Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-03-11Bleeping ComputerLawrence Abrams
Ransomware now attacks Microsoft Exchange servers with ProxyLogon exploits
2021-03-11IBMDave McMillen, Limor Kessem
Dridex Campaign Propelled by Cutwail Botnet and Poisonous PowerShell Scripts
Cutwail Dridex
2021-03-11Palo Alto Networks Unit 42Unit 42
Microsoft Exchange Server Attack Timeline
CHINACHOPPER
2021-03-11CofenseElmer Hernandez
AutoHotKey Leveraged by Metamorfo/Mekotio Banking Trojan
Metamorfo
2021-03-11YouTube ( Malware_Analyzing_&_RE_Tips_Tricks)Jiří Vinopal
Formbook Reversing - Part1 [Formbook .NET loader/injector analyzing, decrypting, unpacking, patching]
Formbook
2021-03-10Center for Security Studies (CSS)Florian J. Egloff, Max Smeets
Publicly attributing cyber attacks: a framework
2021-03-10Twitter (@MSSPete)Pete Bryan
Tweet on Sample KQL query for detecting usage of HAFNIUM PoC code floating ITW
2021-03-10DomainToolsJoe Slowik
Examining Exchange Exploitation and its Lessons for Defenders
CHINACHOPPER
2021-03-10US-CERTCISA
Remediating Networks Affected by the SolarWinds and Active Directory/M365 Compromise
SUNBURST
2021-03-10Bleeping ComputerLawrence Abrams
Norway parliament data stolen in Microsoft Exchange attack
2021-03-10BitdefenderBogdan Botezatu, Victor Vrabie
FIN8 Returns with Improved BADHATCH Toolkit
BADHATCH
2021-03-10NTT SecurityHiroki Hada
日本を標的としたPseudoGateキャンペーンによるSpelevo Exploit Kitを用いた攻撃について
Zloader
2021-03-10IntezerAvigayil Mechtinger, Joakim Kennedy
New Linux Backdoor RedXOR Likely Operated by Chinese Nation-State Actor
RedXOR XOR DDoS
2021-03-09Youtube (SANS Digital Forensics and Incident Response)Eric Loui, Sergei Frankoff
Jackpotting ESXi Servers For Maximum Encryption | Eric Loui & Sergei Frankoff | SANS CTI Summit 2021
DarkSide RansomEXX DarkSide RansomEXX GOLD DUPONT
2021-03-09MalwarebytesPieter Arntz
Microsoft Exchange attacks cause panic as criminals go shell collecting
2021-03-09Check Point ResearchAviran Hazum, Bohdan Melnykov, Israel Wernik
Clast82 – A new Dropper on Google Play Dropping the AlienBot Banker and MRAT
Alien
2021-03-09CyberArkAluma Lavi Shaari
Kinsing: The Malware with Two Faces
Kinsing
2021-03-09splunkSecurity Research Team
Cloud Federated Credential Abuse & Cobalt Strike: Threat Research February 2021
Cobalt Strike
2021-03-09PRAETORIANAnthony Weems, Dallas Kaman, Michael Weber
Reproducing the Microsoft Exchange Proxylogon Exploit Chain
CHINACHOPPER
2021-03-09Red CanaryBrian Donohue, Katie Nickels, Tony Lambert
Microsoft Exchange server exploitation: how to detect, mitigate, and stay calm
CHINACHOPPER