Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-02-12InfoSec Handlers Diary BlogXavier Mertens
AgentTesla Dropped Through Automatic Click in Microsoft Help File
Agent Tesla
2021-02-08CrowdStrikeSeb Walla, Tom Henry, Tom Simpson
Blocking SolarMarker Backdoor
solarmarker
2021-02-08CrowdStrikeSeb Walla, Tom Henry, Tom Simpson
Blocking SolarMarker Backdoor
solarmarker
2021-01-26Twitter (@swisscom_csirt)Swisscom CSIRT
Tweet on Cring Ransomware groups using customized Mimikatz sample followed by CobaltStrike and dropping Cring rasomware
Cobalt Strike Cring MimiKatz
2021-01-26JPCERT/CCShusei Tomonaga
Operation Dream Job by Lazarus
LCPDot Torisma Lazarus Group
2021-01-20JPCERT/CCShusei Tomonaga
Commonly Known Tools Used by Lazarus
Lazarus Group
2021-01-19HPPatrick Schläpfer
Dridex Malicious Document Analysis: Automating the Extraction of Payload URLs
Dridex
2021-01-19JPCERT/CCShusei Tomonaga
Tools used within the network invaded by attack group Lazarus
2021-01-14ImpervaShiran Bareli
Python Cryptominer Botnet Quickly Adopts Latest Vulnerabilities
2021-01-13AlienVaultTom Hegel
A Global Perspective of the SideWinder APT
8.t Dropper Koadic SideWinder
2021-01-08Youtube (Virus Bulletin)Hajime Takai, Rintaro Koike, Shogo Hayashi
Unveiling the CryptoMimic
2021-01-08Youtube (Virus Bulletin)Hajime Takai, Rintaro Koike, Shogo Hayashi
Unveiling the CryptoMimic
2021-01-08Youtube (Virus Bulletin)Hajime Takai, Rintaro Koike, Shogo Hayashi
Unveiling the CryptoMimic
2021-01-04SentinelOneMarco Figueroa
Building a Custom Malware Analysis Lab Environment
TrickBot
2020-12-26The Washington PostEllen Nakashima
Russian hackers compromised Microsoft cloud customers through third party, putting emails and other data at risk
2020-12-21MicrosoftTom Burt
Cyber Mercenaries Don’t Deserve Immunity
2020-12-21MicrosoftAlex Weinert
Understanding "Solorigate"'s Identity IOCs - for Identity Vendors and their customers.
SUNBURST
2020-12-18MicrosoftMicrosoft 365 Defender Research Team, Microsoft Threat Intelligence Center (MSTIC)
Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers
SUNBURST SUPERNOVA TEARDROP UNC2452
2020-12-18MicrosoftMicrosoft 365 Defender Research Team, Microsoft Threat Intelligence Center (MSTIC)
Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers
SUNBURST SUPERNOVA TEARDROP UNC2452
2020-12-17Trend MicroAliakbar Zahravi, William Gamazo Sanchez
Credential Stealer Targets US, Canadian Bank Customers