Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-01-09Marco Ramilli's BlogMarco Ramilli
Command and Control Traffic Patterns
ostap LaZagne Agent Tesla Azorult Buer Cobalt Strike DanaBot DarkComet Dridex Emotet Formbook IcedID ISFB NetWire RC PlugX Quasar RAT SmokeLoader TrickBot
2021-01-08splunkJames Brodsky, John Stoner, Lily Lee, Marcus LaFerrera, Ryan Kovar
A Golden SAML Journey: SolarWinds Continued
SUNBURST
2021-01-06MimecastMatthew Gardiner
How to Slam a Door on the Cutwail Botnet: Enforce DMARC
Cutwail
2021-01-04SentinelOneMarco Figueroa
Building a Custom Malware Analysis Lab Environment
TrickBot
2021-01-01GoogleFabian Kaczmarczyck
Burning the Haystack: Malware Lead Generation at Scale
2020-12-23Sentinel LABSJames Haughom, Jim Walter, Marco Figueroa
SolarWinds | Understanding & Detecting the SUPERNOVA Webshell Trojan
SUPERNOVA BRONZE SPIRAL
2020-12-23Sentinel LABSJames Haughom, Jim Walter, Marco Figueroa
SolarWinds | Understanding & Detecting the SUPERNOVA Webshell Trojan
SUPERNOVA
2020-12-20CitizenLabBill Marczak, John Scott-Railton, Noura Al-Jizawi, Ron Deibert, Siena Anstis
The Great iPwn Journalists Hacked with Suspected NSO Group iMessage ‘Zero-Click’ Exploit
Chrysaor
2020-12-13FireEyeAlex Berry, Alex Pennino, Alyssa Rahman, Andrew Archer, Andrew Rector, Andrew Thompson, Barry Vengerik, Ben Read, Ben Withnell, Chris DiGiamo, Christopher Glyer, Dan Perez, Dileep Jallepalli, Doug Bienstock, Eric Scales, Evan Reese, Fred House, Glenn Edwards, Ian Ahl, Isif Ibrahima, Jay Smith, John Gorman, John Hultquist, Jon Leathery, Lennard Galang, Marcin Siedlarz, Matt Dunwoody, Matthew McWhirt, Michael Sikorski, Microsoft, Mike Burns, Nalani Fraiser, Nick Bennett, Nick Carr, Nick Hornick, Nick Richard, Nicole Oppenheim, Omer Baig, Ramin Nafisi, Sarah Jones, Scott Runnels, Stephen Eckels, Steve Miller, Steve Stone, William Ballenthin
Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor
SUNBURST SUPERNOVA TEARDROP UNC2452
2020-12-11Trend MicroMarc Lanzendorfer
Investigating the Gootkit Loader
GootKit
2020-12-07GoogleBernhard Grill, Borbala Benko, Cecilia M. Procopiuc, David Tao, Elie Bursztein, Fabian Kaczmarczyck, Jennifer Pullman, Luca Invernizzi
Spotlight: Malware Lead Generation at Scale
2020-12-01CitizenLabBill Marczak, John Scott-Railton, Ron Deibert, Siddharth Prakash Rao, Siena Anstis
Running in Circles Uncovering the Clients of Cyberespionage Firm Circles
2020-11-27Marco Ramilli's BlogMarco Ramilli
Threat Actor: Unkown
Unidentified JS 004
2020-10-28Malwarebyteshasherezade, Hossein Jazi, Jérôme Segura, Marcelo Rivero
Fake COVID-19 survey hides ransomware in Canadian university attack
Vaggen
2020-10-22Sentinel LABSMarco Figueroa
An Inside Look at How Ryuk Evolved Its Encryption and Evasion Techniques
Ryuk
2020-09-25Github (sisoma2)Marc
Turla Carbon System
Cobra Carbon System
2020-07-16ESET ResearchMarc-Etienne M.Léveillé
Mac cryptocurrency trading application rebranded, bundled with malware
Gmera
2020-06-24Marco Ramilli's BlogMarco Ramilli
Is upatre downloader coming back ?
Upatre
2020-06-22m.alvar.esMarcos Alvares
Comparative analysis between Bindiff and Diaphora - Patched Smokeloader Study Case
SmokeLoader
2020-06-10m.alvar.esMarcos Alvares
Unpacking Smokeloader and Reconstructing PE Programatically using LIEF
SmokeLoader