Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-01-24Medium nasbenchNasreddine Bencherchali
Common Tools & Techniques Used By Threat Actors and Malware — Part I
2021-01-24Bleeping ComputerLawrence Abrams
Another ransomware (Avaddon) now uses DDoS attacks to force victims to pay
Avaddon
2021-01-23Youtube (MalwareAnalysisForHedgehogs)Karsten Hahn
Malware Analysis - Fileless GooLoad static analysis and unpacking
2021-01-22SymantecThreat Hunter Team
SolarWinds: How Sunburst Sends Data Back to the Attackers
SUNBURST
2021-01-21NetbyteSECFareed Fauzi
Solarwinds Attack: Sunburst's DLL Technical Analysis
SUNBURST
2021-01-21360 Threat Intelligence CenterAdvanced Threat Institute
Disclosure of Manling Flower Organization (APT-C-08) using Warzone RAT attack
Ave Maria
2021-01-21Sophos LabsAndrew Brandt, Gabor Szappanos
MrbMiner: Cryptojacking to bypass international sanctions
2021-01-21Sophos LabsAndrew Brandt, Gabor Szappanos
MrbMiner: Cryptojacking to bypass international sanctions
2021-01-20Trend MicroAbraham Camba, Gilbert Sison, Ryan Maglaque
XDR investigation uncovers PlugX, unique technique in APT attack
PlugX
2021-01-20Trend MicroAbraham Camba, Gilbert Sison, Ryan Maglaque
XDR investigation uncovers PlugX, unique technique in APT attack
PlugX
2021-01-20Trend MicroAbraham Camba, Gilbert Sison, Ryan Maglaque
XDR investigation uncovers PlugX, unique technique in APT attack
PlugX
2021-01-20MicrosoftMicrosoft 365 Defender Research Team, Microsoft Cyber Defense Operations Center (CDOC), Microsoft Threat Intelligence Center (MSTIC)
Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop
Cobalt Strike SUNBURST TEARDROP
2021-01-20MicrosoftMicrosoft 365 Defender Research Team, Microsoft Cyber Defense Operations Center (CDOC), Microsoft Threat Intelligence Center (MSTIC)
Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop
Cobalt Strike SUNBURST TEARDROP
2021-01-20MicrosoftMicrosoft 365 Defender Research Team, Microsoft Cyber Defense Operations Center (CDOC), Microsoft Threat Intelligence Center (MSTIC)
Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop
Cobalt Strike SUNBURST TEARDROP
2021-01-19Twitter (@ConfiantIntel)ConfiantIntel
Tweet on WizardUpdate macOS backdoor
Vigram
2021-01-19HPPatrick Schläpfer
Dridex Malicious Document Analysis: Automating the Extraction of Payload URLs
Dridex
2021-01-19MalwarebytesMarcin Kleczynski
Malwarebytes targeted by Nation State Actor implicated in SolarWinds breach. Evidence suggests abuse of privileged access to Microsoft Office 365 and Azure environments
2021-01-19Twitter (@jpcert_ac)JPCERT/CC
Tweet on LODEINFO ver 0.47 spotted ITW targeting Japan
LODEINFO
2021-01-19Medium elis531989Eli Salem
Funtastic Packers And Where To Find Them
Get2 IcedID QakBot
2021-01-19JPCERT/CCShusei Tomonaga
Tools used within the network invaded by attack group Lazarus