Click here to download all references as Bib-File.•
| 2021-06-03
⋅
The DFIR Report
⋅
WebLogic RCE Leads to XMRig |
| 2021-05-12
⋅
Conti Ransomware Cobalt Strike Conti IcedID |
| 2021-05-02
⋅
The DFIR Report
⋅
Trickbot Brief: Creds and Beacons Cobalt Strike TrickBot |
| 2021-03-29
⋅
The DFIR Report
⋅
Sodinokibi (aka REvil) Ransomware Cobalt Strike IcedID REvil |
| 2021-03-08
⋅
The DFIR Report
⋅
Bazar Drops the Anchor Anchor BazarBackdoor Cobalt Strike |
| 2021-02-28
⋅
The DFIR Report
⋅
Laravel Apps Leaking Secrets |
| 2021-02-15
⋅
Twitter (@TheDFIRReport)
⋅
Tweet on Qakbot post infection discovery activity QakBot |
| 2021-02-11
⋅
Twitter (@TheDFIRReport)
⋅
Tweet on Hancitor Activity followed by cobaltsrike beacon Cobalt Strike Hancitor |
| 2021-02-02
⋅
Twitter (@TheDFIRReport)
⋅
Tweet on recent dridex post infection activity Cobalt Strike Dridex |
| 2021-01-31
⋅
The DFIR Report
⋅
Bazar, No Ryuk? BazarBackdoor Cobalt Strike Ryuk |
| 2021-01-18
⋅
The DFIR Report
⋅
All That for a Coinminer? Coinminer Monero Miner |
| 2021-01-11
⋅
The DFIR Report
⋅
Trickbot Still Alive and Well Cobalt Strike TrickBot |
| 2020-12-13
⋅
The DFIR Report
⋅
Defender Control |
| 2020-11-23
⋅
The DFIR Report
⋅
PYSA/Mespinoza Ransomware Empire Downloader Mespinoza |
| 2020-11-12
⋅
The DFIR Report
⋅
Cryptominers Exploiting WebLogic RCE CVE-2020-14882 |
| 2020-11-05
⋅
The DFIR Report
⋅
Ryuk Speed Run, 2 Hours to Ransom BazarBackdoor Cobalt Strike Ryuk |
| 2020-10-18
⋅
The DFIR Report
⋅
Ryuk in 5 Hours BazarBackdoor Cobalt Strike Ryuk |
| 2020-10-08
⋅
The DFIR Report
⋅
Ryuk’s Return BazarBackdoor Cobalt Strike Ryuk |
| 2020-08-31
⋅
The DFIR Report
⋅
NetWalker Ransomware in 1 Hour Cobalt Strike Mailto MimiKatz |
| 2020-08-03
⋅
Dridex – From Word to Domain Dominance Dridex |
| 2020-06-21
⋅
The DFIR Report
⋅
Snatch Ransomware Snatch |
| 2020-06-16
⋅
The DFIR Report
⋅
The Little Ransomware That Couldn’t (Dharma) Dharma |
| 2020-04-24
⋅
The DFIR Report
⋅
Ursnif via LOLbins Cobalt Strike LOLSnif TeamSpy |