Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-02-07ElasticSamir Bousseaden
Exploring Windows UAC Bypasses: Techniques and Detection Strategies
2022-02-04MicrosoftMicrosoft Digital Security Unit (DSU), Microsoft Threat Intelligence Center (MSTIC)
ACTINIUM targets Ukrainian organizations
Pteranodon Gamaredon Group
2022-02-04MicrosoftMicrosoft Digital Security Unit (DSU), Microsoft Threat Intelligence Center (MSTIC)
ACTINIUM targets Ukrainian organizations
DilongTrash DinoTrain Pteranodon QuietSieve Gamaredon Group
2022-02-02ElasticGabriel Landau
Sandboxing Antimalware Products for Fun and Profit
2022-01-19ElasticAndrew Pease, Daniel Stepanic, James Spiteri, Joe Desimone, Mark Mager
Operation Bleeding Bear
WhisperGate
2022-01-19ElasticAndrew Pease, Daniel Stepanic, Derek Ditch, Seth Goodwin
Extracting Cobalt Strike Beacon Configurations
Cobalt Strike
2022-01-19ElasticAndrew Pease, Daniel Stepanic, Derek Ditch, Seth Goodwin
Collecting Cobalt Strike Beacons with the Elastic Stack
Cobalt Strike
2022-01-19ElasticAndrew Pease, Daniel Stepanic, James Spiteri, Joe Desimone, Mark Mager, Samir Bousseaden
Operation Bleeding Bear
WhisperGate
2022-01-18ElasticAndrew Pease, Daniel Stepanic, Derek Ditch, Seth Goodwin
FORMBOOK Adopts CAB-less Approach
Formbook
2022-01-13F5Dor Nizar, Roy Moshailov
FluBot’s Authors Employ Creative and Sophisticated Techniques to Achieve Their Goals in Version 5.0 and Beyond
FluBot
2021-12-23ElasticJoe Desimone, Samir Bousseaden
Elastic Security uncovers BLISTER malware campaign
Blister
2021-12-16SymantecThreat Hunter Team
Noberus: Technical Analysis Shows Sophistication of New Rust-based Ransomware
BlackCat
2021-12-11MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability
Khonsari NightSky BRONZE STARLIGHT
2021-12-06MicrosoftMicrosoft Digital Security Unit (DSU), Microsoft Threat Intelligence Center (MSTIC)
NICKEL targeting government organizations across Latin America and Europe
MimiKatz
2021-12-06MandiantAshraf Abdalhalim, Ben Read, Doug Bienstock, Gabriella Roncone, Jonathan Leathery, Josh Madeley, Juraj Sucik, Luis Rocha, Luke Jenkins, Manfred Erjak, Marius Fodoreanu, Microsoft Detection and Response Team (DART), Microsoft Threat Intelligence Center (MSTIC), Mitchell Clarke, Parnian Najafi, Sarah Hawley, Wojciech Ledzion
Suspected Russian Activity Targeting Government and Business Entities Around the Globe (UNC2452)
Cobalt Strike CryptBot
2021-12-02AhnLabASEC Analysis Team
Spreading AgentTesla through more sophisticated malicious PPT
Agent Tesla
2021-11-18MicrosoftMicrosoft Digital Security Unit (DSU), Microsoft Threat Intelligence Center (MSTIC)
Iranian targeting of IT sector on the rise
MimiKatz ShellClient RAT Cuboid Sandstorm
2021-11-18US Department of JusticeDepartment of Justice
Two Iranian Nationals Charged for Cyber-Enabled Disinformation and Threat Campaign Designed to Influence the 2020 U.S. Presidential Election ( Seyyed Mohammad Hosein Musa Kazemi & Sajjad Kashian )
2021-11-18US Department of JusticeDepartment of Justice
Indictment of Seyyed Mohammad Hosein Musa Kazemi
2021-11-16MicrosoftMicrosoft Threat Intelligence
Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021
APT35 Gray Sandstorm