Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-03-11ElasticDaniel Stepanic
@online{stepanic:20210311:update:ef4f676, author = {Daniel Stepanic}, title = {{Update - Detection and Response for HAFNIUM Activity}}, date = {2021-03-11}, organization = {Elastic}, url = {https://discuss.elastic.co/t/detection-and-response-for-hafnium-activity/266289/3?u=dstepanic}, language = {English}, urldate = {2021-03-12} } Update - Detection and Response for HAFNIUM Activity
2021-03-09360 netlabJiaYu
@online{jiayu:20210309:threat:fa2a2a3, author = {JiaYu}, title = {{Threat Alert: z0Miner Is Spreading quickly by Exploiting ElasticSearch and Jenkins Vulnerabilities}}, date = {2021-03-09}, organization = {360 netlab}, url = {https://blog.netlab.360.com/threat-alert-z0miner-is-spreading-quickly-by-exploiting-elasticsearch-and-jenkins-vulnerabilities/}, language = {English}, urldate = {2021-03-11} } Threat Alert: z0Miner Is Spreading quickly by Exploiting ElasticSearch and Jenkins Vulnerabilities
2021-03-04ElasticDevon Kerr
@online{kerr:20210304:detection:eb05792, author = {Devon Kerr}, title = {{Detection and Response for HAFNIUM Activity}}, date = {2021-03-04}, organization = {Elastic}, url = {https://discuss.elastic.co/t/detection-and-response-for-hafnium-activity/266289}, language = {English}, urldate = {2021-03-10} } Detection and Response for HAFNIUM Activity
HAFNIUM
2020-12-18ElasticCamilla Montonen, Justin Ibarra
@online{montonen:20201218:combining:13fef73, author = {Camilla Montonen and Justin Ibarra}, title = {{Combining supervised and unsupervised machine learning for DGA detection}}, date = {2020-12-18}, organization = {Elastic}, url = {https://www.elastic.co/blog/supervised-and-unsupervised-machine-learning-for-dga-detection}, language = {English}, urldate = {2020-12-18} } Combining supervised and unsupervised machine learning for DGA detection
SUNBURST
2020-06-30Github (elastic)Elastic
@online{elastic:20200630:detection:79c8fbe, author = {Elastic}, title = {{Detection Rules by Elastic}}, date = {2020-06-30}, organization = {Github (elastic)}, url = {https://github.com/elastic/detection-rules}, language = {English}, urldate = {2020-07-02} } Detection Rules by Elastic
2020-06-25ElasticSamir Bousseaden, Daniel Stepanic
@online{bousseaden:20200625:close:be8a8b2, author = {Samir Bousseaden and Daniel Stepanic}, title = {{A close look at the advanced techniques used in a Malaysian-focused APT campaign}}, date = {2020-06-25}, organization = {Elastic}, url = {https://www.elastic.co/blog/advanced-techniques-used-in-malaysian-focused-apt-campaign}, language = {English}, urldate = {2020-06-25} } A close look at the advanced techniques used in a Malaysian-focused APT campaign
DADSTACHE Leviathan
2020-05-25ElasticBrent Murphy, David French, Jamie Butler
@online{murphy:20200525:elastic:a743893, author = {Brent Murphy and David French and Jamie Butler}, title = {{The Elastic Guide to Threat Hunting}}, date = {2020-05-25}, organization = {Elastic}, url = {https://www.elastic.co/pdf/elastic-guide-to-threat-hunting}, language = {English}, urldate = {2020-06-08} } The Elastic Guide to Threat Hunting
2020-02-13ElasticDaniel Stepanic, Andrew Pease, Seth Goodwin
@online{stepanic:20200213:playing:ae77be6, author = {Daniel Stepanic and Andrew Pease and Seth Goodwin}, title = {{Playing defense against Gamaredon Group}}, date = {2020-02-13}, organization = {Elastic}, url = {https://www.elastic.co/blog/playing-defense-against-gamaredon-group}, language = {English}, urldate = {2020-06-26} } Playing defense against Gamaredon Group
Pteranodon
2019-12-04ElasticDavid French
@online{french:20191204:ransomware:92a6fae, author = {David French}, title = {{Ransomware, interrupted: Sodinokibi and the supply chain}}, date = {2019-12-04}, organization = {Elastic}, url = {https://www.elastic.co/blog/ransomware-interrupted-sodinokibi-and-the-supply-chain}, language = {English}, urldate = {2020-06-30} } Ransomware, interrupted: Sodinokibi and the supply chain
REvil
2017-07-18ElasticAshkan Hosseini
@online{hosseini:20170718:ten:600fd92, author = {Ashkan Hosseini}, title = {{Ten process injection techniques: A technical survey of common and trending process injection techniques}}, date = {2017-07-18}, organization = {Elastic}, url = {https://www.elastic.co/de/blog/ten-process-injection-techniques-technical-survey-common-and-trending-process}, language = {English}, urldate = {2020-07-15} } Ten process injection techniques: A technical survey of common and trending process injection techniques
Almanahe Diztakun Ginwui
2017-07-18ElasticAshkan Hosseini
@online{hosseini:20170718:ten:af036b3, author = {Ashkan Hosseini}, title = {{Ten process injection techniques: A technical survey of common and trending process injection techniques}}, date = {2017-07-18}, organization = {Elastic}, url = {https://www.elastic.co/blog/ten-process-injection-techniques-technical-survey-common-and-trending-process}, language = {English}, urldate = {2020-07-15} } Ten process injection techniques: A technical survey of common and trending process injection techniques
Cryakl CyberGate Dridex FinFisher RAT Locky