Click here to download all references as Bib-File.•
| 2021-03-18
⋅
Github (cisagov)
⋅
CISA Hunt and Incident Response Program (CHIRP) SUNBURST |
| 2021-02-25
⋅
Microsoft
⋅
CodeQL queries to hunt for Solorigate activity SUNBURST |
| 2021-02-25
⋅
Microsoft
⋅
Microsoft open sources CodeQL queries used to hunt for Solorigate activity SUNBURST |
| 2021-01-11
⋅
Palo Alto Networks Unit 42
⋅
xHunt Campaign: New BumbleBee Webshell and SSH Tunnels Used for Lateral Movement |
| 2020-12-15
⋅
Cyborg Security
⋅
Threat Hunt Deep Dives: SolarWinds Supply Chain Compromise (Solorigate / SUNBURST Backdoor) SUNBURST |
| 2020-11-09
⋅
Palo Alto Networks Unit 42
⋅
xHunt Campaign: Newly Discovered Backdoors Using Deleted Email Drafts and DNS Tunneling for Command and Control Snugy |
| 2020-07-28
⋅
Kaspersky Labs
⋅
Lazarus on the hunt for big game Dacls Dacls Dacls VHD Ransomware |
| 2020-01-27
⋅
Palo Alto Networks Unit 42
⋅
xHunt Campaign: New Watering Hole Identified for Credential Harvesting |
| 2019-12-04
⋅
Palo Alto Networks Unit 42
⋅
xHunt Campaign: xHunt Actor’s Cheat Sheet |
| 2019-10-10
⋅
Palo Alto Networks Unit 42
⋅
xHunt Campaign: New PowerShell Backdoor Blocked Through DNS Tunnel Detection CASHY200 |
| 2019-09-23
⋅
Palo Alto Networks Unit 42
⋅
xHunt Campaign: Attacks on Kuwait Shipping and Transportation Organizations Hisoka |
| 2018-08-29
⋅
Kaspersky Labs
⋅
Loki Bot: On a hunt for corporate passwords Loki Password Stealer (PWS) |
| 2018-08-01
⋅
FireEye
⋅
On the Hunt for FIN7: Pursuing an Enigmatic and Evasive Global Criminal Operation BELLHOP POWERPIPE BABYMETAL SocksBot FIN7 |
| 2017-04-04
⋅
Kaspersky Labs
⋅
Chasing Lazarus: A Hunt for the Infamous Hackers to Prevent Large Bank Robberies Lazarus Group |
| 2017-03-21
⋅
Wired
⋅
Inside the Hunt for Russia’s Most Notorious Hacker Gameover P2P Murofet Zeus |
| 2017-03-21
⋅
DomainTools
⋅
Hunt Case Study: Hunting Campaign Indicators on Privacy Protected Attack Infrastructure CopyKittens |
| 2017-03-21
⋅
Wired
⋅
Inside the Hunt for Russia's Most Notorious Hacker Gameover P2P |