Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-01-27Medium jonahacksJon
Malware Analysis —Manual Unpacking of Redaman
RTM
2022-01-27ANALYST1Jon DiMaggio
A History of Revil
REvil REvil
2021-12-17Trend MicroAbraham Camba, Gilbert Sison, Jay Yaneza, Jonna Santos
Staging a Quack: Reverse Analyzing a Fileless QAKBOT Stager
QakBot
2021-12-06MandiantAshraf Abdalhalim, Ben Read, Doug Bienstock, Gabriella Roncone, Jonathan Leathery, Josh Madeley, Juraj Sucik, Luis Rocha, Luke Jenkins, Manfred Erjak, Marius Fodoreanu, Microsoft Detection and Response Team (DART), Microsoft Threat Intelligence Center (MSTIC), Mitchell Clarke, Parnian Najafi, Sarah Hawley, Wojciech Ledzion
Suspected Russian Activity Targeting Government and Business Entities Around the Globe (UNC2452)
Cobalt Strike CryptBot
2021-12-01ESET ResearchAlexis Dorais-Joncas, Facundo Muñoz
Jumping the air gap: 15 years of nation‑state effort
Agent.BTZ Fanny Flame Gauss PlugX Ramsay Retro Stuxnet USBCulprit USBferry
2021-11-26Twitter (@jhencinski)Jon Hencinski
Twitter Thread on weelky MDR recap from expel.io
GootKit Squirrelwaffle
2021-09-23CloudmarkAdam McNeil, Andrew Conway, Felipe Naves, W. Stuart Jones
TangleBot: New Advanced SMS Malware Targets Mobile Users Across U.S. and Canada with COVID-19 Lures
2021-08-11ANALYST1Jon DiMaggio
Nation State Ransomware
Ryuk Stealer
2021-06-29Medium MITRE-EngenuityJon Baker, Nicholas Amon
Security Control Mappings: A Starting Point for Threat-Informed Defense
2021-06-17Norwegian Police Security Service (PST)Dafina Shala
Etterforskningen av datanettverksoperasjonen mot statsforvalterembeter henlegges
APT31
2021-06-01SpecterOpsJonathan Johnson
Evadere Classifications
2021-05-27FireEyeDan Perez, Emiel Haeghebaert, Greg Wood, Sarah Jones, Stephen Eckels
Re-Checking Your Pulse: Updates on Chinese APT Actors Compromising Pulse Secure VPN Devices
UNC2630 UNC2717
2021-05-05zimperiumJon Paterson
Flubot vs. Zimperium
FluBot
2021-04-20FireEyeDan Perez, Dimiter Andonov, Greg Wood, Jacob Thompson, Jonathan Lepore, Josh Triplett, Joshua Villanueva, Regina Elwell, Sarah Jones, Stephen Eckels, Stroz Friedberg
Check Your Pulse: Suspected APT Actors Leverage Authentication Bypass Techniques and Pulse Secure Zero-Day
2021-04-20FireEyeDan Perez, Dimiter Andonov, Greg Wood, Jacob Thompson, Jonathan Lepore, Josh Triplett, Joshua Villanueva, Regina Elwell, Sarah Jones, Stephen Eckels, Stroz Friedberg
Check Your Pulse: Suspected APT Actors Leverage Authentication Bypass Techniques and Pulse Secure Zero-Day
2021-04-07ANALYST1Jon DiMaggio
Ransom Mafia - Analysis of the World's First Ransomware Cartel
Conti Egregor LockBit Maze RagnarLocker SunCrypt VIKING SPIDER
2021-04-07ANALYST1Jon DiMaggio
Ransom Mafia Analysis of the World's First Ransomware Cartel
Conti Egregor LockBit Maze RagnarLocker Ryuk SunCrypt TA2101 VIKING SPIDER
2021-03-04FireEyeBen Read, Jonathan Leathery, Lindsay Smith
New SUNSHUTTLE Second-Stage Backdoor Uncovered Targeting U.S.-Based Entity; Possible Connection to UNC2452
UNC2452
2021-02-16The Wall Street JournalSara Randazzo, Tawnell D. Hobbs
Hacker Claims to Have Stolen Files Belonging to Prominent Law Firm Jones Day
2021-02-16The Wall Street JournalSara Randazzo, Tawnell D. Hobbs
Hacker Claims to Have Stolen Files Belonging to Prominent Law Firm Jones Day