Threat Level: green Handler on Duty: Daniel Wesemann

SANS ISC: Diary Discussions SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Diary Discussions
Title Replies Views Latest Reply
YARA v4.0.5
Feb 6th 2021
2 weeks ago by DidierStevens
0 0 No replies yet.
VBA Macro Trying to Alter the Application Menus
Feb 5th 2021
2 weeks ago by Xme
0 0 No replies yet.
New Example of XSL Script Processing aka "Mitre T1220"
Feb 2nd 2021
3 weeks ago by Xme
0 0 No replies yet.
Taking a Shot at Reverse Shell Attacks, CNC Phone Home and Data Exfil from Servers
Feb 1st 2021
3 weeks ago by Rob VandenBrink
0 0 No replies yet.
Wireshark 3.4.3 Released
Jan 31st 2021
3 weeks ago by DidierStevens
0 0 No replies yet.
YARA v4.0.4
Jan 31st 2021
3 weeks ago by DidierStevens
0 0 No replies yet.
PacketSifter as Network Parsing and Telemetry Tool
Jan 30th 2021
3 weeks ago by Guy
0 0 No replies yet.
Sensitive Data Shared with Cloud Services
Jan 29th 2021
3 weeks ago by Xme
0 0 No replies yet.
Emotet vs. Windows Attack Surface Reduction
Jan 28th 2021
4 weeks ago by Daniel
0 0 No replies yet.
TriOp - tool for gathering (not just) security-related data from Shodan.io (tool drop)
Jan 27th 2021
4 weeks ago by Jan
0 0 No replies yet.
Another File Extension to Block in your MTA: .jnlp
Jan 22nd 2021
1 month ago by Xme
2 0 Jan 26th 2021
4 weeks ago
by Brad
TA551 (Shathak) Word docs push Qakbot (Qbot)
Jan 26th 2021
4 weeks ago by Brad
2 0 Jan 26th 2021
4 weeks ago
by Brad
Fun with NMAP NSE Scripts and DOH (DNS over HTTPS)
Jan 25th 2021
1 month ago by Rob VandenBrink
0 0 No replies yet.
Video: Doc & RTF Malicious Document
Jan 24th 2021
1 month ago by DidierStevens
0 0 No replies yet.
CyberChef: Analyzing OOXML Files for URLs
Jan 23rd 2021
1 month ago by DidierStevens
0 0 No replies yet.
Gordon for fast cyber reputation checks
Jan 19th 2021
1 month ago by Russ McRee
1 0 Jan 22nd 2021
1 month ago
by R
Powershell Dropping a REvil Ransomware
Jan 21st 2021
1 month ago by Xme
0 0 No replies yet.
Qakbot activity resumes after holiday break
Jan 20th 2021
1 month ago by Brad
0 0 No replies yet.
Doc & RTF Malicious Document
Jan 18th 2021
1 month ago by DidierStevens
0 0 No replies yet.
New Release of Sysmon Adding Detection for Process Tampering
Jan 17th 2021
1 month ago by DidierStevens
0 0 No replies yet.