Click here to download all references as Bib-File.•
| 2022-04-04
⋅
The DFIR Report
⋅
Stolen Images Campaign Ends in Conti Ransomware Conti IcedID |
| 2022-03-21
⋅
The DFIR Report
⋅
APT35 Automates Initial Access Using ProxyShell |
| 2022-03-07
⋅
The DFIR Report
⋅
2021 Year In Review Cobalt Strike |
| 2022-03-01
⋅
Twitter (@TheDFIRReport)
⋅
Twitter thread with highlights from conti leaks Conti |
| 2022-02-21
⋅
Qbot and Zerologon Lead To Full Domain Compromise Cobalt Strike QakBot |
| 2022-02-07
⋅
The DFIR Report
⋅
Qbot Likes to Move It, Move It QakBot |
| 2022-01-24
⋅
The DFIR Report
⋅
Cobalt Strike, a Defender’s Guide – Part 2 Cobalt Strike |
| 2021-12-13
⋅
The DFIR Report
⋅
Diavol Ransomware BazarBackdoor Conti Diavol |
| 2021-11-29
⋅
The DFIR Report
⋅
CONTInuing the Bazar Ransomware Story BazarBackdoor Cobalt Strike Conti |
| 2021-11-15
⋅
The DFIR Report
⋅
Exchange Exploit Leads to Domain Wide Ransomware |
| 2021-11-01
⋅
The DFIR Report
⋅
From Zero to Domain Admin Cobalt Strike Hancitor |
| 2021-10-18
⋅
The DFIR Report
⋅
IcedID to XingLocker Ransomware in 24 hours Cobalt Strike IcedID Mount Locker |
| 2021-10-04
⋅
The DFIR Report
⋅
BazarLoader and the Conti Leaks BazarBackdoor Cobalt Strike Conti |
| 2021-09-13
⋅
The DFIR Report
⋅
BazarLoader to Conti Ransomware in 32 Hours BazarBackdoor Cobalt Strike Conti |
| 2021-08-29
⋅
The DFIR Report
⋅
Cobalt Strike, a Defender’s Guide Cobalt Strike |
| 2021-08-01
⋅
The DFIR Report
⋅
BazarCall to Conti Ransomware via Trickbot and Cobalt Strike BazarBackdoor Cobalt Strike Conti TrickBot |
| 2021-07-19
⋅
The DFIR Report
⋅
IcedID and Cobalt Strike vs Antivirus Cobalt Strike IcedID |
| 2021-06-28
⋅
The DFIR Report
⋅
Hancitor Continues to Push Cobalt Strike Cobalt Strike Hancitor |
| 2021-06-20
⋅
The DFIR Report
⋅
From Word to Lateral Movement in 1 Hour Cobalt Strike IcedID |
| 2021-06-03
⋅
The DFIR Report
⋅
WebLogic RCE Leads to XMRig |