Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-24YoroiLuca Mella, Luigi Martire
Hunting the LockBit Gang's Exfiltration Infrastructures
LockBit StealBit
2021-09-23NCC GroupMichael Gough
Detecting and Hunting for the PetitPotam NTLM Relay Attack
2021-09-18MicrosoftRussell McDonald
Hunting for OMI Vulnerability Exploitation with Azure Sentinel
Mirai
2021-09-17CrowdStrikeFalcon OverWatch Team
Falcon OverWatch Hunts Down Adversaries Where They Hide
BazarBackdoor Cobalt Strike
2021-09-16Medium ShabarkinPavel Shabarkin
Pointer: Hunting Cobalt Strike globally
Cobalt Strike
2021-09-14CrowdStrikeCrowdStrike Intelligence Team
Big Game Hunting TTPs Continue to Shift After DarkSide Pipeline Attack
BlackMatter DarkSide REvil Avaddon BlackMatter Clop Conti CryptoLocker DarkSide DoppelPaymer Hades REvil
2021-09-09SymantecThreat Hunter Team
Grayfly: Chinese Threat Actor Uses Newly-discovered Sidewalk Malware
CROSSWALK MimiKatz SideWalk
2021-09-08CrowdStrikeFalcon OverWatch Team
2021 Threat Hunting Report
2021-09-07Medium michaelkoczwaraMichael Koczwara
Cobalt Strike C2 Hunting with Shodan
Cobalt Strike
2021-09-01YouTube (Black Hat)Anurag Khanna, Thirumalai Natarajan Muthiah
Threat Hunting in Active Directory Environment
2021-09-01SentinelOneSentinelOne
WatchTower | August 2021 TLP: WHITE | Intelligence-Driven Threat Hunting
2021-08-30CrowdStrikeEric Loui, Josh Reynolds
CARBON SPIDER Embraces Big Game Hunting, Part 1
Bateleur Griffon Carbanak DarkSide JSSLoader PILLOWMINT REvil
2021-08-25Twitter (@malwrhunterteam)MalwareHunterTeam
Tweet on Hydra-variant with Dutch ransom note
Nitro
2021-08-23Youtube (SANS Digital Forensics and Incident Response)Chad Tilbury
Keynote: Cobalt Strike Threat Hunting
Cobalt Strike
2021-08-23Intel 471Intel 471
Here's how to guard your enterprise against ShinyHunters
2021-08-20SymantecThreat Hunter Team
LockFile: Ransomware Uses PetitPotam Exploit to Compromise Windows Domain Controllers
LockFile
2021-08-19cybleCyble
ShinyHunters Selling Alleged AT&T Database with 70 million SSN and Date of birth; AT&T Denies it originated from their systems
2021-08-19Huntress LabsJohn Hammond
Microsoft Exchange Servers Still Vulnerable to ProxyShell Exploit
2021-08-17Medium michaelkoczwaraMichael Koczwara
Cobalt Strike Hunting — DLL Hijacking/Attack Analysis
Cobalt Strike
2021-08-17Advanced IntelligenceVitali Kremez, Yelisey Boguslavskiy
Hunting for Corporate Insurance Policies: Indicators of [Ransom] Exfiltration
Cobalt Strike Conti