Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-01-09Marco Ramilli's BlogMarco Ramilli
Command and Control Traffic Patterns
ostap LaZagne Agent Tesla Azorult Buer Cobalt Strike DanaBot DarkComet Dridex Emotet Formbook IcedID ISFB NetWire RC PlugX Quasar RAT SmokeLoader TrickBot
2021-01-09Connor McGarr's BlogConnor McGarr
Malware Development: Leveraging Beacon Object Files for Remote Process Injection via Thread Hijacking
Cobalt Strike
2021-01-09Github (f0wl)Marius Genheimer
ezuri_unpack
2021-01-08Youtube (Virus Bulletin)Hajime Takai, Rintaro Koike, Shogo Hayashi
Unveiling the CryptoMimic
2021-01-08ZscalerMohd Sadique, Pradeep Kulkarni
Ransomware Delivered Using RDP Brute-Force Attack
Dharma
2021-01-08Youtube (Virus Bulletin)Fumio Ozawa, Rintaro Koike, Shogo Hayashi
Operation LagTime IT: colourful Panda footprint
Cotx RAT nccTrojan Poison Ivy Tmanger TA428
2021-01-08CertfaCertfa Lab
Charming Kitten’s Christmas Gift
2021-01-08ReaqtaReaQta Threat Intelligence Team
Leonardo S.p.A. Data Breach Analysis
2021-01-08splunkJames Brodsky, John Stoner, Lily Lee, Marcus LaFerrera, Ryan Kovar
A Golden SAML Journey: SolarWinds Continued
SUNBURST
2021-01-08US-CERTUS-CERT
Alert (AA21-008A): Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments
SUNBURST SUPERNOVA
2021-01-080xC0DECAFEThomas Barabosch
The malware analyst’s guide to aPLib decompression
ISFB Rovnix
2021-01-07Github (hvs-consulting)HvS-Consulting AG
Lazarus / APT37 IOCs
Lazarus Group
2021-01-07TRUESECSebastian Olsson
Avoiding supply-chain attacks similar to SolarWinds Orion’s (SUNBURST)
SUNBURST
2021-01-07SymantecThreat Hunter Team
SolarWinds: How a Rare DGA Helped Attacker Communications Fly Under the Radar
SUNBURST
2021-01-07CyberArkBen Cohen
Meet Oski Stealer: An In-depth Analysis of the Popular Credential Stealer
Oski Stealer
2021-01-07Palo Alto Networks Unit 42Brad Duncan
TA551: Email Attack Campaign Switches from Valak to IcedID
IcedID
2021-01-07Twitter (@campuscodi)Catalin Cimpanu
Tweet on London's Hackney Council attacked by Pysa/Mespinoza ransomware
Mespinoza
2021-01-07Recorded FutureInsikt Group®
Aversary Infrastructure Report 2020: A Defender's View
Octopus pupy Cobalt Strike Empire Downloader Meterpreter PoshC2
2021-01-07Advanced IntelligenceBrian Carter, HYAS, Vitali Kremez
Crime Laundering Primer: Inside Ryuk Crime (Crypto) Ledger & Risky Asian Crypto Traders
Ryuk
2021-01-07ClearSkyClearSky Research Team
Operation ‘Kremlin’
Unidentified 002 (Operation Kremlin)