Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-02-26AonEduardo Mattos, Rob Homewood
@online{mattos:20220226:yours:2cd2d24, author = {Eduardo Mattos and Rob Homewood}, title = {{Yours Truly, Signed AV Driver: Weaponizing An Antivirus Driver}}, date = {2022-02-26}, organization = {Aon}, url = {https://www.aon.com/cyber-solutions/aon_cyber_labs/yours-truly-signed-av-driver-weaponizing-an-antivirus-driver/}, language = {English}, urldate = {2022-03-22} } Yours Truly, Signed AV Driver: Weaponizing An Antivirus Driver
Cuba KillAV
2022-02-26AonEduardo Mattos, Rob Homewood
@online{mattos:20220226:yours:aa5994a, author = {Eduardo Mattos and Rob Homewood}, title = {{Yours Truly, Signed AV Driver: Weaponizing An Antivirus Driver}}, date = {2022-02-26}, organization = {Aon}, url = {https://cyber.aon.com/aon_cyber_labs/yours-truly-signed-av-driver-weaponizing-an-antivirus-driver/}, language = {English}, urldate = {2022-03-01} } Yours Truly, Signed AV Driver: Weaponizing An Antivirus Driver
KillAV
2021-08-27AonNoah Rubin, Aon’s Cyber Labs
@online{rubin:20210827:cobalt:a44e08a, author = {Noah Rubin and Aon’s Cyber Labs}, title = {{Cobalt Strike Configuration Extractor and Parser}}, date = {2021-08-27}, organization = {Aon}, url = {https://www.aon.com/cyber-solutions/aon_cyber_labs/cobalt-strike-configuration-extractor-and-parser/}, language = {English}, urldate = {2022-05-04} } Cobalt Strike Configuration Extractor and Parser
Cobalt Strike
2021-01-29AonPartha Alwar, Carly Battaile, Alex Parsons
@online{alwar:20210129:cloudy:e701758, author = {Partha Alwar and Carly Battaile and Alex Parsons}, title = {{Cloudy with a Chance of Persistent Email Access}}, date = {2021-01-29}, organization = {Aon}, url = {https://www.aon.com/cyber-solutions/aon_cyber_labs/cloudy-with-a-chance-of-persistent-email-access/}, language = {English}, urldate = {2021-02-09} } Cloudy with a Chance of Persistent Email Access
SUNBURST
2017-05IEEELorenzo De Carli, Ruben Torres, Gaspar Modelo-Howard, Alok Tongaonkar, Somesh Jha
@online{carli:201705:botnet:18f6b9a, author = {Lorenzo De Carli and Ruben Torres and Gaspar Modelo-Howard and Alok Tongaonkar and Somesh Jha}, title = {{Botnet Protocol Inference in the Presence of Encrypted Traffic}}, date = {2017-05}, organization = {IEEE}, url = {https://www.researchgate.net/profile/Lorenzo-De-Carli/publication/320250366_Botnet_protocol_inference_in_the_presence_of_encrypted_traffic/links/5fa9608792851cc286a08592/Botnet-protocol-inference-in-the-presence-of-encrypted-traffic.pdf?origin=publication_detail}, language = {English}, urldate = {2021-10-11} } Botnet Protocol Inference in the Presence of Encrypted Traffic
Ramnit Sality ZeroAccess