Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-09-07Huntress LabsHarlan Carvey
Evolution of USB-Borne Malware, Raspberry Robin
Raspberry Robin
2023-08-23Twitter (@embee_research)Embee_research, Huntress Labs
Extracting Xworm from Bloated Golang Executable
XWorm
2023-05-09Huntress LabsMatthew Brennan
Advanced Cyberchef Tips - AsyncRAT Loader
AsyncRAT
2023-03-30Huntress LabsJohn Hammond
3CX VoIP Software Compromise & Supply Chain Threats
3CX Backdoor
2023-02-08Huntress LabsJoe Slowik, Matt Anderson
Investigating Intrusions From Intriguing Exploits
Silence
2023-02-08Huntress LabsJoe Slowik, Matt Anderson
Investigating Intrusions From Intriguing Exploits
Silence
2023-02-08Huntress LabsMichael Elford
AsyncRAT: Analysing the Three Stages of Execution
AsyncRAT
2023-02-03Huntress LabsChad Hudson
Ave Maria and the Chambers of Warzone RAT
Ave Maria
2022-10-12Twitter (@embee_research)Embee_research, Huntress Labs
Tweets on detection of Brute Ratel via API Hashes
Brute Ratel C4
2022-10-11Twitter (@embee_research)Embee_research, Huntress Labs
Tweet on Havoc C2 - Static Detection Via Ntdll API Hashes
Havoc
2022-08-16Huntress LabsDray Agha
Cleartext Shenanigans: Gifting User Passwords to Adversaries With NPPSPY
2022-03-01Huntress LabsJohn Hammond
Targeted APT Activity: BABYSHARK Is Out for Blood
BabyShark
2022-02-18Huntress LabsMatthew Brennan
Hackers No Hashing: Randomizing API Hashes to Evade Cobalt Strike Shellcode Detection
Cobalt Strike
2022-01-15Huntress LabsTeam Huntress
Threat Advisory: VMware Horizon Servers Actively Being Hit With Cobalt Strike (by DEV-0401)
Cobalt Strike
2021-10-22Huntress LabsCaleb Stewart
Threat Advisory: Hackers Are Exploiting a Vulnerability in Popular Billing Software to Deploy Ransomware
2021-08-19Huntress LabsJohn Hammond
Microsoft Exchange Servers Still Vulnerable to ProxyShell Exploit
2021-08-17Huntress LabsMatthew Brennan
Snakes on a Domain: An Analysis of a Python Malware Loader
2021-07-20Huntress LabsJohn Hammond
Security Researchers’ Hunt to Discover Origins of the Kaseya VSA Mass Ransomware Incident
REvil
2021-07-02Huntress LabsHuntress Labs
Crticial Ransomware Incident in Progress
REvil
2021-05-25Huntress LabsMatthew Brennan
Cobalt Strikes Again: An Analysis of Obfuscated Malware
Cobalt Strike
2021-04-05Huntress LabsJohn Hammond
From PowerShell to Payload: An Analysis of Weaponized Malware
2021-03-05Huntress LabsHuntress Labs
Operation Exchange Marauder
CHINACHOPPER
2021-03-04Huntress LabsHuntress Labs
Operation Exchange Marauder
CHINACHOPPER
2021-03-03Huntress LabsJohn Hammond
Rapid Response: Mass Exploitation of On-Prem Exchange Servers
CHINACHOPPER HAFNIUM
2021-03-03Huntress LabsHuntress Labs
Mass exploitation of on-prem Exchange servers :(
CHINACHOPPER HAFNIUM
2021-01-28Huntress LabsJohn Hammond
Analyzing Ryuk Another Link in the Cyber Attack Chain
BazarBackdoor Ryuk
2020-06-18Medium Huntress LabsJohn Ferrell
Hiding In Plain Sight