Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-12-13FireEyeAlex Berry, Alex Pennino, Alyssa Rahman, Andrew Archer, Andrew Rector, Andrew Thompson, Barry Vengerik, Ben Read, Ben Withnell, Chris DiGiamo, Christopher Glyer, Dan Perez, Dileep Jallepalli, Doug Bienstock, Eric Scales, Evan Reese, Fred House, Glenn Edwards, Ian Ahl, Isif Ibrahima, Jay Smith, John Gorman, John Hultquist, Jon Leathery, Lennard Galang, Marcin Siedlarz, Matt Dunwoody, Matthew McWhirt, Michael Sikorski, Microsoft, Mike Burns, Nalani Fraiser, Nick Bennett, Nick Carr, Nick Hornick, Nick Richard, Nicole Oppenheim, Omer Baig, Ramin Nafisi, Sarah Jones, Scott Runnels, Stephen Eckels, Steve Miller, Steve Stone, William Ballenthin
Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor
SUNBURST SUPERNOVA TEARDROP UNC2452
2020-12-08Red CanaryMatt Graeber
The why, what, and how of threat research
2020-12-02ESET ResearchMatthieu Faou
Turla Crutch: Keeping the “back door” open
Crutch Gazer Turla
2020-11-20Trend MicroAbraham Camba, Bren Matthew Ebriega, Gilbert Sison
Weaponizing Open Source Software for Targeted Attacks
LaZagne Defray PlugX
2020-10-30CofenseThe Cofense Intelligence Team
The Ryuk Threat: Why BazarBackdoor Matters Most
BazarBackdoor Ryuk
2020-10-02ESET ResearchMatthieu Faou
XDSpy: Stealing government secrets since 2011
XDSpy XDSpy
2020-10-01Github (eset)Matthieu Faou
XDSpy Indicators of Compromise
XDSpy XDSpy
2020-09-30Virus BulletinFrancis Labelle, Matthieu Faou
XDSPY: STEALING GOVERNMENT SECRETS SINCE 2011
XDSpy XDSpy
2020-09-24Github (FortyNorthSecurity)Joe Leon, Matt Grandy
Offensive Maldocs in 2020
2020-09-02ESET ResearchAlexandre Côté Cyr, Matthieu Faou
KryptoCibule: The multitasking multicurrency cryptostealer
KryptoCibule
2020-07-21YouTube ( OPCDE with Matt Suiche)Mohamad Mokbel
vOPCDE #9 - A Journey into Malware HTTP Communication Channels Spectacles (Mohamad Mokbel)
Alureon Aytoke Cobra Carbon System CROSSWALK danbot ProtonBot Silence
2020-07-08COLUMBIA | SIPAJennifer Keltz, John Patrick Dees, John Sakellariadis, Katherine von Ofenheim, Lan Pelekis, Matthew Armelli, Max Egar, Neal Pollard, Stuart Caudill, Vipratap Vikram Singh
Named But Hardly Shamed: What is the Impact of Information Disclosures on an APT Operations?
2020-07-07FireEyeMatthew Haigh, Trevor Haskell
Configuring a Windows Domain to Dynamically Analyze an Obfuscated Lateral Movement Tool
2020-06-17Youtube (Red Canary)Adam Pennington, David Kaplan, Erika Noerenberg, Matt Graeber
ATT&CK® Deep Dive: Process Injection
ISFB Ramnit TrickBot
2020-06-15FortinetFred Gutierrez, Val Saengphaibul
Global Malicious Spam Campaign Using Black Lives Matter as a Lure
TrickBot
2020-06-12HornetsecuritySecurity Lab
Trickbot Malspam Leveraging Black Lives Matter as Lure
TrickBot
2020-06-01Twitter (@voodoodahl1)Matt Dahl
Tweet on malware called knspy used by Donot
KnSpy
2020-05-28Rapid7 LabsMatthew Berninger
The Masked SYNger: Investigating a Traffic Phenomenon
2020-05-26ESET ResearchMatthieu Faou
From Agent.BTZ to ComRAT v4: A ten‑year journey (White Paper)
Agent.BTZ
2020-05-26ESET ResearchMatthieu Faou
From Agent.BTZ to ComRAT v4: A ten‑year journey
Agent.BTZ