Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-10-26Cisco TalosEdmund Brumaghin, Mariano Graziano, Nick Mavis
SQUIRRELWAFFLE Leverages malspam to deliver Qakbot, Cobalt Strike
Cobalt Strike QakBot Squirrelwaffle
2021-10-22AmazonAdam Palmer, Nick Coval
Building an open source IDS/IPS service on AWS with Suricata
2021-07-27Youtube (SANS Institute)John Hammond, Katie Nickels
SANS Threat Analysis Rundown - Kaseya VSA attack
REvil
2021-06-22CiscoNick Biasini
Attackers in Executive Clothing - BEC continues to separate orgs from their money
2021-06-16MandiantJared Wilson, Jordan Nuce, Justin Moore, Mike Hunhoff, Nick Harbour, Robert Dean, Tyler McLellan
Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise
DarkSide Cobalt Strike DarkSide SMOKEDHAM UNC2465
2021-06-16MandiantJared Wilson, Jordan Nuce, Justin Moore, Mike Hunhoff, Nick Harbour, Robert Dean, Tyler McLellan
Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise
Cobalt Strike SMOKEDHAM
2021-06-16FireEyeJared Wilson, Justin Moore, Mike Hunhoff, Nick Harbour, Robert Dean, Tyler McLellan
Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise
Cobalt Strike SMOKEDHAM
2021-05-19Team CymruAndy Kraus, Josh Hopkins, Nick Byers
Tracking BokBot Infrastructure Mapping a Vast and Currently Active BokBot Network
IcedID
2021-05-14MOBISECYanick Fratantonio
Slides & Recordings for Mobile security trainings
FlexiSpy ZitMo
2021-05-04FireEyeDimiter Andonov, Nick Richard
The UNC2529 Triple Double: A Trifecta Phishing Campaign
DOUBLEBACK
2021-04-07TalosChris Neal, Edmund Brumaghin, Nick Biasini, Paul Eubanks.
Sowing Discord: Reaping the benefits of collaboration app abuse
2021-03-09Red CanaryBrian Donohue, Katie Nickels, Tony Lambert
Microsoft Exchange server exploitation: how to detect, mitigate, and stay calm
CHINACHOPPER
2021-03-08Youtube (SANS Digital Forensics and Incident Response)Adam Pennington, Jen Burns, Katie Nickels
STAR Webcast: Making sense of SolarWinds through the lens of MITRE ATT&CK(R)
Cobalt Strike SUNBURST TEARDROP
2021-02-23Medium (Katie’s Five Cents)Katie Nickels
A Cyber Threat Intelligence Self-Study Plan: Part 1
2021-01-19MandiantDouglas Bienstock, Matthew McWhirt, Mike Burns, Nick Bennett
Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452 (WHITE PAPER)
2021-01-19FireEyeDouglas Bienstock, Matthew McWhirt, Mike Burns, Nick Bennett
Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452
2021-01-13Brian Stadnicki
Gitlab RCE Stealth Shellbot
PerlBot
2020-12-18CloudflareJesse Kipp, Nick Blazier
A quirk in the SUNBURST DGA algorithm
SUNBURST
2020-12-16LookoutApurva Kumar, Diane Wee, Justin Albrecht, Robert Nickle
Lookout Discovers New Spyware Used by Sextortionists to Blackmail iOS and Android Users
goontact
2020-12-15Github (itsreallynick)Nick Carr
A quick note from Nick Carr on COSMICGALE and SUPERNOVA that those are unrelated to UC2452 intrusion campaign
SUPERNOVA