Click here to download all references as Bib-File.
2022-06-23 ⋅ Trellix ⋅ The Sound of Malware Conti VHD Ransomware |
2022-05-03 ⋅ Trellix ⋅ The Hermit Kingdom’s Ransomware play VHD Ransomware |
2022-02-17 ⋅ Trellix ⋅ Looking over the nation-state actors’ shoulders: Even they have a difficult day sometimes Empire Downloader |
2022-01-25 ⋅ Trellix ⋅ Prime Minister’s Office Compromised: Details of Recent Espionage Campaign Graphite |
2022-01-20 ⋅ Trellix ⋅ Return of Pseudo Ransomware WhisperGate |
2021-09-14 ⋅ McAfee ⋅ Operation ‘Harvest’: A Deep Dive into a Long-term Campaign MimiKatz PlugX Winnti |
2021-06-29 ⋅ YouTube (C. Beek) ⋅ Demo of REvil/Sodinokibi Linux variant encrypting a Linux system REvil |
2021-05-14 ⋅ McAfee ⋅ Darkside Ransomware Victims Sold Short DarkSide |
2021-01-16 ⋅ Medium christiaanbeek ⋅ VHD Forensics — the sequel |
2020-12-17 ⋅ McAfee ⋅ Additional Analysis into the SUNBURST Backdoor SUNBURST |
2020-11-05 ⋅ McAfee ⋅ Operation North Star: Behind The Scenes NedDnLoader Torisma |
2020-07-10 ⋅ ReversingLabs ⋅ YARA Rules talks and presentation of REVERSING 2020 |
2020-02-20 ⋅ McAfee ⋅ CSI: Evidence Indicators for Targeted Ransomware Attacks – Part II Cobalt Strike LockerGoga Maze MegaCortex |
2020-02-12 ⋅ McAfee ⋅ CSI: Evidence Indicators for Targeted Ransomware Attacks – Part I FriedEx |
2019-10-20 ⋅ McAfee ⋅ McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service – Crescendo REvil |
2019-01-09 ⋅ McAfee ⋅ Ryuk Ransomware Attack: Rush to Attribution Misses the Point Ryuk |
2018-12-19 ⋅ McAfee ⋅ Shamoon Attackers Employ New Tool Kit to Wipe Infected Systems Filerase |
2018-12-19 ⋅ Shamoon Attackers Employ New Tool Kit to Wipe Infected Systems OilRig |