Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-01-19HPPatrick Schläpfer
Dridex Malicious Document Analysis: Automating the Extraction of Payload URLs
Dridex
2021-01-19MalwarebytesMarcin Kleczynski
Malwarebytes targeted by Nation State Actor implicated in SolarWinds breach. Evidence suggests abuse of privileged access to Microsoft Office 365 and Azure environments
2021-01-19Github (fireeye)FireEye
Mandiant Azure AD Investigator: Focusing on UNC2452 TTPs
SUNBURST
2021-01-19MandiantDouglas Bienstock, Matthew McWhirt, Mike Burns, Nick Bennett
Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452 (WHITE PAPER)
2021-01-19FireEyeDouglas Bienstock, Matthew McWhirt, Mike Burns, Nick Bennett
Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452
2021-01-19CheckpointOmer Ventura, Ori Hamama
FreakOut – Leveraging Newest Vulnerabilities for creating a Botnet
N3Cr0m0rPh
2021-01-19Trend MicroFernando Mercês, Stephen Hilt
VPNFilter Two Years Later: Routers Still Compromised
VPNFilter
2021-01-19JPCERT/CCShusei Tomonaga
Tools used within the network invaded by attack group Lazarus
2021-01-18SymantecThreat Hunter Team
Raindrop: New Malware Discovered in SolarWinds Investigation
Cobalt Strike Raindrop SUNBURST TEARDROP
2021-01-18ArxivDaniele Sgandurra, Jason Gray, Lorenzo Cavallaro
Identifying Authorship Style in Malicious Binaries: Techniques, Challenges & Datasets
2021-01-18Twitter (@teamcymru)Team Cymru
Tweet on APT36 CrimsonRAT C2
Crimson RAT
2021-01-18aaqeel01Ali Aqeel
Docx Files Template-Injection
Unidentified 003 (Gamaredon Downloader)
2021-01-18Bleeping ComputerLawrence Abrams
IObit forums hacked in widespread DeroHE ransomware attack
2021-01-18The DFIR ReportThe DFIR Report
All That for a Coinminer?
Coinminer Monero Miner
2021-01-18WiredAndy Greenberg
Trump’s Worst, Most Bizarre Statements About ‘the Cyber’
2021-01-18Cado Securitycadolabs
Botnet Deploys Cloud and Container Attack Techniques
2021-01-17Twitter (@AltShiftPrtScn)Peter Mackenzie
Tweet on Conti Ransomware group exploiting FortiGate VPNs to drop in CobaltStrike loaders
Cobalt Strike Conti
2021-01-15The Hacker NewsRavie Lakshmaman
Researchers Disclose Undocumented Chinese Malware Used in Recent Attacks
CROSSWALK
2021-01-15nccgroupDavid Cash
Sign over Your Hashes – Stealing NetNTLM Hashes via Outlook Signatures
2021-01-15Medium DansecDan Lussier
Detecting Malicious C2 Activity -SpawnAs & SMB Lateral Movement in CobaltStrike
Cobalt Strike