Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-03-01Medium walmartglobaltechJason Reaves, Joshua Platt
Investigation into the state of Nim malware
BazarNimrod Cobalt Strike
2021-03-01Medium walmartglobaltechJason Reaves, Joshua Platt
Nimar Loader
BazarBackdoor BazarNimrod Cobalt Strike
2021-01-26Team CymruCERT-BR, Josh Hopkins, Manabu Niseki
GhostDNSbusters (Part 3) Illuminating GhostDNS Infrastructure
2021-01-20Medium walmartglobaltechJason Reaves, Joshua Platt
Anchor and Lazarus together again?
Anchor TrickBot
2020-12-16Cyborg SecurityJosh Meltzer
SUNBURST: SolarWinds Supply-Chain Attack
SUNBURST
2020-12-09CrowdStrikeJason Rivera, Josh Burgess
From Zero to SixtyThe Story of North Korea’s Rapid Ascent to Becoming a Global Cyber Superpower
FastCash Hermes WannaCryptor
2020-10-28FireEyeDouglas Bienstock, Jeremy Kennelly, Joshua Shilko, Kimberly Goody, Steve Elovitz
Unhappy Hour Special: KEGTAP and SINGLEMALT With a Ransomware Chaser
BazarBackdoor Cobalt Strike Ryuk UNC1878
2020-08-21Vimeo (RiskIQ)Josh Burgess, Steve Ginty
The Evolution of Ransomware & Pinchy Spider's Shot at the Title
Gandcrab REvil
2020-07-30FireEyeJoseph Hladik, Josh Fleischer
Obscured by Clouds: Insights into Office 365 Attacks and How Mandiant Managed Defense Investigates
2020-07-22SentinelOneJason Reaves, Joshua Platt
Enter the Maze: Demystifying an Affiliate Involved in Maze (SNOW)
ISFB Maze TrickBot Zloader
2020-06-30CrowdStrikeChad Hemenway, Chris Cwalina, Josh Burgess, Scot Lippenholz
Playing Chess Against Nation-State and Ransomware Threat Actors
2020-06-22Sentinel LABSJason Reaves, Joshua Platt
Inside a TrickBot Cobalt Strike Attack Server
Cobalt Strike TrickBot
2020-05-31Medium walmartglobaltechJason Reaves, Joshua Platt
WastedLoader or DridexLoader?
Dridex WastedLocker
2020-05-07FireEye IncJeremy Kennelly, Joshua Shilko, Kimberly Goody
Navigating the MAZE: Tactics, Techniques and Procedures Associated With MAZE Ransomware Incidents
Maze
2020-04-22Github (jstrosch)Josh Stroschein
Gomorrah stealer (.NET binary)
Gomorrah stealer
2020-04-10TrustwaveJoshua Deacon, Lloyd Macrohon
An In-depth Look at MailTo Ransomware, Part Three of Three
Mailto
2020-04-08TrustwaveJoshua Deacon, Lloyd Macrohon
An In-depth Look at MailTo Ransomware, Part Two of Three
Mailto
2020-04-03Josh Stroschein
Unpacking a Trojan with Ghidra and x64dbg
Simda
2020-03-31TrustwaveJoshua Deacon, Lloyd Macrohon
An In-depth Look at MailTo Ransomware, Part One of Three
Mailto
2020-01-17FireEyeJosh Madeley, William Ballenthin
404 Exploit Not Found: Vigilante Deploying Mitigation for Citrix NetScaler Vulnerability While Maintaining Backdoor
NOTROBIN NOTROBIN