Click here to download all references as Bib-File.•
| 2021-01-25
⋅
Twitter (@IntelAdvanced)
⋅
Tweet on Ryuk Ransomware group's post exploitation tactics including usage of Keethief tool Ryuk |
| 2021-01-22
⋅
Twitter (@bryceabdo)
⋅
Tweet on GRIMAGENT malware used by UNC1878 during some #RYUK intrusions in 2020 GRIMAGENT |
| 2021-01-20
⋅
Twitter (@malwrhunterteam)
⋅
Tweet on Vovalex ransomware Vovalex |
| 2021-01-19
⋅
Twitter (@ConfiantIntel)
⋅
Tweet on WizardUpdate macOS backdoor Vigram |
| 2021-01-19
⋅
⋅
Twitter (@jpcert_ac)
⋅
Tweet on LODEINFO ver 0.47 spotted ITW targeting Japan LODEINFO |
| 2021-01-18
⋅
Twitter (@teamcymru)
⋅
Tweet on APT36 CrimsonRAT C2 Crimson RAT |
| 2021-01-17
⋅
Twitter (@AltShiftPrtScn)
⋅
Tweet on Conti Ransomware group exploiting FortiGate VPNs to drop in CobaltStrike loaders Cobalt Strike Conti |
| 2021-01-11
⋅
Twitter (@dk_samper)
⋅
Tweet on Initial access of Avaddon Ransomware group from an IR engagement Avaddon |
| 2021-01-07
⋅
Twitter (@campuscodi)
⋅
Tweet on London's Hackney Council attacked by Pysa/Mespinoza ransomware Mespinoza |
| 2021-01-05
⋅
Twitter (@Sebdraven)
⋅
Tweet on link between Babuk and Vasa locker Babuk |
| 2021-01-04
⋅
Twitter (@TheEnergyStory)
⋅
Some small detail on compiler used for TEARDROP TEARDROP |
| 2021-01-02
⋅
Twitter (MalwareHunterTeam)
⋅
Tweet on Knot Ransomware Knot |
| 2020-12-30
⋅
Twitter (@3xp0rtblog)
⋅
Tweet on Alfonso Stealer Alfonso Stealer |
| 2020-12-26
⋅
Twitter (@MalwareRE)
⋅
Tweet on active exploitation of 0day vulnerability in the SolarWinds Orion SUPERNOVA |
| 2020-12-24
⋅
Twitter (@TheEnergyStory)
⋅
Tweet on TEARDROP sample TEARDROP |
| 2020-12-20
⋅
Twitter (@TychoTithonus)
⋅
SolarWinds/SunBurst FNV-1a-XOR hashes found in analysis SUNBURST |
| 2020-12-19
⋅
Twitter (@GossiTheDog)
⋅
A twitter thread on Azure sentinel hunting queries for detecting UNC2452 activity |
| 2020-12-17
⋅
Twitter (@megabeets_)
⋅
Tweet on SUNBURST malware discussing some of its evasion techniques SUNBURST |
| 2020-12-16
⋅
Twitter @cybercdh)
⋅
Tweet on 3 key actions SUNBURST performs as soon as it's invoked SUNBURST |
| 2020-12-16
⋅
Twitter (@FireEye)
⋅
Tweet on SUNBURST from FireEye detailing some additional information SUNBURST |