Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-03-10ProofpointDennis Schwarz, Matthew Mesa, Proofpoint Threat Research Team
NimzaLoader: TA800’s New Initial Access Malware
BazarNimrod Cobalt Strike
2021-03-10MicrosoftPete Bryan
Monitoring the Software Supply Chain with Azure Sentinel
2021-03-10DomainToolsJoe Slowik
Examining Exchange Exploitation and its Lessons for Defenders
CHINACHOPPER
2021-03-10US-CERTCISA
Remediating Networks Affected by the SolarWinds and Active Directory/M365 Compromise
SUNBURST
2021-03-10Bleeping ComputerLawrence Abrams
Norway parliament data stolen in Microsoft Exchange attack
2021-03-10Lemon's InfoSec RamblingsJosh Lemon
Microsoft Exchange & the HAFNIUM Threat Actor
CHINACHOPPER
2021-03-10ESET ResearchMathieu Tartare, Matthieu Faou, Thomas Dupuy
Exchange servers under siege from at least 10 APT groups
Microcin MimiKatz PlugX Winnti APT27 APT41 Calypso Tick ToddyCat Tonto Team Vicious Panda
2021-03-10BitdefenderBogdan Botezatu, Victor Vrabie
FIN8 Returns with Improved BADHATCH Toolkit
BADHATCH
2021-03-10NTT SecurityHiroki Hada
日本を標的としたPseudoGateキャンペーンによるSpelevo Exploit Kitを用いた攻撃について
Zloader
2021-03-10IntezerAvigayil Mechtinger, Joakim Kennedy
New Linux Backdoor RedXOR Likely Operated by Chinese Nation-State Actor
RedXOR XOR DDoS
2021-03-09Youtube (SANS Digital Forensics and Incident Response)Eric Loui, Sergei Frankoff
Jackpotting ESXi Servers For Maximum Encryption | Eric Loui & Sergei Frankoff | SANS CTI Summit 2021
DarkSide RansomEXX DarkSide RansomEXX GOLD DUPONT
2021-03-09YouTube (John Hammond)John Hammond
HAFNIUM - Post-Exploitation Analysis from Microsoft Exchange
CHINACHOPPER
2021-03-09MalwarebytesPieter Arntz
Microsoft Exchange attacks cause panic as criminals go shell collecting
2021-03-09Check Point ResearchAviran Hazum, Bohdan Melnykov, Israel Wernik
Clast82 – A new Dropper on Google Play Dropping the AlienBot Banker and MRAT
Alien
2021-03-09CyberArkAluma Lavi Shaari
Kinsing: The Malware with Two Faces
Kinsing
2021-03-09splunkSecurity Research Team
Cloud Federated Credential Abuse & Cobalt Strike: Threat Research February 2021
Cobalt Strike
2021-03-09PRAETORIANAnthony Weems, Dallas Kaman, Michael Weber
Reproducing the Microsoft Exchange Proxylogon Exploit Chain
CHINACHOPPER
2021-03-09Red CanaryBrian Donohue, Katie Nickels, Tony Lambert
Microsoft Exchange server exploitation: how to detect, mitigate, and stay calm
CHINACHOPPER
2021-03-09Palo Alto Networks Unit 42Unit 42
Remediation Steps for the Microsoft Exchange Server Vulnerabilities
CHINACHOPPER
2021-03-09Cisco TalosCisco Talos
Hafnium Update: Continued Microsoft Exchange Server Exploitation