Click here to download all references as Bib-File.
2021-03-04 ⋅ FireEye ⋅ Detection and Response to Exploitation of Microsoft Exchange Zero-Day Vulnerabilities CHINACHOPPER HAFNIUM |
2020-12-13 ⋅ FireEye ⋅ Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor SUNBURST SUPERNOVA TEARDROP UNC2452 |
2020-10-29 ⋅ Twitter (@anthomsec) ⋅ Tweet on UNC1878 activity BazarBackdoor Ryuk TrickBot UNC1878 |
2020-07-13 ⋅ FireEye ⋅ SCANdalous! (External Detection Using Network Scan Data and Automation) POWERTON QUADAGENT PoshC2 |
2019-09-25 ⋅ Twitter (@QW5kcmV3) ⋅ Tweet on APT35 activity SysKit |
2019-04-05 ⋅ FireEye ⋅ Pick-Six: Intercepting a FIN6 Intrusion, an Actor Recently Tied to Ryuk and LockerGoga Ransomware LockerGoga Ryuk FIN6 |
2019-02-14 ⋅ Twitter (@QW5kcmV3) ⋅ Tweet on unpacking Remexi payload Remexi |
2019-01-29 ⋅ FireEye ⋅ APT39: An Iranian Cyber Espionage Group Focused on Personal Information APT39 |
2018-12-21 ⋅ FireEye ⋅ OVERRULED: Containing a Potentially Destructive Adversary POWERTON PoshC2 pupy |
2018-11-19 ⋅ FireEye ⋅ Not So Cozy: An Uncomfortable Examination of a Suspected APT29 Phishing Campaign Cobalt Strike |