Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-12-17Palo Alto Networks Unit 42Matthew Tennis
SUPERNOVA SolarWinds .NET Webshell Analysis
SUPERNOVA BRONZE SPIRAL
2020-12-17Palo Alto Networks Unit 42Matt Tennis
SUPERNOVA: SolarStorm’s Novel .NET Webshell
SUPERNOVA
2020-12-17ESET ResearchIgnacio Sanmillan, Matthieu Faou
Operation SignSight: Supply‑chain attack against a certification authority in Southeast Asia
SManager
2020-12-14VolexityDamien Cash, Matthew Meltzer, Sean Koessel, Steven Adair, Thomas Lancaster, Volexity Threat Research
Dark Halo Leverages SolarWinds Compromise to Breach Organizations
SUNBURST
2020-12-13FireEyeAlex Berry, Alex Pennino, Alyssa Rahman, Andrew Archer, Andrew Rector, Andrew Thompson, Barry Vengerik, Ben Read, Ben Withnell, Chris DiGiamo, Christopher Glyer, Dan Perez, Dileep Jallepalli, Doug Bienstock, Eric Scales, Evan Reese, Fred House, Glenn Edwards, Ian Ahl, Isif Ibrahima, Jay Smith, John Gorman, John Hultquist, Jon Leathery, Lennard Galang, Marcin Siedlarz, Matt Dunwoody, Matthew McWhirt, Michael Sikorski, Microsoft, Mike Burns, Nalani Fraiser, Nick Bennett, Nick Carr, Nick Hornick, Nick Richard, Nicole Oppenheim, Omer Baig, Ramin Nafisi, Sarah Jones, Scott Runnels, Stephen Eckels, Steve Miller, Steve Stone, William Ballenthin
Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor
SUNBURST SUPERNOVA TEARDROP UNC2452
2020-12-08Red CanaryMatt Graeber
The why, what, and how of threat research
2020-12-02ESET ResearchMatthieu Faou
Turla Crutch: Keeping the “back door” open
Crutch Gazer Turla
2020-11-20Trend MicroAbraham Camba, Bren Matthew Ebriega, Gilbert Sison
Weaponizing Open Source Software for Targeted Attacks
LaZagne Defray PlugX
2020-10-30CofenseThe Cofense Intelligence Team
The Ryuk Threat: Why BazarBackdoor Matters Most
BazarBackdoor Ryuk
2020-10-02ESET ResearchMatthieu Faou
XDSpy: Stealing government secrets since 2011
XDSpy XDSpy
2020-10-01Github (eset)Matthieu Faou
XDSpy Indicators of Compromise
XDSpy XDSpy
2020-09-30Virus BulletinFrancis Labelle, Matthieu Faou
XDSPY: STEALING GOVERNMENT SECRETS SINCE 2011
XDSpy XDSpy
2020-09-24Github (FortyNorthSecurity)Joe Leon, Matt Grandy
Offensive Maldocs in 2020
2020-09-02ESET ResearchAlexandre Côté Cyr, Matthieu Faou
KryptoCibule: The multitasking multicurrency cryptostealer
KryptoCibule
2020-07-21YouTube ( OPCDE with Matt Suiche)Mohamad Mokbel
vOPCDE #9 - A Journey into Malware HTTP Communication Channels Spectacles (Mohamad Mokbel)
Alureon Aytoke Cobra Carbon System CROSSWALK danbot ProtonBot Silence
2020-07-08COLUMBIA | SIPAJennifer Keltz, John Patrick Dees, John Sakellariadis, Katherine von Ofenheim, Lan Pelekis, Matthew Armelli, Max Egar, Neal Pollard, Stuart Caudill, Vipratap Vikram Singh
Named But Hardly Shamed: What is the Impact of Information Disclosures on an APT Operations?
2020-07-07FireEyeMatthew Haigh, Trevor Haskell
Configuring a Windows Domain to Dynamically Analyze an Obfuscated Lateral Movement Tool
2020-06-17Youtube (Red Canary)Adam Pennington, David Kaplan, Erika Noerenberg, Matt Graeber
ATT&CK® Deep Dive: Process Injection
ISFB Ramnit TrickBot
2020-06-15FortinetFred Gutierrez, Val Saengphaibul
Global Malicious Spam Campaign Using Black Lives Matter as a Lure
TrickBot
2020-06-12HornetsecuritySecurity Lab
Trickbot Malspam Leveraging Black Lives Matter as Lure
TrickBot