Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-05-07FireEye IncJeremy Kennelly, Joshua Shilko, Kimberly Goody
Navigating the MAZE: Tactics, Techniques and Procedures Associated With MAZE Ransomware Incidents
Maze
2020-04-22Github (jstrosch)Josh Stroschein
Gomorrah stealer (.NET binary)
Gomorrah stealer
2020-04-10TrustwaveJoshua Deacon, Lloyd Macrohon
An In-depth Look at MailTo Ransomware, Part Three of Three
Mailto
2020-04-08TrustwaveJoshua Deacon, Lloyd Macrohon
An In-depth Look at MailTo Ransomware, Part Two of Three
Mailto
2020-04-03Josh Stroschein
Unpacking a Trojan with Ghidra and x64dbg
Simda
2020-03-31TrustwaveJoshua Deacon, Lloyd Macrohon
An In-depth Look at MailTo Ransomware, Part One of Three
Mailto
2020-01-17FireEyeJosh Madeley, William Ballenthin
404 Exploit Not Found: Vigilante Deploying Mitigation for Citrix NetScaler Vulnerability While Maintaining Backdoor
NOTROBIN NOTROBIN
2020-01-09SentinelOneJason Reaves, Joshua Platt, Vitali Kremez
Top-Tier Russian Organized Cybercrime Group Unveils Fileless Stealthy “PowerTrick” Backdoor for High-Value Targets
TrickBot WIZARD SPIDER
2019-12-10Sentinel LABSJason Reaves, Joshua Platt, Vitali Kremez
Anchor Project | The Deadly Planeswalker: How The TrickBot Group United High-Tech Crimeware & APT
Anchor
2019-11-29Palo Alto Networks Unit 42Josh Grunzweig, Kyle Wilhoit
The Fractured Block Campaign: CARROTBAT Used to Deliver Malware Targeting Southeast Asia
CarrotBat
2019-10-10FireEyeJeremy Kennelly, Jordan Nuce, Josh Yoder, Kimberly Goody, Nick Carr, Scott Runnels
Mahalo FIN7: Responding to the Criminal Operators’ New Tools and Techniques
BOOSTWRITE
2019-07-08SANSJosh M. Bryant, Robert Falcone
Hunting Webshells: Tracking TwoFace
TwoFace
2019-03-20FlashpointJason Reaves, Joshua Platt
FIN7 Revisited: Inside Astra Panel and SQLRat Malware
SQLRat FIN7
2019-03-20FlashpointJason Reaves, Joshua Platt
FIN7 Revisited: Inside Astra Panel and SQLRat Malware
DNSRat TinyMet
2019-03-19Palo Alto Networks Unit 42Josh Grunzweig, Tom Lancaster
Cardinal RAT Sins Again, Targets Israeli Fin-Tech Firms
EVILNUM Cardinal RAT EVILNUM
2019-03-13FlashpointJason Reaves, Joshua Platt
‘DMSniff’ POS Malware Actively Leveraged to Target Small-, Medium-Sized Businesses
DMSniff
2019-02-25Palo Alto Networks Unit 42Brittany Ash, Josh Grunzweig
Multiple ArtraDownloader Variants Used by BITTER to Target Pakistan
Artra Downloader
2019-02-13Youtube (SANS Digital Forensics & Incident Response)Josh Bryant, Robert Falcone
Hunting Webshells: Tracking TwoFace - SANS Threat Hunting Summit 2018
TwoFace
2018-11-05BromiumJosh Stroschein
Data Talks: Deeper Down the Rabbit Hole: Second-Stage Attack and a Fileless Finale
AdvisorsBot
2018-10-01Palo Alto Networks Unit 42Josh Grunzweig
NOKKI Almost Ties the Knot with DOGCALL: Reaper Group Uses New Malware to Deploy RAT
Nokki