Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-03-22MicrosoftDetection and Response Team (DART), Microsoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
DEV-0537 (UNC3661) criminal actor targeting organizations for data exfiltration and destruction
RedLine Stealer LAPSUS
2022-03-16MicrosoftMicrosoft Defender for IoT Research Team, Microsoft Threat Intelligence Center (MSTIC)
Uncovering Trickbot’s use of IoT devices in command-and-control infrastructure
TrickBot
2022-03-09Department of JusticeOffice of Public Affairs
Sodinokibi/REvil Ransomware Defendant Extradited to United States and Arraigned in Texas
REvil
2022-03-08Recorded FutureInsikt Group®
The Media Environment and Domestic Public Opinion in China Toward Russia’s War On Ukraine
2022-03-07ElasticAndrew Pease, Cyril François, Daniel Stepanic, Derek Ditch, Github (@1337-42), Joe Desimone, Samir Bousseaden
PHOREAL Malware Targets the Southeast Asian Financial Sector
PHOREAL
2022-03-01ElasticAndrew Pease, Cyril François, Daniel Stepanic, Github (@1337-42), Github (@ayfaouzi), Github (@jtnk), Mark Mager, Samir Bousseaden
Elastic protects against data wiper malware targeting Ukraine: HERMETICWIPER
HermeticWiper
2022-02-14SecurityWeekEduard Kovacs
Sophisticated FritzFrog P2P Botnet Returns After Long Break
FritzFrog
2022-02-07ElasticSamir Bousseaden
Exploring Windows UAC Bypasses: Techniques and Detection Strategies
2022-02-04MicrosoftMicrosoft Digital Security Unit (DSU), Microsoft Threat Intelligence Center (MSTIC)
ACTINIUM targets Ukrainian organizations
Pteranodon Gamaredon Group
2022-02-04MicrosoftMicrosoft Digital Security Unit (DSU), Microsoft Threat Intelligence Center (MSTIC)
ACTINIUM targets Ukrainian organizations
DilongTrash DinoTrain Pteranodon QuietSieve Gamaredon Group
2022-02-02ElasticGabriel Landau
Sandboxing Antimalware Products for Fun and Profit
2022-01-19ElasticAndrew Pease, Daniel Stepanic, James Spiteri, Joe Desimone, Mark Mager
Operation Bleeding Bear
WhisperGate
2022-01-19ElasticAndrew Pease, Daniel Stepanic, Derek Ditch, Seth Goodwin
Extracting Cobalt Strike Beacon Configurations
Cobalt Strike
2022-01-19ElasticAndrew Pease, Daniel Stepanic, Derek Ditch, Seth Goodwin
Collecting Cobalt Strike Beacons with the Elastic Stack
Cobalt Strike
2022-01-19ElasticAndrew Pease, Daniel Stepanic, James Spiteri, Joe Desimone, Mark Mager, Samir Bousseaden
Operation Bleeding Bear
WhisperGate
2022-01-18ElasticAndrew Pease, Daniel Stepanic, Derek Ditch, Seth Goodwin
FORMBOOK Adopts CAB-less Approach
Formbook
2022-01-13F5Dor Nizar, Roy Moshailov
FluBot’s Authors Employ Creative and Sophisticated Techniques to Achieve Their Goals in Version 5.0 and Beyond
FluBot
2021-12-23ElasticJoe Desimone, Samir Bousseaden
Elastic Security uncovers BLISTER malware campaign
Blister
2021-12-16SymantecThreat Hunter Team
Noberus: Technical Analysis Shows Sophistication of New Rust-based Ransomware
BlackCat
2021-12-11MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability
Khonsari NightSky BRONZE STARLIGHT