Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-01-25SOC PrimeEmanuele De Lucia
Affiliates vs Hunters: Fighting the DarkSide
DarkSide
2021-01-22SymantecThreat Hunter Team
SolarWinds: How Sunburst Sends Data Back to the Attackers
SUNBURST
2021-01-20Twitter (@malwrhunterteam)MalwareHunterTeam
Tweet on Vovalex ransomware
Vovalex
2021-01-18SymantecThreat Hunter Team
Raindrop: New Malware Discovered in SolarWinds Investigation
Cobalt Strike Raindrop SUNBURST TEARDROP
2021-01-15SymantecThreat Hunter Team
SolarWinds: Insights into Attacker Command and Control Process
SUNBURST
2021-01-11Palo Alto Networks Unit 42Robert Falcone
xHunt Campaign: New BumbleBee Webshell and SSH Tunnels Used for Lateral Movement
2021-01-07SymantecThreat Hunter Team
SolarWinds: How a Rare DGA Helped Attacker Communications Fly Under the Radar
SUNBURST
2021-01-06Red CanaryTony Lambert
Hunting for GetSystem in offensive security tools
Cobalt Strike Empire Downloader Meterpreter PoshC2
2021-01-06MalwarebytesHossein Jazi
Retrohunting APT37: North Korean APT used VBA self decode technique to inject RokRat
RokRAT
2021-01-02Twitter (MalwareHunterTeam)MalwareHunterTeam
Tweet on Knot Ransomware
Knot
2021-01-01SymantecSymantec Threat Hunter Team
Supply Chain Attacks:Cyber Criminals Target the Weakest Link
Cobalt Strike Raindrop SUNBURST TEARDROP
2020-12-22CrowdStrikeJai Minton
Leftover Lunch: Finding, Hunting and Eradicating Spicy Hot Pot, a Persistent Browser Hijacking Rootkit
Spicy Hot Pot
2020-12-22SymantecThreat Hunter Team
SolarWinds Attacks: Stealthy Attackers Attempted To Evade Detection
SUNBURST
2020-12-21BloombergThreat Hunter Team
SolarWinds Adviser Warned of Lax Security Years Before Hack
2020-12-19Twitter (@GossiTheDog)Kevin Beaumont
A twitter thread on Azure sentinel hunting queries for detecting UNC2452 activity
2020-12-16MicrosoftShain Wray
SolarWinds Post-Compromise Hunting with Azure Sentinel
SUNBURST
2020-12-15Cyborg SecurityAustin Jackson
Threat Hunt Deep Dives: SolarWinds Supply Chain Compromise (Solorigate / SUNBURST Backdoor)
SUNBURST
2020-12-15ThreatConnectThreatConnect Research Team
Infrastructure Research and Hunting: Boiling the Domain Ocean
2020-12-15Github (sophos-cybersecurity)Sophos Cyber Security Team
solarwinds-threathunt
Cobalt Strike SUNBURST
2020-12-14SymantecThreat Hunter Team
Sunburst: Supply Chain Attack Targets SolarWinds Users
SUNBURST TEARDROP