Click here to download all references as Bib-File.•
| 2020-12-15
⋅
ThreatConnect
⋅
Infrastructure Research and Hunting: Boiling the Domain Ocean |
| 2020-12-15
⋅
Twitter @cybercdh)
⋅
Tweet on CyberChef recipe to extract and decode strings from #SolarWinds malware binaries. SUNBURST |
| 2020-12-15
⋅
Cofense
⋅
Strategic Analysis: Agent Tesla Expands Targeting and Networking Capabilities Agent Tesla |
| 2020-12-15
⋅
PICUS Security
⋅
Tactics, Techniques, and Procedures (TTPs) Used in the SolarWinds Breach Cobalt Strike SUNBURST |
| 2020-12-15
⋅
Hornetsecurity
⋅
QakBot reducing its on disk artifacts Egregor PwndLocker QakBot |
| 2020-12-15
⋅
Trend Micro
⋅
Overview of Recent Sunburst Targeted Attacks SUPERNOVA |
| 2020-12-15
⋅
Trend Micro
⋅
Who is the Threat Actor Behind Operation Earth Kitsune? Freenki Loader SLUB Earth Kitsune |
| 2020-12-15
⋅
⋅
EST Security
⋅
Goldstar 121 organization proceeds with HWP OLE-based APT attack |
| 2020-12-15
⋅
⋅
KISA
⋅
Operation MUZABI Kimsuky |
| 2020-12-15
⋅
Github (Dump-GUY)
⋅
Reverse engineering KPOT v2.0 Stealer KPOT Stealer |
| 2020-12-15
⋅
Github (sophos-cybersecurity)
⋅
solarwinds-threathunt Cobalt Strike SUNBURST |
| 2020-12-15
⋅
Corelight
⋅
Finding SUNBURST Backdoor with Zeek Logs & Corelight SUNBURST |
| 2020-12-15
⋅
Twitter (@darb0ng)
⋅
Tweet on Symrise group hit by Clop Ransomware Clop |
| 2020-12-15
⋅
InfoSec Handlers Diary Blog
⋅
Analyzing FireEye Maldocs |
| 2020-12-15
⋅
Medium 0xthreatintel
⋅
Reversing Conti Ransomware Conti |
| 2020-12-14
⋅
Blueliv
⋅
Using Qiling Framework to Unpack TA505 packed samples AndroMut Azorult Silence TinyMet |
| 2020-12-14
⋅
GuidePoint Security
⋅
SUPERNOVA SolarWinds .NET Webshell Analysis SUPERNOVA BRONZE SPIRAL |
| 2020-12-14
⋅
Solarwind
⋅
Security Advisory on SolarWinds Supply chain attack FAQ SUNBURST SUPERNOVA |
| 2020-12-14
⋅
Solarwind
⋅
Security Advisory on SolarWinds Supply chain attack SUNBURST SUPERNOVA |
| 2020-12-14
⋅
Symantec
⋅
Sunburst: Supply Chain Attack Targets SolarWinds Users SUNBURST TEARDROP |