPhishy Spam
2011-05-22/a>Kevin ShorttFacebook goes two-factor
2011-05-12/a>Chris MohanReports of another javascript-based spam scam doing the rounds in Facebook
2011-05-10/a>Swa FrantzenTime to change your facebook password?
2011-05-03/a>Johannes UllrichUpdate on Osama Bin Laden themed Malware
2011-01-16/a>Tony CarothersFacebook User Data Call for 3rd Party Apps
2011-01-10/a>Manuel Humberto Santander PelaezFacebook virus spreads via photo album chat messages
2010-12-07/a>Kevin ShorttYou got a sec?
2010-11-22/a>Lenny ZeltserBrand Impersonations On-Line: Brandjacking and Social Networks
2010-09-16/a>Johannes UllrichFacebook "Like Pages"
2010-09-04/a>Kevin ListonWhat's not to Like about "Like?"
2010-06-14/a>Manuel Humberto Santander PelaezRogue facebook application acting like a worm
2010-06-02/a>Bojan ZdrnjaClickjacking attacks on Facebook's Like plugin
2010-05-25/a>donald smithFace book “joke” leads to firing.
2010-04-29/a>Bojan ZdrnjaWho needs exploits when you have social engineering?
2010-01-27/a>Raul SilesActive SEO poisoning attacks for hot topics
2009-12-09/a>Swa FrantzenFacebook announces privacy improvements
2009-06-16/a>John BambenekURL Shortening Service Cligs Hacked
2009-05-24/a>Raul SilesFacebook phising using Belgium (.be) domains
2009-05-04/a>Tom ListonFacebook phishing malware
2009-03-20/a>Stephen HallMaking the most of your runbooks
2009-01-04/a>Rick WannerTwitter/Facebook Phishing Attempt