Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-03-11ElasticDaniel Stepanic
Update - Detection and Response for HAFNIUM Activity
2021-03-09MorphisecAlon Groisman
MineBridge Is on the Rise, With a Sophisticated Delivery Mechanism
MINEBRIDGE
2021-03-09360 netlabJiaYu
Threat Alert: z0Miner Is Spreading quickly by Exploiting ElasticSearch and Jenkins Vulnerabilities
2021-03-05ForcepointKurt Natvig, Robert Neumann
Advancements in Invoicing - A highly sophisticated way to distribute ZLoader
Zloader
2021-03-04ElasticDevon Kerr
Detection and Response for HAFNIUM Activity
HAFNIUM
2021-03-04MicrosoftAndrea Lelli, Microsoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC), Ramin Nafisi
GoldMax, GoldFinder, and Sibot: Analyzing NOBELIUM’s layered persistence
SUNBURST TEARDROP UNC2452
2021-03-02MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft 365 Security, Microsoft Threat Intelligence Center (MSTIC)
HAFNIUM targeting Exchange Servers with 0-day exploits
CHINACHOPPER HAFNIUM
2021-03-02MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
HAFNIUM targeting Exchange Servers with 0-day exploits
PowerCat
2021-02-17US Department of DefenseUS Department of Justice
Three North Korean Military Hackers Indicted in Wide-Ranging Scheme to Commit Cyberattacks and Financial Crimes Across the Globe
2021-02-08CheckpointCheck Point Research
Domestic Kitten – An Inside Look at the Iranian Surveillance Operations
FurBall Domestic Kitten
2021-02-05Silent PushKen
Behavior Clustering just got easier using new characteristics.
2021-02-01EST SecurityAlyac
Thallium organization conducts elaborate cyber attack against Russian researchers working in the North Korean economyPerforming sophisticated cyber attacks against researchers
2021-01-28Department of Homeland SecurityDepartment of Justice
Emotet Botnet Disrupted in International Cyber Operation
Emotet
2021-01-28MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
ZINC attacks against security researchers
ComeBacker Klackring
2021-01-27Department of JusticeDepartment of Justice
INDICTMENT of SEBASTIEN VACHON-DESJARDINS for using Netwalker ransomware to commit crime
Mailto
2021-01-27Department of JusticeDepartment of Justice
Department of Justice Launches Global Action Against NetWalker Ransomware
Mailto
2021-01-20MicrosoftMicrosoft 365 Defender Research Team, Microsoft Cyber Defense Operations Center (CDOC), Microsoft Threat Intelligence Center (MSTIC)
Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop
Cobalt Strike SUNBURST TEARDROP
2021-01-19Medium elis531989Eli Salem
Funtastic Packers And Where To Find Them
Get2 IcedID QakBot
2021-01-14MicrosoftMicrosoft 365 Defender Team
Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender
SUNBURST
2021-01-12YoroiAntonio Pirozzi, Luca Mella, Luigi Martire
Opening “STEELCORGI”: A Sophisticated APT Swiss Army Knife
STEELCORGI