Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-12-03SANS ISC InfoSec ForumsBrad Duncan
TA551 (Shathak) pushes IcedID (Bokbot)
IcedID
2021-11-24SansecSansec Threat Research Team
CronRAT malware hides behind February 31st
CronRAT
2021-11-18SansecSansec Threat Research Team
Linux malware agent hits eCommerce sites
2021-08-23Youtube (SANS Digital Forensics and Incident Response)Chad Tilbury
Keynote: Cobalt Strike Threat Hunting
Cobalt Strike
2021-07-27Youtube (SANS Institute)John Hammond, Katie Nickels
SANS Threat Analysis Rundown - Kaseya VSA attack
REvil
2021-06-01SANSJake Williams, Kevin Haley
A Contrarian View on SolarWinds
Cobalt Strike Raindrop SUNBURST TEARDROP
2021-03-09Youtube (SANS Digital Forensics and Incident Response)Eric Loui, Sergei Frankoff
Jackpotting ESXi Servers For Maximum Encryption | Eric Loui & Sergei Frankoff | SANS CTI Summit 2021
DarkSide RansomEXX DarkSide RansomEXX GOLD DUPONT
2021-03-08Youtube (SANS Digital Forensics and Incident Response)Adam Pennington, Jen Burns, Katie Nickels
STAR Webcast: Making sense of SolarWinds through the lens of MITRE ATT&CK(R)
Cobalt Strike SUNBURST TEARDROP
2020-12-02SansecSansec Threat Research Team
Persistent parasite in EOL Magento 2 stores wakes at Black Friday
magecart
2020-11-26SansecSansec Threat Research Team
Payment skimmer hides in social media buttons
2020-11-19SANS ISC InfoSec ForumsXavier Mertens
PowerShell Dropper Delivering Formbook
Formbook
2020-10-28Youtube (SANS Institute)Aaron Stephens, Katie Nickels, Van Ta
Spooky RYUKy: The Return of UNC1878 | SANS STAR Webcast
Ryuk UNC1878
2020-10-28Youtube (SANS Digital Forensics and Incident Response)Aaron Stephens, Katie Nickels, Van Ta
STAR Webcast: Spooky RYUKy: The Return of UNC1878
Ryuk
2020-10-26SANS ISC InfoSec ForumsDidier Stevens
Excel 4 Macros: "Abnormal Sheet Visibility"
2020-09-10SANS ISC InfoSec ForumsBrad Duncan
Recent Dridex activity
Dridex
2020-07-06SansecSansec Threat Research Team
North Korean hackers implicated in stealing from US and European shoppers
magecart
2020-06-15SansecSansec Threat Research Team
Magecart strikes amid Corona lockdown
magecart
2020-03-23SANS ISCDidier Stevens
KPOT Deployed via AutoIt Script
KPOT Stealer
2020-02-03SANS ISCJan Kopriva
Analysis of a triple-encrypted AZORult downloader
Azorult
2020-01-23SANS ISC InfoSec ForumsBrad Duncan
German language malspam pushes Ursnif
ISFB