Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-03-08Youtube (SANS Digital Forensics and Incident Response)Adam Pennington, Jen Burns, Katie Nickels
STAR Webcast: Making sense of SolarWinds through the lens of MITRE ATT&CK(R)
Cobalt Strike SUNBURST TEARDROP
2021-03-08DeepEnd REsearchDeepEnd Research
Renewed SideWinder Activity in South Asia
2021-03-08x0r19x91.gitlab.ioSuvaditya Sur
Sunshuttle Malware
GoldMax
2021-03-08Palo Alto Networks Unit 42Jeff White
Analyzing Attacks Against Microsoft Exchange Server With China Chopper Webshells
CHINACHOPPER
2021-03-08MicrosoftYonit Glozshtein
Investigating the Print Spooler EoP exploitation
2021-03-08Sentinel LABSJim Walter
HelloKitty Ransomware Lacks Stealth, But Still Strikes Home
HelloKitty
2021-03-08SecureworksCounter Threat Unit ResearchTeam
SUPERNOVA Web Shell Deployment Linked to SPIRAL Threat Group
SUPERNOVA BRONZE SPIRAL
2021-03-08The DFIR ReportThe DFIR Report
Bazar Drops the Anchor
Anchor BazarBackdoor Cobalt Strike
2021-03-07TRUESECRasmus Grönlund
Tracking Microsoft Exchange Zero-Day ProxyLogon and HAFNIUM
CHINACHOPPER
2021-03-07KELASharon Bitton, Victoria Kivilevich
Australian Mining Companies and Cybercriminals Digging for the Gold
2021-03-07InfoSec Handlers Diary BlogDidier Stevens
PCAPs and Beacons
Cobalt Strike
2021-03-07The Wall Street JournalDustin Volz, Michael R. Gordon
Russian Disinformation Campaign Aims to Undermine Confidence in Pfizer, Other Covid-19 Vaccines, U.S. Officials Say
2021-03-06Blue Team BlogAuth 0r
Microsoft Exchange Zero Day’s – Mitigations and Detections.
2021-03-06BLUEHEXAGONRohit Kashi
Blue Hexagon Security Advisory: Microsoft Exchange Server 0-days
2021-03-06Click All the Things! BlogJamie Arndt
oleObject1.bin – OLe10nATive – shellcode
CloudEyE
2021-03-06Nextron SystemsTHOR Lite
Scan for HAFNIUM Exploitation Evidence with THOR Lite
HAFNIUM
2021-03-06Github (microsoft)Microsoft
Security scripts
HAFNIUM
2021-03-06de VolkskrantHuib Modderkolk
Russian and Chinese hackers gained access to EMA
2021-03-05Trend MicroAdi Peretz, Erick Thek, Trend Micro Research
Earth Vetala – MuddyWater Continues to Target Organizations in the Middle East
MuddyWater
2021-03-05K7 SecurityArun Kumar S, Rajesh R
Sarbloh: The Ransomware With NO Demand