Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-08-05Red CanaryBrian Donohue, Dan Cotton, Tony Lambert
When Dridex and Cobalt Strike give you Grief
Cobalt Strike DoppelDridex DoppelPaymer
2021-05-04Red CanaryAaron Didier, Justin Schoenfeld
Transferring leverage in a ransomware attack
2021-05-04Red CanaryAaron Didier, Justin Schoenfeld
Transferring leverage in a ransomware attack
2021-03-31Red CanaryRed Canary
2021 Threat Detection Report
Shlayer Andromeda Cobalt Strike Dridex Emotet IcedID MimiKatz QakBot TrickBot
2021-03-09Red CanaryBrian Donohue, Katie Nickels, Tony Lambert
Microsoft Exchange server exploitation: how to detect, mitigate, and stay calm
CHINACHOPPER
2021-03-09Red CanaryBrian Donohue, Katie Nickels, Tony Lambert
Microsoft Exchange server exploitation: how to detect, mitigate, and stay calm
CHINACHOPPER
2021-03-09Red CanaryBrian Donohue, Katie Nickels, Tony Lambert
Microsoft Exchange server exploitation: how to detect, mitigate, and stay calm
CHINACHOPPER
2021-02-18Red CanaryTony Lambert
Clipping Silver Sparrow’s wings: Outing macOS malware before it takes flight
Silver Sparrow
2021-01-06Red CanaryTony Lambert
Hunting for GetSystem in offensive security tools
Cobalt Strike Empire Downloader Meterpreter PoshC2
2020-12-08Red CanaryMatt Graeber
The why, what, and how of threat research
2020-12-04Red CanaryRed Canary
Yellow Cockatoo: Search engine redirects, in-memory remote access trojan, and more
Yellow Cockatoo RAT
2020-12-02Red Canarytwitter (@redcanary)
Tweet on increased #Qbot activity delivering Cobalt Strike & #Egregor ransomware
Cobalt Strike Egregor QakBot
2020-10-29Red CanaryThe Red Canary Team
A Bazar start: How one hospital thwarted a Ryuk ransomware outbreak
Cobalt Strike Ryuk TrickBot
2020-07-22Red CanaryTony Lambert
Connecting Kinsing malware to Citrix and SaltStack campaigns
Kinsing
2020-06-17Youtube (Red Canary)Red Canary
Threat Detection: Blue Mockingbird
2020-06-17Youtube (Red Canary)Adam Pennington, David Kaplan, Erika Noerenberg, Matt Graeber
ATT&CK® Deep Dive: Process Injection
ISFB Ramnit TrickBot
2020-06-17Youtube (Red Canary)Adam Pennington, David Kaplan, Erika Noerenberg, Matt Graeber
ATT&CK® Deep Dive: Process Injection
ISFB Ramnit TrickBot
2020-06-17Youtube (Red Canary)Adam Pennington, David Kaplan, Erika Noerenberg, Matt Graeber
ATT&CK® Deep Dive: Process Injection
ISFB Ramnit TrickBot
2020-06-17Youtube (Red Canary)Adam Pennington, David Kaplan, Erika Noerenberg, Matt Graeber
ATT&CK® Deep Dive: Process Injection
ISFB Ramnit TrickBot
2020-05-07Red CanaryJesse Brown
Detecting COR_PROFILER manipulation for persistence
2020-05-07Red CanaryTony Lambert
Introducing Blue Mockingbird
2019-06-27Red CanaryCasey Smith, Michael Haag
Tracking driver inventory to unearth rootkits
NuggetPhantom
2019-06-27Red CanaryCasey Smith, Michael Haag
Tracking driver inventory to unearth rootkits
NuggetPhantom
2019-05-01Red CanaryTony Lambert
FrameworkPOS and the adequate persistent threat
Grateful POS