Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-03-11IBMDave McMillen, Limor Kessem
Dridex Campaign Propelled by Cutwail Botnet and Poisonous PowerShell Scripts
Cutwail Dridex
2021-03-11Palo Alto Networks Unit 42Unit 42
Microsoft Exchange Server Attack Timeline
CHINACHOPPER
2021-03-11FlashpointFlashpoint
CL0P and REvil Escalate Their Ransomware Tactics
Clop REvil
2021-03-11CofenseElmer Hernandez
AutoHotKey Leveraged by Metamorfo/Mekotio Banking Trojan
Metamorfo
2021-03-11YouTube ( Malware_Analyzing_&_RE_Tips_Tricks)Jiří Vinopal
Formbook Reversing - Part1 [Formbook .NET loader/injector analyzing, decrypting, unpacking, patching]
Formbook
2021-03-11ElasticDaniel Stepanic
Update - Detection and Response for HAFNIUM Activity
2021-03-10CUJOAIAlbert Zsigovits
IoT Malware Journals: Prometei (Linux)
Prometei
2021-03-10Eli Shlomo BlogEli Shlomo
Azure Sentinel and Sysmon 4 B!ue T3amer$
2021-03-10Center for Security Studies (CSS)Florian J. Egloff, Max Smeets
Publicly attributing cyber attacks: a framework
2021-03-10PICUS SecuritySüleyman Özarslan
Tactics, Techniques, and Procedures (TTPs) Used by HAFNIUM to Target Microsoft Exchange Servers
CHINACHOPPER
2021-03-10Twitter (@MSSPete)Pete Bryan
Tweet on Sample KQL query for detecting usage of HAFNIUM PoC code floating ITW
2021-03-10FBICISA, FBI
Compromise of Microsoft Exchange Server
2021-03-10ProofpointDennis Schwarz, Matthew Mesa, Proofpoint Threat Research Team
NimzaLoader: TA800’s New Initial Access Malware
BazarNimrod Cobalt Strike
2021-03-10MicrosoftPete Bryan
Monitoring the Software Supply Chain with Azure Sentinel
2021-03-10DomainToolsJoe Slowik
Examining Exchange Exploitation and its Lessons for Defenders
CHINACHOPPER
2021-03-10US-CERTCISA
Remediating Networks Affected by the SolarWinds and Active Directory/M365 Compromise
SUNBURST
2021-03-10Bleeping ComputerLawrence Abrams
Norway parliament data stolen in Microsoft Exchange attack
2021-03-10Lemon's InfoSec RamblingsJosh Lemon
Microsoft Exchange & the HAFNIUM Threat Actor
CHINACHOPPER
2021-03-10ESET ResearchMathieu Tartare, Matthieu Faou, Thomas Dupuy
Exchange servers under siege from at least 10 APT groups
Microcin MimiKatz PlugX Winnti APT27 APT41 Calypso Tick ToddyCat Tonto Team Vicious Panda
2021-03-10BitdefenderBogdan Botezatu, Victor Vrabie
FIN8 Returns with Improved BADHATCH Toolkit
BADHATCH