Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-12-22MicrosoftAlex Weinert
Azure AD workbook to help you assess Solorigate risk
SUNBURST
2020-12-22CrowdStrikeJai Minton
Leftover Lunch: Finding, Hunting and Eradicating Spicy Hot Pot, a Persistent Browser Hijacking Rootkit
Spicy Hot Pot
2020-12-22SymantecThreat Hunter Team
SolarWinds Attacks: Stealthy Attackers Attempted To Evade Detection
SUNBURST
2020-12-22CheckpointCheck Point Research
SUNBURST, TEARDROP and the NetSec New Normal
SUNBURST TEARDROP
2020-12-22AhnLabASEC Analysis Team
Magniber Ransomware Changed Vulnerability (CVE-2019-1367 -> CVE-2020-0968) and Attempted to Bypass Behavior Detection
Magniber
2020-12-21Silent PushKen
Investigating Crimeware Name Servers
2020-12-21OpenFactoOpenFacto
UNIT 68240 Meet Russia’s DARPA
2020-12-21SlideShare (yurikamuraki5)Yurika Kakiuchi
Active Directory 侵害と推奨対策
MimiKatz
2020-12-21FortinetUdi Yavo
What We Have Learned So Far about the “Sunburst”/SolarWinds Hack
Cobalt Strike SUNBURST TEARDROP
2020-12-21IronNetAdam Hlavek, Kimberly Ortiz
Russian cyber attack campaigns and actors
WellMail elf.wellmess Agent.BTZ BlackEnergy EternalPetya Havex RAT Industroyer Ryuk Triton WellMess
2020-12-21IronNetPeter Rydzynski
SolarWinds/SUNBURST: DGA or DNS Tunneling?
SUNBURST
2020-12-21KEYSIGHT TECHNOLOGIESEdsel Valle
TrickBot: A Closer Look
TrickBot
2020-12-21MicrosoftMSRC Team
Solorigate Resource Center
SUNBURST TEARDROP
2020-12-21IntezerIntezer
Top Linux Cloud Threats of 2020
AgeLocker AnchorDNS Blackrota Cloud Snooper Dacls Doki FritzFrog IPStorm Kaiji Kinsing NOTROBIN Penquin Turla PLEAD Prometei RansomEXX Stantinko TeamTNT TSCookie WellMail elf.wellmess TeamTNT
2020-12-21Cisco TalosJON MUNSHAW
2020: The year in malware
WolfRAT Prometei Poet RAT Agent Tesla Astaroth Ave Maria CRAT Emotet Gozi IndigoDrop JhoneRAT Nanocore RAT NjRAT Oblique RAT SmokeLoader StrongPity WastedLocker Zloader
2020-12-21McAfeeArnab Roy, Mo Cashman
How A Device to Cloud Architecture Defends Against the SolarWinds Supply Chain Compromise
SUNBURST
2020-12-21MicrosoftTom Burt
Cyber Mercenaries Don’t Deserve Immunity
2020-12-21US Court of Appeals for the Ninth CourtCisco, Github, Google, Internet Association, LinkedIn, Microsoft, VMWare, WhatsApp
Case: 20-16408: WhatsApp et al. vs NSO Group
2020-12-21MicrosoftDetection and Response Team (DART)
Advice for incident responders on recovery from systemic identity compromises
2020-12-21MicrosoftAlex Weinert
Understanding "Solorigate"'s Identity IOCs - for Identity Vendors and their customers.
SUNBURST