Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-05-28CISAUS-CERT
Alert (AA21-148A): Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs
Cobalt Strike
2021-05-25FireEyeDaniel Kapellmann Zafra, Keith Lunden, Nathan Brubaker
Crimes of Opportunity: Increasing Frequency of Low Sophistication Operational Technology Compromises
2021-05-18ElasticApoorva Joshi, Craig Chamberlain, Disha Dasgupta
ProblemChild: Detecting living-off-the-land attacks using the Elastic Stack
2021-05-13AhnLabAhnLab ASEC Analysis Team
APT attack for domestic companies using library files
ImprudentCook
2021-05-07Department of JusticeOffice of Public Affairs
Four Individuals Plead Guilty to RICO Conspiracy Involving “Bulletproof Hosting” for Cybercriminals
Citadel SpyEye Zeus
2021-04-29FireEyeJustin Moore, Raymond Leong, Tyler McLellan
UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat
Cobalt Strike FiveHands HelloKitty
2021-04-20ElasticWill Burgess
How attackers abuse Access Token Manipulation (ATT&CK T1134)
2021-04-16US Department of JusticeU.S. Attorney’s Office, Western District of Washington
High-level organizer of notorious hacking group FIN7 sentenced to ten years in prison for scheme that compromised tens of millions of debit and credit cards
2021-04-13Department of JusticeDepartment of Justice
Justice Department announces court-authorized effort to disrupt exploitation of Microsoft Exchange Server vulnerabilities
2021-03-27InfoSec Handlers Diary BlogGuy Bruneau
Malware Analysis with elastic-agent and Microsoft Sandbox
2021-03-18ElasticSamir Bousseaden
Hunting for Lateral Movement using Event Query Language
2021-03-16ElasticJoe Desimone
Detecting Cobalt Strike with memory signatures
Cobalt Strike
2021-03-16Department of Homeland SecurityCISA, Department of Homeland Security, Department of Justice
Foreign Interference Targeting Election Infrastructure or Political Organization, Campaign, or Candidate InfrastructureRelated to the 2020 US Related to the 2020 US Federal Elections
2021-03-11ElasticDaniel Stepanic
Update - Detection and Response for HAFNIUM Activity
2021-03-09MorphisecAlon Groisman
MineBridge Is on the Rise, With a Sophisticated Delivery Mechanism
MINEBRIDGE
2021-03-09360 netlabJiaYu
Threat Alert: z0Miner Is Spreading quickly by Exploiting ElasticSearch and Jenkins Vulnerabilities
2021-03-05ForcepointKurt Natvig, Robert Neumann
Advancements in Invoicing - A highly sophisticated way to distribute ZLoader
Zloader
2021-03-04ElasticDevon Kerr
Detection and Response for HAFNIUM Activity
HAFNIUM
2021-03-04MicrosoftAndrea Lelli, Microsoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC), Ramin Nafisi
GoldMax, GoldFinder, and Sibot: Analyzing NOBELIUM’s layered persistence
SUNBURST TEARDROP UNC2452
2021-03-02MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft 365 Security, Microsoft Threat Intelligence Center (MSTIC)
HAFNIUM targeting Exchange Servers with 0-day exploits
CHINACHOPPER HAFNIUM