Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-10-06AonAndre Maccarone, John Ailes, Chapin Bryce
@online{maccarone:20221006:amazon:2723756, author = {Andre Maccarone and John Ailes and Chapin Bryce}, title = {{Amazon Web Services: Exploring The Cost Of Exfil}}, date = {2022-10-06}, organization = {Aon}, url = {https://www.aon.com/cyber-solutions/aon_cyber_labs/amazon-web-services-exploring-the-cost-of-exfil/}, language = {English}, urldate = {2023-05-02} } Amazon Web Services: Exploring The Cost Of Exfil
2022-04-04MandiantBryce Abdo, Zander Work, Ioana Teaca, Brendan McKeague
@online{abdo:20220404:fin7:305d62b, author = {Bryce Abdo and Zander Work and Ioana Teaca and Brendan McKeague}, title = {{FIN7 Power Hour: Adversary Archaeology and the Evolution of FIN7}}, date = {2022-04-04}, organization = {Mandiant}, url = {https://www.mandiant.com/resources/evolution-of-fin7}, language = {English}, urldate = {2022-06-27} } FIN7 Power Hour: Adversary Archaeology and the Evolution of FIN7
Griffon BABYMETAL Carbanak Cobalt Strike JSSLoader Termite
2021-02-25FireEyeBryce Abdo, Brendan McKeague, Van Ta
@online{abdo:20210225:so:88f3400, author = {Bryce Abdo and Brendan McKeague and Van Ta}, title = {{So Unchill: Melting UNC2198 ICEDID to Ransomware Operations}}, date = {2021-02-25}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2021/02/melting-unc2198-icedid-to-ransomware-operations.html}, language = {English}, urldate = {2021-03-02} } So Unchill: Melting UNC2198 ICEDID to Ransomware Operations
MOUSEISLAND Cobalt Strike Egregor IcedID Maze SystemBC
2021-01-22Twitter (@bryceabdo)Bryce
@online{bryce:20210122:grimagent:611b917, author = {Bryce}, title = {{Tweet on GRIMAGENT malware used by UNC1878 during some #RYUK intrusions in 2020}}, date = {2021-01-22}, organization = {Twitter (@bryceabdo)}, url = {https://twitter.com/bryceabdo/status/1352359414746009608}, language = {English}, urldate = {2021-02-06} } Tweet on GRIMAGENT malware used by UNC1878 during some #RYUK intrusions in 2020
GRIMAGENT