Click here to download all references as Bib-File.•
| 2021-06-07
⋅
Twitter (@James_inthe_box)
⋅
Tweet on characteristic strings in snake keylogger 404 Keylogger |
| 2021-06-03
⋅
Twitter (@James_inthe_box)
⋅
Tweet on AskarLoader malware |
| 2021-05-11
⋅
splunk
⋅
The DarkSide of the Ransomware Pipeline DarkSide |
| 2021-05-01
⋅
Twitter (@JAMESWT_MHT)
⋅
Tweet on linux version of DarkSide ransomware DarkSide DarkSide |
| 2021-04-22
⋅
splunk
⋅
SUPERNOVA Redux, with a Generous Portion of Masquerading SUPERNOVA |
| 2021-04-21
⋅
splunk
⋅
Monitoring Pulse Connect Secure With Splunk (CISA Emergency Directive 21-03) |
| 2021-03-12
⋅
splunk
⋅
Detecting Microsoft Exchange Vulnerabilities - 0 + 8 Days Later… |
| 2021-03-12
⋅
Binary Defense
⋅
IcedID GZIPLOADER Analysis IcedID |
| 2021-03-02
⋅
Atlantic Council
⋅
Countering Cyber Proliferation: Zeroing in on Access-as-a-Service |
| 2021-02-03
⋅
Twitter (@James_inthe_box)
⋅
Tiwtter thread on Nim rewrite of Bazarloader BazarNimrod |
| 2021-01-27
⋅
Team Cymru
⋅
Taking Down Emotet How Team Cymru Leveraged Visibility and Relationships to Coordinate Community Efforts Emotet |
| 2021-01-08
⋅
splunk
⋅
A Golden SAML Journey: SolarWinds Continued SUNBURST |
| 2020-12-23
⋅
Sentinel LABS
⋅
SolarWinds | Understanding & Detecting the SUPERNOVA Webshell Trojan SUPERNOVA BRONZE SPIRAL |
| 2020-12-23
⋅
Sentinel LABS
⋅
SolarWinds | Understanding & Detecting the SUPERNOVA Webshell Trojan SUPERNOVA |
| 2020-12-18
⋅
Sentinel LABS
⋅
SolarWinds SUNBURST Backdoor: Inside the APT Campaign SUNBURST |
| 2020-12-01
⋅
FireEye
⋅
Using Speakeasy Emulation Framework Programmatically to Unpack Malware |
| 2020-10-20
⋅
Infoblox
⋅
404 Keylogger Campaigns 404 Keylogger |
| 2020-09-30
⋅
Team Cymru
⋅
Pandamic: Emissary Pandas in the Middle East HyperBro HyperSSL |
| 2020-08-17
⋅
Cado Security
⋅
Team TNT - The First Crypto-Mining Worm to Steal AWS Credentials TeamTNT |
| 2020-08-14
⋅
Binary Defense
⋅
EmoCrash: Exploiting a Vulnerability in Emotet Malware for Defense Emotet |