Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-04-19NetresecErik Hjelmvik
@online{hjelmvik:20210419:analysing:c6bff49, author = {Erik Hjelmvik}, title = {{Analysing a malware PCAP with IcedID and Cobalt Strike traffic}}, date = {2021-04-19}, organization = {Netresec}, url = {https://netresec.com/?b=214d7ff}, language = {English}, urldate = {2021-04-20} } Analysing a malware PCAP with IcedID and Cobalt Strike traffic
Cobalt Strike IcedID
2021-02-17NetresecErik Hjelmvik
@online{hjelmvik:20210217:targeting:6deceed, author = {Erik Hjelmvik}, title = {{Targeting Process for the SolarWinds Backdoor}}, date = {2021-02-17}, organization = {Netresec}, url = {https://netresec.com/?b=212a6ad}, language = {English}, urldate = {2021-02-18} } Targeting Process for the SolarWinds Backdoor
SUNBURST
2021-01-25NetresecErik Hjelmvik
@online{hjelmvik:20210125:twentythree:d3fad49, author = {Erik Hjelmvik}, title = {{Twenty-three SUNBURST Targets Identified}}, date = {2021-01-25}, organization = {Netresec}, url = {https://netresec.com/?b=211cd21}, language = {English}, urldate = {2021-01-25} } Twenty-three SUNBURST Targets Identified
SUNBURST
2021-01-11NetresecErik Hjelmvik
@online{hjelmvik:20210111:robust:5683220, author = {Erik Hjelmvik}, title = {{Robust Indicators of Compromise for SUNBURST}}, date = {2021-01-11}, organization = {Netresec}, url = {https://netresec.com/?b=211f30f}, language = {English}, urldate = {2021-01-21} } Robust Indicators of Compromise for SUNBURST
SUNBURST
2021-01-04NetresecErik Hjelmvik
@online{hjelmvik:20210104:finding:d869bd9, author = {Erik Hjelmvik}, title = {{Finding Targeted SUNBURST Victims with pDNS}}, date = {2021-01-04}, organization = {Netresec}, url = {https://netresec.com/?b=2113a6a}, language = {English}, urldate = {2021-01-05} } Finding Targeted SUNBURST Victims with pDNS
SUNBURST
2020-12-29NetresecErik Hjelmvik
@online{hjelmvik:20201229:extracting:1640842, author = {Erik Hjelmvik}, title = {{Extracting Security Products from SUNBURST DNS Beacons}}, date = {2020-12-29}, organization = {Netresec}, url = {https://www.netresec.com/?page=Blog&month=2020-12&post=Extracting-Security-Products-from-SUNBURST-DNS-Beacons}, language = {English}, urldate = {2021-01-04} } Extracting Security Products from SUNBURST DNS Beacons
SUNBURST
2020-12-17NetresecErik Hjelmvik
@online{hjelmvik:20201217:reassembling:2a2f222, author = {Erik Hjelmvik}, title = {{Reassembling Victim Domain Fragments from SUNBURST DNS}}, date = {2020-12-17}, organization = {Netresec}, url = {https://www.netresec.com/?page=Blog&month=2020-12&post=Reassembling-Victim-Domain-Fragments-from-SUNBURST-DNS}, language = {English}, urldate = {2020-12-18} } Reassembling Victim Domain Fragments from SUNBURST DNS
SUNBURST
2014-10-27NetresecErik Hjelmvik
@online{hjelmvik:20141027:full:83d84ee, author = {Erik Hjelmvik}, title = {{Full Disclosure of Havex Trojans}}, date = {2014-10-27}, organization = {Netresec}, url = {http://www.netresec.com/?page=Blog&month=2014-10&post=Full-Disclosure-of-Havex-Trojans}, language = {English}, urldate = {2019-11-29} } Full Disclosure of Havex Trojans
Energetic Bear