Date Author Title
2026-04-08Kenneth HartmanTeamPCP Supply Chain Campaign: Update 007 - Cisco Source Code Stolen via Trivy-Linked Breach, Google GTIG Tracks TeamPCP as UNC6780, and CISA KEV Deadline Arrives with No Standalone Advisory
2026-04-03Kenneth HartmanTeamPCP Supply Chain Campaign: Update 006 - CERT-EU Confirms European Commission Cloud Breach, Sportradar Details Emerge, and Mandiant Quantifies Campaign at 1,000+ SaaS Environments
2026-04-01Kenneth HartmanTeamPCP Supply Chain Campaign: Update 005 - First Confirmed Victim Disclosure, Post-Compromise Cloud Enumeration Documented, and Axios Attribution Narrows
2023-09-09Guy Bruneau?Anyone get the ASN of the Truck that Hit Me?!?: Creating a PowerShell Function to Make 3rd Party API Calls for Extending Honeypot Information [Guest Diary]
2023-08-25Xavier MertensPython Malware Using Postgresql for C2 Communications
2022-07-26Xavier MertensHow is Your macOS Security Posture?
2021-03-10Rob VandenBrinkSharpRDP - PSExec without PSExec, PSRemoting without PowerShell
2018-06-05Xavier MertensMalicious Post-Exploitation Batch File
2017-06-28Brad DuncanCatching up with Blank Slate: a malspam campaign still going strong
2017-02-02Rick WannerMultiple vulnerabilities discovered in popular printer models
2016-10-25Xavier MertensAnother Day, Another Spam...
2015-03-18Daniel WesemannNew SANS memory forensics poster
2013-07-16Johannes UllrichWhy don't we see more examples of web app attacks via POST?
2013-04-04Johannes UllrichPostgresql Patches Critical Vulnerability
2009-07-12Mari NicholsCA Apologizes for False Positive