Date Author Title

SSE SPAMBOT

2018-12-05Brad DuncanCampaign evolution: Hancitor changes its Word macros

SSE

2024-06-03/a>Didier StevensA Wireshark Lua Dissector for Fixed Field Length Protocols
2024-05-30/a>Xavier MertensFeeding MISP with OSSEC
2023-09-06/a>Johannes UllrichSecurity Relevant DNS Records
2023-07-26/a>Xavier MertensSuspicious IP Addresses Avoided by Malware Samples
2023-02-25/a>Didier StevensCrypto Inside a Browser
2022-02-01/a>Xavier MertensAutomation is Nice But Don't Replace Your Knowledge
2021-05-10/a>Johannes UllrichCorrectly Validating IP Addresses: Why encoding matters for input validation.
2021-01-02/a>Guy BruneauProtecting Home Office and Enterprise in 2021
2020-09-17/a>Xavier MertensSuspicious Endpoint Containment with OSSEC
2020-02-16/a>Guy BruneauSOAR or not to SOAR?
2019-01-31/a>Xavier MertensTracking Unexpected DNS Changes
2018-12-19/a>Xavier MertensUsing OSSEC Active-Response as a DFIR Framework
2018-12-05/a>Brad DuncanCampaign evolution: Hancitor changes its Word macros
2018-09-20/a>Xavier MertensHunting for Suspicious Processes with OSSEC
2016-07-12/a>Xavier MertensHunting for Malicious Files with MISP + OSSEC
2015-06-02/a>Alex StanfordGuest Diary: Xavier Mertens - Playing with IP Reputation with Dshield & OSSEC
2015-05-10/a>Didier StevensWireshark TCP Flags: How To Install On Windows Video
2015-04-05/a>Didier StevensWireshark TCP Flags
2015-03-21/a>Russell EubanksHave you seen my personal information? It has been lost. Again.
2014-08-15/a>Tom WebbAppLocker Event Logs with OSSEC 2.8
2014-05-28/a>Rob VandenBrinkAssessing SOAP APIs with Burp
2013-10-21/a>Johannes UllrichNew tricks that may bring DNS spoofing back or: "Why you should enable DNSSEC even if it is a pain to do"
2013-08-14/a>Johannes Ullrich.GOV zones may not resolve due to DNSSEC problems.
2013-06-22/a>Guy Bruneau.biz DNSSEC DNSKEY is Invalid
2013-03-04/a>Johannes UllrichIPv6 Focus Month: Addresses
2013-02-22/a>Johannes UllrichWhen web sites go bad: bible . org compromise
2012-11-23/a>Rob VandenBrinkRisk Assessment Reloaded (thanks PCI ! )
2012-11-23/a>Rob VandenBrinkWhat's in Your Change Control Form?
2012-05-05/a>Tony CarothersVulnerability Assessment Program - Discussions
2012-01-18/a>Johannes UllrichUse of Mixed Case DNS Queries
2011-11-11/a>Johannes UllrichDetails About the fbi.gov DNSSEC Configuration Issue.
2011-08-05/a>Johannes UllrichMicrosoft Patch Tuesday Advance Notification: 13 Bulletins coming http://www.microsoft.com/technet/security/Bulletin/MS11-aug.mspx
2011-06-28/a>Johannes UllrichDNSSEC Tips
2011-06-01/a>Johannes UllrichEnabling Privacy Enhanced Addresses for IPv6
2011-04-14/a>Johannes Ullrichdshield.org now DNSSEC signed via .org
2010-11-04/a>Johannes UllrichDNSSEC Progress for .com and .net
2010-10-20/a>Jim ClausingTools updates - Oct 2010
2010-10-17/a>Stephen HallCyber Security Awareness Month - Day 17 - What a boss should and should not have access to
2010-05-04/a>Rick WannerDNSSEC...not a bang but a whimper?
2010-04-01/a>Jim ClausingOSSEC v2.4 released. http://www.ossec.net/main/ossec-v24-released
2010-01-19/a>Jim Clausing49Gbps DDoS, IPv4 exhaustion, and DNSSEC, oh my!
2009-12-15/a>Johannes UllrichImportant BIND name server updates - DNSSEC
2009-12-09/a>Swa FrantzenOSSEC 2.3 released
2009-11-29/a>Patrick Nolan A Cloudy Weekend
2009-11-24/a>John BambenekBIND Security Advisory (DNSSEC only)
2009-09-12/a>Jim ClausingOSSEC version 2.2 available
2009-08-30/a>Tony CarothersHow do I recover from.....?
2009-04-19/a>Mari NicholsProviding Accurate Risk Assessments
2009-03-21/a>Stephen HallUpdates to ISC BIND
2009-02-28/a>Rick WannerOSSEC Version 2 available!
2009-01-08/a>Kyle HaugsnessBIND OpenSSL follow-up
2009-01-07/a>William SaluskyBIND 9.x security patch - resolves potentially new DNS poisoning vector
2008-09-10/a>Adrien de BeaupreMailbag: OSSEC 1.6 released, NMAP 4.75 released
2008-08-14/a>Johannes UllrichDNSSEC for DShield.org
2008-07-08/a>Swa FrantzenSecurity implications in HVAC equipment
2008-05-07/a>Jim ClausingOSSEC 1.5 released

SPAMBOT

2022-02-09/a>Brad DuncanExample of Cobalt Strike from Emotet infection
2022-01-25/a>Brad DuncanEmotet Stops Using 0.0.0.0 in Spambot Traffic
2021-12-22/a>Brad DuncanDecember 2021 Forensic Contest: Answers and Analysis
2021-11-16/a>Brad DuncanEmotet Returns
2020-04-01/a>Brad DuncanQakbot malspam sent from an infected Windows host
2019-12-18/a>Brad DuncanEmotet infection with spambot activity
2019-01-10/a>Brad DuncanHeartbreaking Emails: "Love You" Malspam
2018-12-05/a>Brad DuncanCampaign evolution: Hancitor changes its Word macros