Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-11-29IBM X-Force ExchangeIBM IRIS
@online{iris:20221129:cargobay:9f0719a, author = {IBM IRIS}, title = {{CargoBay BlackHat Backdoor Analysis Report (IRIS-14738)}}, date = {2022-11-29}, organization = {IBM X-Force Exchange}, url = {https://exchange.xforce.ibmcloud.com/malware-analysis/guid:87abff769352d8208e403331c86eb95f}, language = {English}, urldate = {2023-02-17} } CargoBay BlackHat Backdoor Analysis Report (IRIS-14738)
CargoBay
2021-08-04BlackHatDavid Evenden
@techreport{evenden:20210804:whoops:38ad484, author = {David Evenden}, title = {{Whoops, I Accidentally Helped Start the Offensive Intel Branch of a Foreign Intel Service}}, date = {2021-08-04}, institution = {BlackHat}, url = {https://i.blackhat.com/USA21/Wednesday-Handouts/us-21-Whoops-I-Accidentally-Helped-Start-The-Offensive-Intel-Branch-Of-A-Foreign-Intel-Service.pdf}, language = {English}, urldate = {2021-09-22} } Whoops, I Accidentally Helped Start the Offensive Intel Branch of a Foreign Intel Service
2021-08-04BlackHatRichard Emerson, Allison Wikoff
@techreport{emerson:20210804:kitten:7033b95, author = {Richard Emerson and Allison Wikoff}, title = {{The Kitten that Charmed Me: The 9 Lives of a Nation State Attacker}}, date = {2021-08-04}, institution = {BlackHat}, url = {https://i.blackhat.com/USA21/Wednesday-Handouts/us-21-The-Kitten-That-Charmed-Me-The-9-Lives-Of-A-Nation-State-Attacker.pdf}, language = {English}, urldate = {2021-08-23} } The Kitten that Charmed Me: The 9 Lives of a Nation State Attacker
LittleLooter
2020-08-05BlackHatKevin Perlow
@techreport{perlow:20200805:fastcash:5e6b73a, author = {Kevin Perlow}, title = {{FASTCash and Associated Intrusion Techniques}}, date = {2020-08-05}, institution = {BlackHat}, url = {https://i.blackhat.com/USA-20/Wednesday/us-20-Perlow-FASTCash-And-INJX_Pure-How-Threat-Actors-Use-Public-Standards-For-Financial-Fraud-wp.pdf}, language = {English}, urldate = {2020-08-14} } FASTCash and Associated Intrusion Techniques
FastCash
2020-08-05BlackHatBill Demirkapi
@techreport{demirkapi:20200805:demystifying:147bf1e, author = {Bill Demirkapi}, title = {{Demystifying Modern Windows Rootkits}}, date = {2020-08-05}, institution = {BlackHat}, url = {https://billdemirkapi.me/slides/Demystifying-Modern-Windows-Rootkits-BH.pdf}, language = {English}, urldate = {2020-08-18} } Demystifying Modern Windows Rootkits
2020-08-05BlackHatKevin Perlow
@techreport{perlow:20200805:fastcashand:301d8ce, author = {Kevin Perlow}, title = {{FASTCashand INJX_PURE: How Threat Actors Use Public Standards for Financial Fraud}}, date = {2020-08-05}, institution = {BlackHat}, url = {https://i.blackhat.com/USA-20/Wednesday/us-20-Perlow-FASTCash-And-INJX_Pure-How-Threat-Actors-Use-Public-Standards-For-Financial-Fraud.pdf}, language = {English}, urldate = {2020-08-14} } FASTCashand INJX_PURE: How Threat Actors Use Public Standards for Financial Fraud
FastCash
2020-08-04BlackHatChung-Kuan Chen, Inndy Lin, Shang-De Jiang
@techreport{chen:20200804:operation:4cf417f, author = {Chung-Kuan Chen and Inndy Lin and Shang-De Jiang}, title = {{Operation Chimera - APT Operation Targets Semiconductor Vendors}}, date = {2020-08-04}, institution = {BlackHat}, url = {https://i.blackhat.com/USA-20/Thursday/us-20-Chen-Operation-Chimera-APT-Operation-Targets-Semiconductor-Vendors.pdf}, language = {English}, urldate = {2020-11-04} } Operation Chimera - APT Operation Targets Semiconductor Vendors
Cobalt Strike MimiKatz Winnti Red Charon
2019-08-08BlackHatEric Doerr
@techreport{doerr:20190808:enemy:3962b21, author = {Eric Doerr}, title = {{The Enemy Within: Modern Supply Chain Attacks}}, date = {2019-08-08}, institution = {BlackHat}, url = {https://i.blackhat.com/USA-19/Thursday/us-19-Doerr-The-Enemy-Within-Modern-Supply-Chain-Attacks.pdf}, language = {English}, urldate = {2020-08-14} } The Enemy Within: Modern Supply Chain Attacks
VPNFilter
2017-10-16AkamaiAkamei
@techreport{akamei:20171016:upnproxy:044596d, author = {Akamei}, title = {{UPnProxy: Blackhat Proxies via NAT Injections}}, date = {2017-10-16}, institution = {Akamai}, url = {https://www.akamai.com/uk/en/multimedia/documents/white-paper/upnproxy-blackhat-proxies-via-nat-injections-white-paper.pdf}, language = {English}, urldate = {2019-12-10} } UPnProxy: Blackhat Proxies via NAT Injections
Inception Framework
2013-07-19BlackHatJason Geffner
@techreport{geffner:20130719:endtoend:0b46196, author = {Jason Geffner}, title = {{End-to-End Analysis of a Domain Generating Algorithm Malware Family}}, date = {2013-07-19}, institution = {BlackHat}, url = {https://paper.bobylive.com/Meeting_Papers/BlackHat/USA-2013/US-13-Geffner-End-To-End-Analysis-of-a-Domain-Generating-Algorithm-Malware-Family-WP.pdf}, language = {English}, urldate = {2022-04-25} } End-to-End Analysis of a Domain Generating Algorithm Malware Family
SuppoBox