Click here to download all references as Bib-File.
2021-05-25 ⋅ Huntress Labs ⋅ Cobalt Strikes Again: An Analysis of Obfuscated Malware Cobalt Strike |
2021-05-06 ⋅ Sophos Labs ⋅ MTR in Real Time: Pirates pave way for Ryuk ransomware Ryuk |
2021-03-14 ⋅ DAILY BEAST ⋅ How China’s Devastating Microsoft Hack Puts Us All at Risk HAFNIUM |
2021-03-10 ⋅ Proofpoint ⋅ NimzaLoader: TA800’s New Initial Access Malware BazarNimrod Cobalt Strike |
2021-03-08 ⋅ Palo Alto Networks Unit 42 ⋅ Attack Chain Overview: Emotet in December 2020 and January 2021 Emotet |
2021-03-02 ⋅ Volexity ⋅ Operation Exchange Marauder: Active Exploitation of Multiple Zero-Day Microsoft Exchange Vulnerabilities CHINACHOPPER HAFNIUM |
2021-01-19 ⋅ FireEye ⋅ Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452 |
2021-01-19 ⋅ Mandiant ⋅ Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452 (WHITE PAPER) |
2021-01-06 ⋅ Mimecast ⋅ How to Slam a Door on the Cutwail Botnet: Enforce DMARC Cutwail |
2020-12-18 ⋅ Trend Micro ⋅ Negasteal Uses Hastebin for Fileless Delivery of Crysis Ransomware Agent Tesla Dharma |
2020-12-17 ⋅ Palo Alto Networks Unit 42 ⋅ SUPERNOVA SolarWinds .NET Webshell Analysis SUPERNOVA BRONZE SPIRAL |
2020-12-14 ⋅ Volexity ⋅ Dark Halo Leverages SolarWinds Compromise to Breach Organizations SUNBURST |
2020-12-13 ⋅ FireEye ⋅ Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor SUNBURST SUPERNOVA TEARDROP UNC2452 |
2020-11-20 ⋅ Trend Micro ⋅ Weaponizing Open Source Software for Targeted Attacks LaZagne Defray PlugX |
2020-07-08 ⋅ COLUMBIA | SIPA ⋅ Named But Hardly Shamed: What is the Impact of Information Disclosures on an APT Operations? |
2020-07-07 ⋅ FireEye ⋅ Configuring a Windows Domain to Dynamically Analyze an Obfuscated Lateral Movement Tool |
2020-05-28 ⋅ Rapid7 Labs ⋅ The Masked SYNger: Investigating a Traffic Phenomenon |
2020-05-20 ⋅ Proofpoint ⋅ ZLoader Loads Again: New ZLoader Variant Returns Zloader |
2020-05-14 ⋅ Trend Micro ⋅ QNodeService: Node.js Trojan Spread via Covid-19 Lure QNodeService |
2020-04-21 ⋅ Volexity ⋅ Evil Eye Threat Actor Resurfaces with iOS Exploit and Updated Implant |