Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-04-20ElasticWill Burgess
How attackers abuse Access Token Manipulation (ATT&CK T1134)
2021-04-16US Department of JusticeU.S. Attorney’s Office, Western District of Washington
High-level organizer of notorious hacking group FIN7 sentenced to ten years in prison for scheme that compromised tens of millions of debit and credit cards
2021-04-13Department of JusticeDepartment of Justice
Justice Department announces court-authorized effort to disrupt exploitation of Microsoft Exchange Server vulnerabilities
2021-03-27InfoSec Handlers Diary BlogGuy Bruneau
Malware Analysis with elastic-agent and Microsoft Sandbox
2021-03-18ElasticSamir Bousseaden
Hunting for Lateral Movement using Event Query Language
2021-03-16ElasticJoe Desimone
Detecting Cobalt Strike with memory signatures
Cobalt Strike
2021-03-16Department of Homeland SecurityCISA, Department of Homeland Security, Department of Justice
Foreign Interference Targeting Election Infrastructure or Political Organization, Campaign, or Candidate InfrastructureRelated to the 2020 US Related to the 2020 US Federal Elections
2021-03-11ElasticDaniel Stepanic
Update - Detection and Response for HAFNIUM Activity
2021-03-09MorphisecAlon Groisman
MineBridge Is on the Rise, With a Sophisticated Delivery Mechanism
MINEBRIDGE
2021-03-09360 netlabJiaYu
Threat Alert: z0Miner Is Spreading quickly by Exploiting ElasticSearch and Jenkins Vulnerabilities
2021-03-05ForcepointKurt Natvig, Robert Neumann
Advancements in Invoicing - A highly sophisticated way to distribute ZLoader
Zloader
2021-03-04ElasticDevon Kerr
Detection and Response for HAFNIUM Activity
HAFNIUM
2021-03-04MicrosoftAndrea Lelli, Microsoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC), Ramin Nafisi
GoldMax, GoldFinder, and Sibot: Analyzing NOBELIUM’s layered persistence
SUNBURST TEARDROP UNC2452
2021-03-02MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft 365 Security, Microsoft Threat Intelligence Center (MSTIC)
HAFNIUM targeting Exchange Servers with 0-day exploits
CHINACHOPPER HAFNIUM
2021-03-02MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
HAFNIUM targeting Exchange Servers with 0-day exploits
PowerCat
2021-02-17US Department of DefenseUS Department of Justice
Three North Korean Military Hackers Indicted in Wide-Ranging Scheme to Commit Cyberattacks and Financial Crimes Across the Globe
2021-02-08CheckpointCheck Point Research
Domestic Kitten – An Inside Look at the Iranian Surveillance Operations
FurBall Domestic Kitten
2021-02-05Silent PushKen
Behavior Clustering just got easier using new characteristics.
2021-02-01EST SecurityAlyac
Thallium organization conducts elaborate cyber attack against Russian researchers working in the North Korean economyPerforming sophisticated cyber attacks against researchers
2021-01-28Department of Homeland SecurityDepartment of Justice
Emotet Botnet Disrupted in International Cyber Operation
Emotet