Click here to download all references as Bib-File.•
2021-03-09
⋅
YouTube (John Hammond)
⋅
HAFNIUM - Post-Exploitation Analysis from Microsoft Exchange CHINACHOPPER |
2021-03-03
⋅
Huntress Labs
⋅
Rapid Response: Mass Exploitation of On-Prem Exchange Servers CHINACHOPPER HAFNIUM |
2021-03-01
⋅
YouTube (John Hammond)
⋅
Mozi Malware - Finding Breadcrumbs... Mozi |
2021-02-24
⋅
McAfee
⋅
Technical Analysis of Babuk Ransomware Babuk |
2021-01-28
⋅
Huntress Labs
⋅
Analyzing Ryuk Another Link in the Cyber Attack Chain BazarBackdoor Ryuk |
2021-01-12
⋅
BrightTALK (FireEye)
⋅
UNC2452: What We Know So Far Cobalt Strike SUNBURST TEARDROP |
2021-01-08
⋅
splunk
⋅
A Golden SAML Journey: SolarWinds Continued SUNBURST |
2021-01-04
⋅
splunk
⋅
Detecting Supernova Malware: SolarWinds Continued SUPERNOVA |
2020-12-30
⋅
Recorded Future
⋅
SOLARWINDS ATTRIBUTION: Are We Getting Ahead of Ourselves? An Analysis of UNC2452 Attribution SUNBURST |
2020-12-20
⋅
CitizenLab
⋅
The Great iPwn Journalists Hacked with Suspected NSO Group iMessage ‘Zero-Click’ Exploit Chrysaor |
2020-12-17
⋅
splunk
⋅
Onboarding Threat Indicators into Splunk Enterprise Security: SolarWinds Continued SUNBURST |
2020-12-15
⋅
Corelight
⋅
Finding SUNBURST Backdoor with Zeek Logs & Corelight SUNBURST |
2020-12-13
⋅
FireEye
⋅
Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor SUNBURST SUPERNOVA TEARDROP UNC2452 |
2020-12-13
⋅
Microsoft
⋅
Important steps for customers to protect themselves from recent nation-state cyberattacks |
2020-12-05
⋅
CitizenLab
⋅
Something to Remember Us By: Device Confiscated by Russian Authorities Returned with Monokle-Type Spyware Installed Monokle |
2020-12-01
⋅
CitizenLab
⋅
Running in Circles Uncovering the Clients of Cyberespionage Firm Circles |
2020-11-17
⋅
Salesforce Engineering
⋅
Easily Identify Malicious Servers on the Internet with JARM Cobalt Strike TrickBot |
2020-10-28
⋅
Twitter (@BitsOfBinary)
⋅
Tweet on macOS version of Manuscrypt Manuscrypt |
2020-10-28
⋅
Trend Micro
⋅
Operation Earth Kitsune: A Dance of Two New Backdoors AgfSpy DneSpy SLUB Earth Kitsune |
2020-10-19
⋅
Trend Micro
⋅
Operation Earth Kitsune: Tracking SLUB’s Current Operations SLUB |