Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-04-18ZscalerShatak Jain, Meghraj Nandanwar
@online{jain:20230418:introducing:4367edf, author = {Shatak Jain and Meghraj Nandanwar}, title = {{Introducing DevOpt: A Multifunctional Backdoor Arsenal}}, date = {2023-04-18}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/introducing-devopt-multifunctional-backdoor-arsenal}, language = {English}, urldate = {2023-04-22} } Introducing DevOpt: A Multifunctional Backdoor Arsenal
DevOpt
2023-03-30ElasticDaniel Stepanic, Remco Sprooten, Joe Desimone, Samir Bousseaden, Devon Kerr
@online{stepanic:20230330:elastic:8671074, author = {Daniel Stepanic and Remco Sprooten and Joe Desimone and Samir Bousseaden and Devon Kerr}, title = {{Elastic users protected from SUDDENICON’s supply chain attack}}, date = {2023-03-30}, organization = {Elastic}, url = {https://www.elastic.co/security-labs/elastic-users-protected-from-suddenicon-supply-chain-attack}, language = {English}, urldate = {2023-04-02} } Elastic users protected from SUDDENICON’s supply chain attack
3CX Backdoor
2023-02-02ElasticSalim Bitam, Remco Sprooten, Cyril François, Andrew Pease, Devon Kerr, Seth Goodwin
@online{bitam:20230202:update:57ea3a2, author = {Salim Bitam and Remco Sprooten and Cyril François and Andrew Pease and Devon Kerr and Seth Goodwin}, title = {{Update to the REF2924 intrusion set and related campaigns}}, date = {2023-02-02}, organization = {Elastic}, url = {https://www.elastic.co/security-labs/update-to-the-REF2924-intrusion-set-and-related-campaigns}, language = {English}, urldate = {2023-03-21} } Update to the REF2924 intrusion set and related campaigns
DoorMe ShadowPad SiestaGraph
2022-12-16ElasticSamir Bousseaden, Andrew Pease, Daniel Stepanic, Salim Bitam, Seth Goodwin, Devon Kerr
@online{bousseaden:20221216:siestagraph:bb73ce7, author = {Samir Bousseaden and Andrew Pease and Daniel Stepanic and Salim Bitam and Seth Goodwin and Devon Kerr}, title = {{SiestaGraph: New implant uncovered in ASEAN member foreign ministry}}, date = {2022-12-16}, organization = {Elastic}, url = {https://www.elastic.co/security-labs/siestagraph-new-implant-uncovered-in-asean-member-foreign-ministry}, language = {English}, urldate = {2022-12-19} } SiestaGraph: New implant uncovered in ASEAN member foreign ministry
DoorMe SiestaGraph
2022-03-21Azure DevOps (Mastadamus)Mastadamus
@online{mastadamus:20220321:anatomy:5e52c7b, author = {Mastadamus}, title = {{Anatomy of An Mirai Botnet Attack}}, date = {2022-03-21}, organization = {Azure DevOps (Mastadamus)}, url = {https://dev.azure.com/Mastadamus/Mirai%20Botnet%20Analysis/_wiki/wikis/Mirai-Botnet-Analysis.wiki/12/Anatomy-of-An-Mirai-Botnet-Attack}, language = {English}, urldate = {2022-03-22} } Anatomy of An Mirai Botnet Attack
Mirai
2022-01-30ItnextThe Devops Guy
@online{guy:20220130:how:27007ac, author = {The Devops Guy}, title = {{How I reversed a NodeJS malware and found the author}}, date = {2022-01-30}, organization = {Itnext}, url = {https://itnext.io/how-i-reversed-a-nodejs-malware-and-found-the-author-7dd9531b389f}, language = {English}, urldate = {2022-02-04} } How I reversed a NodeJS malware and found the author
2021-03-11DEVOFran Gomez
@online{gomez:20210311:detection:e16ec1f, author = {Fran Gomez}, title = {{Detection and Investigation Using Devo: HAFNIUM 0-day Exploits on Microsoft Exchange Service}}, date = {2021-03-11}, organization = {DEVO}, url = {https://www.devo.com/blog/detect-and-investigate-hafnium-using-devo/}, language = {English}, urldate = {2021-03-12} } Detection and Investigation Using Devo: HAFNIUM 0-day Exploits on Microsoft Exchange Service
CHINACHOPPER MimiKatz
2021-03-04ElasticDevon Kerr
@online{kerr:20210304:detection:eb05792, author = {Devon Kerr}, title = {{Detection and Response for HAFNIUM Activity}}, date = {2021-03-04}, organization = {Elastic}, url = {https://discuss.elastic.co/t/detection-and-response-for-hafnium-activity/266289}, language = {English}, urldate = {2021-03-10} } Detection and Response for HAFNIUM Activity
HAFNIUM
2020-06-26Department of JusticeDepartment of Justice
@online{justice:20200626:russian:276b274, author = {Department of Justice}, title = {{Russian National (Aleksei Burkov, Cardplanet) Sentenced to Prison for Operating Websites Devoted to Fraud and Malicious Cyber Activities}}, date = {2020-06-26}, organization = {Department of Justice}, url = {https://www.justice.gov/opa/pr/russian-national-sentenced-prison-operating-websites-devoted-fraud-and-malicious-cyber}, language = {English}, urldate = {2020-06-29} } Russian National (Aleksei Burkov, Cardplanet) Sentenced to Prison for Operating Websites Devoted to Fraud and Malicious Cyber Activities
2018-02-13EndgameDevon Kerr
@online{kerr:20180213:stopping:14ebecf, author = {Devon Kerr}, title = {{Stopping Olympic Destroyer: New Process Injection Insights}}, date = {2018-02-13}, organization = {Endgame}, url = {https://www.endgame.com/blog/technical-blog/stopping-olympic-destroyer-new-process-injection-insights}, language = {English}, urldate = {2020-01-08} } Stopping Olympic Destroyer: New Process Injection Insights
Olympic Destroyer