Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-07-22Medium michaelkoczwaraMichael Koczwara
Cobalt Strike Hunting — simple PCAP and Beacon Analysis
Cobalt Strike
2021-07-14Medium TowardsDataScienceJohn “Turbo” Conwell
Domain Blooms: Identifying Domain Name Themes Targeted By Threat Actors
2021-07-14Medium s2wlabJaeki Kim
Matryoshka : Variant of ROKRAT, APT37 (Scarcruft)
RokRAT
2021-07-13Medium CyCraftCyCraft Technology Corp
Prometheus Ransomware Decryptor
Prometheus
2021-07-08Medium s2wlabSojun Ryu
Analysis of Lazarus malware abusing Non-ActiveX Module in South Korea
Racket Downloader
2021-07-08Medium walmartglobaltechHarold Ogden, Jason Reaves
Amadey stealer plugin adds Mikrotik and Outlook harvesting
Amadey
2021-07-08Medium walmartglobaltechHarold Ogden, Jason Reaves
Amadey stealer plugin adds Mikrotik and Outlook harvesting
Amadey
2021-07-07Medium s2wlabSeunghoe Kim
Deep analysis of KPOT Stealer
KPOT Stealer
2021-07-06Medium walmartglobaltechJason Reaves, Joshua Platt
TA505 adds GoLang crypter for delivering miners and ServHelper
ServHelper
2021-07-06Medium walmartglobaltechJason Reaves, Joshua Platt
TA505 adds GoLang crypter for delivering miners and ServHelper
ServHelper
2021-07-03Medium AK1001AK1001
Analyzing Cobalt Strike PowerShell Payload
Cobalt Strike
2021-07-03Medium DoublepulsarKevin Beaumont
Kaseya supply chain attack delivers mass ransomware event to US companies
REvil
2021-06-29Medium hidocohenHido Cohen
GuLoader’s Anti-Analysis Techniques
CloudEyE
2021-06-29Medium MITRE-EngenuityJon Baker, Nicholas Amon
Security Control Mappings: A Starting Point for Threat-Informed Defense
2021-06-29Medium MITRE-EngenuityJon Baker, Nicholas Amon
Security Control Mappings: A Starting Point for Threat-Informed Defense
2021-06-23Medium s2wlabSojun Ryu
Deep analysis of REvil Ransomware
REvil
2021-06-21Medium gabrielcurrieGabriel Currie
Ready for (nearly) anything: Five things to prepare for a cyber security incident
2021-06-21Medium elis531989Eli Salem
Dissecting and automating Hancitor’s config extraction
Hancitor
2021-06-16Medium BI.ZONEAnton Medvedev, Vadim Khrykov
Hunting Down MS Exchange Attacks. Part 2 (CVE-2020–0688, CVE-2020–16875, CVE-2021–24085)
2021-06-16Medium BI.ZONEAnton Medvedev, Vadim Khrykov
Hunting Down MS Exchange Attacks. Part 2 (CVE-2020–0688, CVE-2020–16875, CVE-2021–24085)