Click here to download all references as Bib-File.•
2021-11-08
⋅
NCC Group
⋅
TA505 exploits SolarWinds Serv-U vulnerability (CVE-2021-35211) for initial access |
2021-10-11
⋅
NCC Group
⋅
SnapMC skips ransomware, steals data |
2021-09-23
⋅
NCC Group
⋅
Detecting and Hunting for the PetitPotam NTLM Relay Attack |
2021-06-15
⋅
NCC Group
⋅
Handy guide to a new Fivehands ransomware variant FiveHands |
2021-06-15
⋅
NCC Group
⋅
Handy guide to a new Fivehands ransomware variant FiveHands |
2021-06-15
⋅
NCC Group
⋅
Handy guide to a new Fivehands ransomware variant FiveHands |
2021-05-04
⋅
NCC Group
⋅
RM3 – Curiosities of the wildest banking malware ISFB RM3 |
2021-05-04
⋅
NCC Group
⋅
RM3 – Curiosities of the wildest banking malware ISFB RM3 |
2021-03-04
⋅
NCC Group
⋅
Deception Engineering: exploring the use of Windows Service Canaries against ransomware Ryuk |
2021-01-23
⋅
NCC Group
⋅
RIFT: Analysing a Lazarus Shellcode Execution Method |
2020-07-05
⋅
NCC Group
⋅
RIFT: F5 Networks K52145254: TMUI RCE vulnerability CVE-2020-5902 Intelligence |
2020-06-23
⋅
NCC Group
⋅
WastedLocker: A New Ransomware Variant Developed By The Evil Corp Group Cobalt Strike ISFB WastedLocker |
2020-06-23
⋅
NCC Group
⋅
WastedLocker: A New Ransomware Variant Developed By The Evil Corp Group Cobalt Strike ISFB WastedLocker |
2020-06-23
⋅
NCC Group
⋅
WastedLocker: A New Ransomware Variant Developed By The Evil Corp Group Cobalt Strike ISFB WastedLocker |
2020-06-15
⋅
NCC Group
⋅
Striking Back at Retired Cobalt Strike: A look at a legacy vulnerability Cobalt Strike |
2020-06-02
⋅
NCC Group
⋅
In-depth analysis of the new Team9 malware family BazarBackdoor |
2020-06-02
⋅
NCC Group
⋅
In-depth analysis of the new Team9 malware family BazarBackdoor |
2020-05-27
⋅
NCC Group
⋅
Detecting Rclone – An Effective Tool for Exfiltration |
2018-06-12
⋅
NCC Group
⋅
CVE-2017-8570 RTF and the Sisfader RAT Sisfader |
2018-05-18
⋅
NCC Group
⋅
Emissary Panda – A potential new malicious tool HttpBrowser |
2018-05-18
⋅
NCC Group
⋅
Emissary Panda – A potential new malicious tool HttpBrowser |
2018-04-20
⋅
NCC Group
⋅
Decoding network data from a Gh0st RAT variant Ghost RAT APT27 |
2018-04-17
⋅
NCC Group
⋅
Decoding network data from a Gh0st RAT variant Ghost RAT APT27 |
2018-03-16
⋅
Github (nccgroup)
⋅
Royal APT - APT15 Repository BS2005 MS Exchange Tool RoyalCli Royal DNS APT15 |
2018-03-10
⋅
NCC Group
⋅
APT15 is alive and strong: An analysis of RoyalCli and RoyalDNS BS2005 MS Exchange Tool RoyalCli Royal DNS APT15 |
2017-09-19
⋅
NCC Group
⋅
EternalGlue part one: Rebuilding NotPetya to assess real-world resilience EternalPetya |
2017-08-31
⋅
NCC Group
⋅
Analysing a recent Poison Ivy sample Poison Ivy |
2016-07-14
⋅
Github (nccgroup)
⋅
Technical Notes on Sakula Sakula RAT |
2016-06-16
⋅
NCC Group
⋅
Sakula: an adventure in DLL planting |