Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-03-01FireEyeFireEye, Mandiant
ACCELLION, INC. File Transfer Appliance (FTA) Security Assessment
DEWMODE
2021-02-25FireEyeBrendan McKeague, Bryce Abdo, Van Ta
So Unchill: Melting UNC2198 ICEDID to Ransomware Operations
MOUSEISLAND Cobalt Strike Egregor IcedID Maze SystemBC
2021-02-25BrightTALK (FireEye)Andrew Rector, Mandiant, Matt Bromiley
Light in the Dark: Hunting for SUNBURST
SUNBURST
2021-02-22FireEyeAndrew Moore, Genevieve Stark, Isif Ibrahima, Kimberly Goody, Van Ta
Cyber Criminals Exploit Accellion FTA for Data Theft and Extortion
DEWMODE Clop
2021-02-16FireEyeAndrew Rector, Matt Bromiley, Robert Wallace
Light in the Dark: Hunting for SUNBURST
SUNBURST
2021-01-26FireEyeBernard Sapaden, Mohammed Mohsin Dalla, Rahul Mohandas, Sachin Shukla, Srini Seethapathy, Sujnani Ravindra
Phishing Campaign Leverages WOFF Obfuscation and Telegram Channels for Communication
2021-01-20FireEyeAndrew Davis
Emulation of Kernel Mode Rootkits With Speakeasy
Winnti
2021-01-19Github (fireeye)FireEye
Mandiant Azure AD Investigator: Focusing on UNC2452 TTPs
SUNBURST
2021-01-19FireEyeDouglas Bienstock, Matthew McWhirt, Mike Burns, Nick Bennett
Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452
2021-01-12BrightTALK (FireEye)Ben Read, John Hultquist
UNC2452: What We Know So Far
Cobalt Strike SUNBURST TEARDROP
2021-01-11ReutersChristopher Bing
Exclusive: FBI probes Russian-linked postcard sent to FireEye CEO after cybersecurity firm uncovered hack - sources
2020-12-24FireEyeJay Smith, Stephen Eckels, William Ballenthin
SUNBURST Additional Technical Details
SUNBURST
2020-12-17FireEyeKelli Vanderlee
DebUNCing Attribution: How Mandiant Tracks Uncategorized Threat Actors
2020-12-16Bleeping ComputerLawrence Abrams
FireEye, Microsoft create kill switch for SolarWinds backdoor
SUNBURST
2020-12-16Twitter (@FireEye)FireEye
Tweet on SUNBURST from FireEye detailing some additional information
SUNBURST
2020-12-15InfoSec Handlers Diary BlogDidier Stevens
Analyzing FireEye Maldocs
2020-12-14Olaf Hartong
FireEye Sunburst KQL Detections
SUNBURST
2020-12-13FireEyeAlex Berry, Alex Pennino, Alyssa Rahman, Andrew Archer, Andrew Rector, Andrew Thompson, Barry Vengerik, Ben Read, Ben Withnell, Chris DiGiamo, Christopher Glyer, Dan Perez, Dileep Jallepalli, Doug Bienstock, Eric Scales, Evan Reese, Fred House, Glenn Edwards, Ian Ahl, Isif Ibrahima, Jay Smith, John Gorman, John Hultquist, Jon Leathery, Lennard Galang, Marcin Siedlarz, Matt Dunwoody, Matthew McWhirt, Michael Sikorski, Microsoft, Mike Burns, Nalani Fraiser, Nick Bennett, Nick Carr, Nick Hornick, Nick Richard, Nicole Oppenheim, Omer Baig, Ramin Nafisi, Sarah Jones, Scott Runnels, Stephen Eckels, Steve Miller, Steve Stone, William Ballenthin
Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor
SUNBURST SUPERNOVA TEARDROP UNC2452
2020-12-13Github (fireeye)FireEye
SUNBURST Countermeasures
SUNBURST SUPERNOVA TEARDROP UNC2452
2020-12-13FireEyeKevin Mandia
Global Intrusion Campaign Leverages Software Supply Chain Compromise