Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-03-11Bleeping ComputerLawrence Abrams
Ransomware now attacks Microsoft Exchange servers with ProxyLogon exploits
2021-03-11Palo Alto Networks Unit 42Unit 42
Microsoft Exchange Server Attack Timeline
CHINACHOPPER
2021-03-11FlashpointFlashpoint
CL0P and REvil Escalate Their Ransomware Tactics
Clop REvil
2021-03-11YouTube ( Malware_Analyzing_&_RE_Tips_Tricks)Jiří Vinopal
Formbook Reversing - Part1 [Formbook .NET loader/injector analyzing, decrypting, unpacking, patching]
Formbook
2021-03-11ElasticDaniel Stepanic
Update - Detection and Response for HAFNIUM Activity
2021-03-10Center for Security Studies (CSS)Florian J. Egloff, Max Smeets
Publicly attributing cyber attacks: a framework
2021-03-10Twitter (@MSSPete)Pete Bryan
Tweet on Sample KQL query for detecting usage of HAFNIUM PoC code floating ITW
2021-03-10ProofpointDennis Schwarz, Matthew Mesa, Proofpoint Threat Research Team
NimzaLoader: TA800’s New Initial Access Malware
BazarNimrod Cobalt Strike
2021-03-10DomainToolsJoe Slowik
Examining Exchange Exploitation and its Lessons for Defenders
CHINACHOPPER
2021-03-10US-CERTCISA
Remediating Networks Affected by the SolarWinds and Active Directory/M365 Compromise
SUNBURST
2021-03-10Bleeping ComputerLawrence Abrams
Norway parliament data stolen in Microsoft Exchange attack
2021-03-10Lemon's InfoSec RamblingsJosh Lemon
Microsoft Exchange & the HAFNIUM Threat Actor
CHINACHOPPER
2021-03-10ESET ResearchMathieu Tartare, Matthieu Faou, Thomas Dupuy
Exchange servers under siege from at least 10 APT groups
Microcin MimiKatz PlugX Winnti APT27 APT41 Calypso Tick ToddyCat Tonto Team Vicious Panda
2021-03-10BitdefenderBogdan Botezatu, Victor Vrabie
FIN8 Returns with Improved BADHATCH Toolkit
BADHATCH
2021-03-10NTT SecurityHiroki Hada
日本を標的としたPseudoGateキャンペーンによるSpelevo Exploit Kitを用いた攻撃について
Zloader
2021-03-10IntezerAvigayil Mechtinger, Joakim Kennedy
New Linux Backdoor RedXOR Likely Operated by Chinese Nation-State Actor
RedXOR XOR DDoS
2021-03-09YouTube (John Hammond)John Hammond
HAFNIUM - Post-Exploitation Analysis from Microsoft Exchange
CHINACHOPPER
2021-03-09MalwarebytesPieter Arntz
Microsoft Exchange attacks cause panic as criminals go shell collecting
2021-03-09Check Point ResearchAviran Hazum, Bohdan Melnykov, Israel Wernik
Clast82 – A new Dropper on Google Play Dropping the AlienBot Banker and MRAT
Alien
2021-03-09splunkSecurity Research Team
Cloud Federated Credential Abuse & Cobalt Strike: Threat Research February 2021
Cobalt Strike