Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-12-26Medium grimminckStefan Grimminck
@online{grimminck:20201226:spoofing:a0a5622, author = {Stefan Grimminck}, title = {{Spoofing JARM signatures. I am the Cobalt Strike server now!}}, date = {2020-12-26}, organization = {Medium grimminck}, url = {https://grimminck.medium.com/spoofing-jarm-signatures-i-am-the-cobalt-strike-server-now-a27bd549fc6b}, language = {English}, urldate = {2021-01-01} } Spoofing JARM signatures. I am the Cobalt Strike server now!
Cobalt Strike
2020-12-22Medium mitre-attackMatt Malone, Adam Pennington
@online{malone:20201222:identifying:259fcd9, author = {Matt Malone and Adam Pennington}, title = {{Identifying UNC2452-Related Techniques for ATT&CK}}, date = {2020-12-22}, organization = {Medium mitre-attack}, url = {https://medium.com/mitre-attack/identifying-unc2452-related-techniques-9f7b6c7f3714}, language = {English}, urldate = {2020-12-23} } Identifying UNC2452-Related Techniques for ATT&CK
SUNBURST TEARDROP UNC2452
2020-12-20Medium Asuna AmawakaAsuna Amawaka
@online{amawaka:20201220:look:8cd19a2, author = {Asuna Amawaka}, title = {{A Look into SUNBURST’s DGA}}, date = {2020-12-20}, organization = {Medium Asuna Amawaka}, url = {https://medium.com/insomniacs/a-look-into-sunbursts-dga-ba4029193947}, language = {English}, urldate = {2021-02-18} } A Look into SUNBURST’s DGA
SUNBURST
2020-12-15Medium (Cryptax)Axelle Apvrille
@online{apvrille:20201215:unpacking:af6a6ee, author = {Axelle Apvrille}, title = {{Unpacking an Android malware with Dexcalibur and JEB}}, date = {2020-12-15}, organization = {Medium (Cryptax)}, url = {https://cryptax.medium.com/unpacking-an-android-malware-with-dexcalibur-and-jeb-59bdd905d4a7}, language = {English}, urldate = {2020-12-19} } Unpacking an Android malware with Dexcalibur and JEB
2020-12-15Medium 0xthreatintel0xthreatintel
@online{0xthreatintel:20201215:reversing:eddc936, author = {0xthreatintel}, title = {{Reversing Conti Ransomware}}, date = {2020-12-15}, organization = {Medium 0xthreatintel}, url = {https://0xthreatintel.medium.com/reversing-conti-ransomware-bfce15019e74}, language = {English}, urldate = {2020-12-15} } Reversing Conti Ransomware
Conti
2020-12-14Medium Killbitkillbit
@online{killbit:20201214:applying:75d0dde, author = {killbit}, title = {{Applying the Diamond Model to Cognizant (MSP) vs. Maze Ransomware}}, date = {2020-12-14}, organization = {Medium Killbit}, url = {https://killbit.medium.com/applying-the-diamond-model-to-cognizant-msp-and-maze-ransomware-and-a-policy-assessment-498f01bd723f}, language = {English}, urldate = {2020-12-17} } Applying the Diamond Model to Cognizant (MSP) vs. Maze Ransomware
Maze
2020-12-13Medium (Cryptax)Axelle Apvrille
@online{apvrille:20201213:decrypting:ee8b00f, author = {Axelle Apvrille}, title = {{Decrypting strings with a JEB script}}, date = {2020-12-13}, organization = {Medium (Cryptax)}, url = {https://cryptax.medium.com/decrypting-strings-with-a-jeb-script-1af522fa4979}, language = {English}, urldate = {2020-12-19} } Decrypting strings with a JEB script
2020-12-12Medium 0xthreatintel0xthreatintel
@online{0xthreatintel:20201212:reversing:945a5b8, author = {0xthreatintel}, title = {{Reversing QakBot [ TLP: White]}}, date = {2020-12-12}, organization = {Medium 0xthreatintel}, url = {https://0xthreatintel.medium.com/reversing-qakbot-tlp-white-d1b8b37ad8e7}, language = {English}, urldate = {2020-12-14} } Reversing QakBot [ TLP: White]
QakBot
2020-12-03Medium GhouLSecGhouLSec
@online{ghoulsec:20201203:mal:8f39c1a, author = {GhouLSec}, title = {{[Mal Series #13] Darkside Ransom}}, date = {2020-12-03}, organization = {Medium GhouLSec}, url = {https://ghoulsec.medium.com/mal-series-13-darkside-ransomware-c13d893c36a6}, language = {English}, urldate = {2021-01-26} } [Mal Series #13] Darkside Ransom
DarkSide
2020-11-30Medium Asuna AmawakaAsuna Amawaka
@online{amawaka:20201130:do:ff3adb4, author = {Asuna Amawaka}, title = {{Do you want to bake a donut? Come on, let’s go update~ Go away, Maria.}}, date = {2020-11-30}, organization = {Medium Asuna Amawaka}, url = {https://medium.com/insomniacs/do-you-want-to-bake-a-donut-come-on-lets-go-update-go-away-maria-e8e2b33683b1}, language = {English}, urldate = {2021-02-18} } Do you want to bake a donut? Come on, let’s go update~ Go away, Maria.
Ave Maria
2020-11-26Medium SebdravenSébastien Larinier
@online{larinier:20201126:actor:449d888, author = {Sébastien Larinier}, title = {{Actor behind Operation LagTime targets Russia}}, date = {2020-11-26}, organization = {Medium Sebdraven}, url = {https://sebdraven.medium.com/actor-behind-operation-lagtime-targets-russia-f8c277dc52a9}, language = {English}, urldate = {2021-02-26} } Actor behind Operation LagTime targets Russia
nccTrojan
2020-11-23Medium ryancorRyan Cornateanu
@online{cornateanu:20201123:genetic:cd446d2, author = {Ryan Cornateanu}, title = {{Genetic Analysis of CryptoWall Ransomware}}, date = {2020-11-23}, organization = {Medium ryancor}, url = {https://ryancor.medium.com/genetic-analysis-of-cryptowall-ransomware-843f86055c7f}, language = {English}, urldate = {2020-12-03} } Genetic Analysis of CryptoWall Ransomware
Cryptowall
2020-11-21Medium Intel-HoneyTwitter (@intel_honey)
@online{intelhoney:20201121:reversing:e62deae, author = {Twitter (@intel_honey)}, title = {{Reversing Anubis Malware}}, date = {2020-11-21}, organization = {Medium Intel-Honey}, url = {https://intel-honey.medium.com/reversing-anubis-malware-93f28d154bbb}, language = {English}, urldate = {2020-11-23} } Reversing Anubis Malware
Anubis
2020-11-15Medium GustavoPalazoloGustavo Palazolo
@online{palazolo:20201115:ransomexx:86689d1, author = {Gustavo Palazolo}, title = {{RansomEXX — Análise do Ransomware Utilizado no Ataque ao STJ}}, date = {2020-11-15}, organization = {Medium GustavoPalazolo}, url = {https://gustavopalazolo.medium.com/ransomexx-an%C3%A1lise-do-ransomware-utilizado-no-ataque-ao-stj-918001ec8195}, language = {Portuguese}, urldate = {2020-12-10} } RansomEXX — Análise do Ransomware Utilizado no Ataque ao STJ
RansomEXX
2020-11-14Medium 0xastrovaxastrovax
@online{astrovax:20201114:deep:b50ae08, author = {astrovax}, title = {{Deep Dive Into Ryuk Ransomware}}, date = {2020-11-14}, organization = {Medium 0xastrovax}, url = {https://medium.com/ax1al/reversing-ryuk-eef8ffd55f12}, language = {English}, urldate = {2021-01-25} } Deep Dive Into Ryuk Ransomware
Hermes Ryuk
2020-11-12Medium Sapphirex00Sapphire
@online{sapphire:20201112:diving:6b388eb, author = {Sapphire}, title = {{Diving into the Sun — SunCrypt: A new neighbour in the ransomware mafia}}, date = {2020-11-12}, organization = {Medium Sapphirex00}, url = {https://medium.com/@sapphirex00/diving-into-the-sun-suncrypt-a-new-neighbour-in-the-ransomware-mafia-d89010c9df83}, language = {English}, urldate = {2020-11-23} } Diving into the Sun — SunCrypt: A new neighbour in the ransomware mafia
SunCrypt
2020-10-23Medium HorkosAlex Orleans
@online{orleans:20201023:last:c05dd4d, author = {Alex Orleans}, title = {{A Last Clever Knot?}}, date = {2020-10-23}, organization = {Medium Horkos}, url = {https://horkos.medium.com/a-last-clever-knot-26fd26765e8d}, language = {English}, urldate = {2020-10-29} } A Last Clever Knot?
2020-10-16Medium DoublepulsarKevin Beaumont
@online{beaumont:20201016:second:197ec38, author = {Kevin Beaumont}, title = {{Second Zerologon attacker seen exploiting internet honeypot}}, date = {2020-10-16}, organization = {Medium Doublepulsar}, url = {https://doublepulsar.com/second-zerologon-attacker-seen-exploiting-internet-honeypot-c7fb074451ef}, language = {English}, urldate = {2020-10-23} } Second Zerologon attacker seen exploiting internet honeypot
RemCom
2020-10-14Medium CyCraftCyCraft Technology Corp
@online{corp:20201014:taiwan:7628b24, author = {CyCraft Technology Corp}, title = {{Taiwan Government Targeted by Multiple Cyberattacks in April 2020 Part 2: Owlproxy Malware}}, date = {2020-10-14}, organization = {Medium CyCraft}, url = {https://medium.com/cycraft/taiwan-government-targeted-by-multiple-cyberattacks-in-april-2020-3b20cea1dc20}, language = {English}, urldate = {2020-10-23} } Taiwan Government Targeted by Multiple Cyberattacks in April 2020 Part 2: Owlproxy Malware
Owlproxy
2020-10-08Medium CyCraftCyCraft Technology Corp
@online{corp:20201008:taiwan:3a6afa1, author = {CyCraft Technology Corp}, title = {{Taiwan Government Targeted by Multiple Cyberattacks in April 2020 Part 1: Waterbear Malware}}, date = {2020-10-08}, organization = {Medium CyCraft}, url = {https://medium.com/cycraft/taiwan-government-targeted-by-multiple-cyberattacks-in-april-2020-1980acde92b0}, language = {English}, urldate = {2020-10-23} } Taiwan Government Targeted by Multiple Cyberattacks in April 2020 Part 1: Waterbear Malware