Click here to download all references as Bib-File.•
| 2024-05-21
⋅
Elastic
⋅
Invisible miners: unveiling GHOSTENGINE’s crypto mining operations win.ghostengine |
| 2023-10-31
⋅
Elastic
⋅
Elastic catches DPRK passing out KANDYKORN HLOADER KANDYKORN SUGARLOADER |
| 2023-10-03
⋅
Elastic
⋅
Introducing the REF5961 intrusion set (RUDEBIRD, DOWNTOWN, and EAGERBEE) EagerBee SManager REF2924 REF5961 |
| 2023-06-29
⋅
Elastic
⋅
The DPRK strikes using a new variant of RUSTBUCKET RustBucket |
| 2023-06-21
⋅
Elastic
⋅
Initial research exposing JOKERSPY JokerSpy |
| 2023-02-02
⋅
Elastic
⋅
Update to the REF2924 intrusion set and related campaigns DoorMe ShadowPad SiestaGraph |
| 2022-12-16
⋅
Elastic
⋅
SiestaGraph: New implant uncovered in ASEAN member foreign ministry DoorMe SiestaGraph |
| 2022-10-31
⋅
Elastic
⋅
ICEDIDs network infrastructure is alive and well IcedID |
| 2022-07-27
⋅
Elastic
⋅
Exploring the QBOT Attack Pattern QakBot |
| 2022-06-01
⋅
Elastic
⋅
CUBA Ransomware Campaign Analysis Cobalt Strike Cuba Meterpreter MimiKatz SystemBC |
| 2022-03-07
⋅
Elastic
⋅
PHOREAL Malware Targets the Southeast Asian Financial Sector PHOREAL |
| 2022-03-01
⋅
Elastic
⋅
Elastic protects against data wiper malware targeting Ukraine: HERMETICWIPER HermeticWiper |
| 2022-01-19
⋅
Elastic
⋅
Operation Bleeding Bear WhisperGate |
| 2022-01-19
⋅
Elastic
⋅
Extracting Cobalt Strike Beacon Configurations Cobalt Strike |
| 2022-01-19
⋅
Elastic
⋅
Collecting Cobalt Strike Beacons with the Elastic Stack Cobalt Strike |
| 2022-01-19
⋅
Elastic
⋅
Operation Bleeding Bear WhisperGate |
| 2022-01-18
⋅
Elastic
⋅
FORMBOOK Adopts CAB-less Approach Formbook |
| 2020-02-13
⋅
Elastic
⋅
Playing defense against Gamaredon Group Pteranodon |