Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-01-11Sentinel LABSPhil Stokes
FADE DEAD | Adventures in Reversing Malicious Run-Only AppleScripts
OSAMiner
2021-01-11BitdefenderBitdefender Team
Darkside Ransomware Decryption Tool
DarkSide
2021-01-11ReutersChristopher Bing
Exclusive: FBI probes Russian-linked postcard sent to FireEye CEO after cybersecurity firm uncovered hack - sources
2021-01-11Kaspersky LabsCostin Raiu, Georgy Kucherin, Igor Kuznetsov
Sunburst backdoor – code overlaps with Kazuar
Kazuar SUNBURST
2021-01-11The DFIR ReportThe DFIR Report
Trickbot Still Alive and Well
Cobalt Strike TrickBot
2021-01-10Medium walmartglobaltechJason Reaves
MAN1, Moskal, Hancitor and a side of Ransomware
Cobalt Strike Hancitor SendSafe VegaLocker Moskalvzapoe
2021-01-09Connor McGarr's BlogConnor McGarr
Malware Development: Leveraging Beacon Object Files for Remote Process Injection via Thread Hijacking
Cobalt Strike
2021-01-09Github (f0wl)Marius Genheimer
ezuri_unpack
2021-01-08Youtube (Virus Bulletin)Hajime Takai, Rintaro Koike, Shogo Hayashi
Unveiling the CryptoMimic
2021-01-08ZscalerMohd Sadique, Pradeep Kulkarni
Ransomware Delivered Using RDP Brute-Force Attack
Dharma
2021-01-08Youtube (Virus Bulletin)Fumio Ozawa, Rintaro Koike, Shogo Hayashi
Operation LagTime IT: colourful Panda footprint
Cotx RAT nccTrojan Poison Ivy Tmanger TA428
2021-01-08CertfaCertfa Lab
Charming Kitten’s Christmas Gift
2021-01-08splunkJames Brodsky, John Stoner, Lily Lee, Marcus LaFerrera, Ryan Kovar
A Golden SAML Journey: SolarWinds Continued
SUNBURST
2021-01-07TRUESECSebastian Olsson
Avoiding supply-chain attacks similar to SolarWinds Orion’s (SUNBURST)
SUNBURST
2021-01-07SymantecThreat Hunter Team
SolarWinds: How a Rare DGA Helped Attacker Communications Fly Under the Radar
SUNBURST
2021-01-07CyberArkBen Cohen
Meet Oski Stealer: An In-depth Analysis of the Popular Credential Stealer
Oski Stealer
2021-01-07Palo Alto Networks Unit 42Brad Duncan
TA551: Email Attack Campaign Switches from Valak to IcedID
IcedID
2021-01-07Twitter (@campuscodi)Catalin Cimpanu
Tweet on London's Hackney Council attacked by Pysa/Mespinoza ransomware
Mespinoza
2021-01-07Recorded FutureInsikt Group®
Aversary Infrastructure Report 2020: A Defender's View
Octopus pupy Cobalt Strike Empire Downloader Meterpreter PoshC2
2021-01-07Advanced IntelligenceBrian Carter, HYAS, Vitali Kremez
Crime Laundering Primer: Inside Ryuk Crime (Crypto) Ledger & Risky Asian Crypto Traders
Ryuk