Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-01-11BitdefenderBitdefender Team
Darkside Ransomware Decryption Tool
DarkSide
2021-01-11ReutersChristopher Bing
Exclusive: FBI probes Russian-linked postcard sent to FireEye CEO after cybersecurity firm uncovered hack - sources
2021-01-11Kaspersky LabsCostin Raiu, Georgy Kucherin, Igor Kuznetsov
Sunburst backdoor – code overlaps with Kazuar
Kazuar SUNBURST
2021-01-11The DFIR ReportThe DFIR Report
Trickbot Still Alive and Well
Cobalt Strike TrickBot
2021-01-10Medium walmartglobaltechJason Reaves
MAN1, Moskal, Hancitor and a side of Ransomware
Cobalt Strike Hancitor SendSafe VegaLocker Moskalvzapoe
2021-01-09Marco Ramilli's BlogMarco Ramilli
Command and Control Traffic Patterns
ostap LaZagne Agent Tesla Azorult Buer Cobalt Strike DanaBot DarkComet Dridex Emotet Formbook IcedID ISFB NetWire RC PlugX Quasar RAT SmokeLoader TrickBot
2021-01-09Connor McGarr's BlogConnor McGarr
Malware Development: Leveraging Beacon Object Files for Remote Process Injection via Thread Hijacking
Cobalt Strike
2021-01-09Github (f0wl)Marius Genheimer
ezuri_unpack
2021-01-08Youtube (Virus Bulletin)Hajime Takai, Rintaro Koike, Shogo Hayashi
Unveiling the CryptoMimic
2021-01-08ZscalerMohd Sadique, Pradeep Kulkarni
Ransomware Delivered Using RDP Brute-Force Attack
Dharma
2021-01-08Youtube (Virus Bulletin)Fumio Ozawa, Rintaro Koike, Shogo Hayashi
Operation LagTime IT: colourful Panda footprint
Cotx RAT nccTrojan Poison Ivy Tmanger TA428
2021-01-08CertfaCertfa Lab
Charming Kitten’s Christmas Gift
2021-01-08ReaqtaReaQta Threat Intelligence Team
Leonardo S.p.A. Data Breach Analysis
2021-01-08splunkJames Brodsky, John Stoner, Lily Lee, Marcus LaFerrera, Ryan Kovar
A Golden SAML Journey: SolarWinds Continued
SUNBURST
2021-01-08US-CERTUS-CERT
Alert (AA21-008A): Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments
SUNBURST SUPERNOVA
2021-01-080xC0DECAFEThomas Barabosch
The malware analyst’s guide to aPLib decompression
ISFB Rovnix
2021-01-07Github (hvs-consulting)HvS-Consulting AG
Lazarus / APT37 IOCs
Lazarus Group
2021-01-07TRUESECSebastian Olsson
Avoiding supply-chain attacks similar to SolarWinds Orion’s (SUNBURST)
SUNBURST
2021-01-07SymantecThreat Hunter Team
SolarWinds: How a Rare DGA Helped Attacker Communications Fly Under the Radar
SUNBURST
2021-01-07CyberArkBen Cohen
Meet Oski Stealer: An In-depth Analysis of the Popular Credential Stealer
Oski Stealer