Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-30CrowdStrikeFalcon OverWatch Team
@online{team:20210930:hunting:bc2e59d, author = {Falcon OverWatch Team}, title = {{Hunting for the Confluence Exploitation: When Falcon OverWatch Becomes the First Line of Defense}}, date = {2021-09-30}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/how-crowdstrike-threat-hunters-identified-a-confluence-exploit/}, language = {English}, urldate = {2021-10-05} } Hunting for the Confluence Exploitation: When Falcon OverWatch Becomes the First Line of Defense
Cobalt Strike
2021-09-17CrowdStrikeFalcon OverWatch Team
@online{team:20210917:falcon:76aa03b, author = {Falcon OverWatch Team}, title = {{Falcon OverWatch Hunts Down Adversaries Where They Hide}}, date = {2021-09-17}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/four-popular-defensive-evasion-techniques-in-2021/}, language = {English}, urldate = {2021-10-05} } Falcon OverWatch Hunts Down Adversaries Where They Hide
BazarBackdoor Cobalt Strike
2021-09-15CrowdStrikeFalcon OverWatch Team
@online{team:20210915:shining:138fc96, author = {Falcon OverWatch Team}, title = {{Shining a Light on DarkOxide}}, date = {2021-09-15}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/darkoxide-technical-analysis/}, language = {English}, urldate = {2021-09-19} } Shining a Light on DarkOxide
2021-08-04CrowdStrikeFalcon OverWatch Team, CrowdStrike Intelligence Team, CrowdStrike IR
@online{team:20210804:prophet:e6e6a99, author = {Falcon OverWatch Team and CrowdStrike Intelligence Team and CrowdStrike IR}, title = {{PROPHET SPIDER Exploits Oracle WebLogic to Facilitate Ransomware Activity}}, date = {2021-08-04}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/prophet-spider-exploits-oracle-weblogic-to-facilitate-ransomware-activity/}, language = {English}, urldate = {2021-09-02} } PROPHET SPIDER Exploits Oracle WebLogic to Facilitate Ransomware Activity
Cobalt Strike Egregor Mount Locker
2021-02-17CrowdStrikeStrategic Threat Advisory Group, Falcon OverWatch Team
@online{group:20210217:dont:807d211, author = {Strategic Threat Advisory Group and Falcon OverWatch Team}, title = {{Don’t Get Schooled: Understanding the Threats to the Academic Industry}}, date = {2021-02-17}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/academia-threat-landscape-2020-analysis/}, language = {English}, urldate = {2021-02-20} } Don’t Get Schooled: Understanding the Threats to the Academic Industry
2020-11-18CrowdStrikeFalcon OverWatch Team, CrowdStrike Intelligence Team
@online{team:20201118:hacking:3fb3539, author = {Falcon OverWatch Team and CrowdStrike Intelligence Team}, title = {{Hacking Farm to Table: Threat Hunters Uncover Rise in Attacks Against Agriculture}}, date = {2020-11-18}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/how-threat-hunting-uncovered-attacks-in-the-agriculture-industry}, language = {English}, urldate = {2020-11-23} } Hacking Farm to Table: Threat Hunters Uncover Rise in Attacks Against Agriculture
2020-07-14CrowdStrikeFalcon OverWatch Team
@online{team:20200714:manufacturing:3e552ec, author = {Falcon OverWatch Team}, title = {{Manufacturing Industry in the Adversaries’ Crosshairs}}, date = {2020-07-14}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/adversaries-targeting-the-manufacturing-industry/}, language = {English}, urldate = {2020-07-23} } Manufacturing Industry in the Adversaries’ Crosshairs
ShadowPad Snake