Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-03-12Recorded FutureInsikt Group®
DEWMODE Web Shell Used on Accellion FTA Appliances
DEWMODE
2021-03-12360 netlabAlex.Turing, liuyang, YANG XU
New Threat: ZHtrap botnet implements honeypot to facilitate finding more victims
ZHtrap
2021-03-12splunkAmy Heng, Dave Herrald, Derek King, James Brodsky, John Stoner, Jose Hernandez, Marcus LaFerrera, Michael Haag, Mick Baccio, Ryan Kovar, Shannon Davis
Detecting Microsoft Exchange Vulnerabilities - 0 + 8 Days Later…
2021-03-11QuriumQurium
Myanmar – Multi-stage malware attack targets elected lawmakers
Cobalt Strike
2021-03-11FortinetRotem Kerner
Whitelist Me, Maybe? “Netbounce” Threat Actor Tries A Bold Approach To Evade Detection
2021-03-11Bleeping ComputerLawrence Abrams
Ransomware now attacks Microsoft Exchange servers with ProxyLogon exploits
2021-03-11Palo Alto Networks Unit 42Unit 42
Microsoft Exchange Server Attack Timeline
CHINACHOPPER
2021-03-11FlashpointFlashpoint
CL0P and REvil Escalate Their Ransomware Tactics
Clop REvil
2021-03-11YouTube ( Malware_Analyzing_&_RE_Tips_Tricks)Jiří Vinopal
Formbook Reversing - Part1 [Formbook .NET loader/injector analyzing, decrypting, unpacking, patching]
Formbook
2021-03-11ElasticDaniel Stepanic
Update - Detection and Response for HAFNIUM Activity
2021-03-10Center for Security Studies (CSS)Florian J. Egloff, Max Smeets
Publicly attributing cyber attacks: a framework
2021-03-10PICUS SecuritySüleyman Özarslan
Tactics, Techniques, and Procedures (TTPs) Used by HAFNIUM to Target Microsoft Exchange Servers
CHINACHOPPER
2021-03-10ProofpointDennis Schwarz, Matthew Mesa, Proofpoint Threat Research Team
NimzaLoader: TA800’s New Initial Access Malware
BazarNimrod Cobalt Strike
2021-03-10US-CERTCISA
Remediating Networks Affected by the SolarWinds and Active Directory/M365 Compromise
SUNBURST
2021-03-10Bleeping ComputerLawrence Abrams
Norway parliament data stolen in Microsoft Exchange attack
2021-03-10Lemon's InfoSec RamblingsJosh Lemon
Microsoft Exchange & the HAFNIUM Threat Actor
CHINACHOPPER
2021-03-10IntezerAvigayil Mechtinger, Joakim Kennedy
New Linux Backdoor RedXOR Likely Operated by Chinese Nation-State Actor
RedXOR XOR DDoS
2021-03-09Youtube (SANS Digital Forensics and Incident Response)Eric Loui, Sergei Frankoff
Jackpotting ESXi Servers For Maximum Encryption | Eric Loui & Sergei Frankoff | SANS CTI Summit 2021
DarkSide RansomEXX DarkSide RansomEXX GOLD DUPONT
2021-03-09MalwarebytesPieter Arntz
Microsoft Exchange attacks cause panic as criminals go shell collecting
2021-03-09CyberArkAluma Lavi Shaari
Kinsing: The Malware with Two Faces
Kinsing