Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-01-08ReaqtaReaQta Threat Intelligence Team
Leonardo S.p.A. Data Breach Analysis
2021-01-07SymantecThreat Hunter Team
SolarWinds: How a Rare DGA Helped Attacker Communications Fly Under the Radar
SUNBURST
2021-01-07ClearSkyClearSky Research Team
Operation ‘Kremlin’
Unidentified 002 (Operation Kremlin)
2021-01-05AhnLabAhnLab ASEC Analysis Team
[Threat Analysis] CLOP Ransomware that Attacked Korean Distribution Giant
Clop
2021-01-05Lacework LabsLacework Labs
TeamTNT Builds Botnet from Chinese Cloud Servers
TeamTNT TNTbotinger TeamTNT
2021-01-05SangforClairvoyance Safety Laboratory
Red team's perspective on the TTPs in Sunburst's backdoor
SUNBURST
2021-01-02Twitter (MalwareHunterTeam)MalwareHunterTeam
Tweet on Knot Ransomware
Knot
2021-01-01SymantecSymantec Threat Hunter Team
Supply Chain Attacks:Cyber Criminals Target the Weakest Link
Cobalt Strike Raindrop SUNBURST TEARDROP
2020-12-31MicrosoftMSRC Team
Microsoft Internal Solorigate Investigation Update
SUNBURST
2020-12-28SwanscanPierguido Iezzi, Swascan Cyber Incident Response Team
Avaddon Ransomware: Incident Response Analysis
Avaddon
2020-12-28MicrosoftMicrosoft 365 Defender Team
Using Microsoft 365 Defender to protect against Solorigate
SUNBURST TEARDROP
2020-12-22Maple Bacon CTF Team at the University of British ColumbiaArctic Wyvern
[TrendMicro CTF 2020 Finals] Wildcard-2: Yara exfiltration
2020-12-22TEAMT5TeamT5
macOS 用戶當心!北韓駭客 Lazarus 將目標瞄準虛擬貨幣交易用戶
2020-12-22SymantecThreat Hunter Team
SolarWinds Attacks: Stealthy Attackers Attempted To Evade Detection
SUNBURST
2020-12-22AhnLabASEC Analysis Team
Magniber Ransomware Changed Vulnerability (CVE-2019-1367 -> CVE-2020-0968) and Attempted to Bypass Behavior Detection
Magniber
2020-12-21MicrosoftMSRC Team
Solorigate Resource Center
SUNBURST TEARDROP
2020-12-21MicrosoftDetection and Response Team (DART)
Advice for incident responders on recovery from systemic identity compromises
2020-12-21BloombergThreat Hunter Team
SolarWinds Adviser Warned of Lax Security Years Before Hack
2020-12-18Trend MicroDavid Fiser
TeamTNT Now Deploying DDoS-Capable IRC Bot TNTbotinger
PerlBot TNTbotinger TeamTNT
2020-12-18MicrosoftMicrosoft 365 Defender Research Team, Microsoft Threat Intelligence Center (MSTIC)
Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers
SUNBURST SUPERNOVA TEARDROP UNC2452