Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-08-19Huntress LabsJohn Hammond
@online{hammond:20210819:microsoft:a25f571, author = {John Hammond}, title = {{Microsoft Exchange Servers Still Vulnerable to ProxyShell Exploit}}, date = {2021-08-19}, organization = {Huntress Labs}, url = {https://www.huntress.com/blog/rapid-response-microsoft-exchange-servers-still-vulnerable-to-proxyshell-exploit}, language = {English}, urldate = {2021-08-25} } Microsoft Exchange Servers Still Vulnerable to ProxyShell Exploit
2021-08-17Huntress LabsMatthew Brennan
@online{brennan:20210817:snakes:1b4d004, author = {Matthew Brennan}, title = {{Snakes on a Domain: An Analysis of a Python Malware Loader}}, date = {2021-08-17}, organization = {Huntress Labs}, url = {https://www.huntress.com/blog/snakes-on-a-domain-an-analysis-of-a-python-malware-loader}, language = {English}, urldate = {2021-08-20} } Snakes on a Domain: An Analysis of a Python Malware Loader
2021-07-20Huntress LabsJohn Hammond
@online{hammond:20210720:security:50ec27a, author = {John Hammond}, title = {{Security Researchers’ Hunt to Discover Origins of the Kaseya VSA Mass Ransomware Incident}}, date = {2021-07-20}, organization = {Huntress Labs}, url = {https://www.huntress.com/blog/security-researchers-hunt-to-discover-origins-of-the-kaseya-vsa-mass-ransomware-incident}, language = {English}, urldate = {2021-07-26} } Security Researchers’ Hunt to Discover Origins of the Kaseya VSA Mass Ransomware Incident
REvil
2021-07-02Huntress LabsHuntress Labs
@online{labs:20210702:crticial:5dd39d2, author = {Huntress Labs}, title = {{Crticial Ransomware Incident in Progress}}, date = {2021-07-02}, organization = {Huntress Labs}, url = {https://www.reddit.com/r/msp/comments/ocggbv/crticial_ransomware_incident_in_progress/}, language = {English}, urldate = {2021-07-24} } Crticial Ransomware Incident in Progress
REvil
2021-05-25Huntress LabsMatthew Brennan
@online{brennan:20210525:cobalt:c428be0, author = {Matthew Brennan}, title = {{Cobalt Strikes Again: An Analysis of Obfuscated Malware}}, date = {2021-05-25}, organization = {Huntress Labs}, url = {https://www.huntress.com/blog/cobalt-strike-analysis-of-obfuscated-malware}, language = {English}, urldate = {2021-06-09} } Cobalt Strikes Again: An Analysis of Obfuscated Malware
Cobalt Strike
2021-04-05Huntress LabsJohn Hammond
@online{hammond:20210405:from:6062bef, author = {John Hammond}, title = {{From PowerShell to Payload: An Analysis of Weaponized Malware}}, date = {2021-04-05}, organization = {Huntress Labs}, url = {https://www.huntress.com/blog/from-powershell-to-payload-an-analysis-of-weaponized-malware}, language = {English}, urldate = {2021-05-26} } From PowerShell to Payload: An Analysis of Weaponized Malware
2021-03-05Huntress LabsHuntress Labs
@techreport{labs:20210305:operation:1248e05, author = {Huntress Labs}, title = {{Operation Exchange Marauder}}, date = {2021-03-05}, institution = {Huntress Labs}, url = {https://www.huntress.com/hubfs/Mass%20Exploitation%20of%20Microsoft%20Exchange%20(2).pdf}, language = {English}, urldate = {2021-03-06} } Operation Exchange Marauder
CHINACHOPPER
2021-03-04Huntress LabsHuntress Labs
@online{labs:20210304:operation:1187712, author = {Huntress Labs}, title = {{Operation Exchange Marauder}}, date = {2021-03-04}, organization = {Huntress Labs}, url = {https://www.huntress.com/hubfs/Videos/Webinars/Overlay-Mass_Exploitation_of_Exchange.mp4}, language = {English}, urldate = {2021-03-06} } Operation Exchange Marauder
CHINACHOPPER
2021-03-03Huntress LabsHuntress Labs
@online{labs:20210303:mass:a0ef74d, author = {Huntress Labs}, title = {{Mass exploitation of on-prem Exchange servers :(}}, date = {2021-03-03}, organization = {Huntress Labs}, url = {https://www.reddit.com/r/msp/comments/lwmo5c/mass_exploitation_of_onprem_exchange_servers}, language = {English}, urldate = {2021-03-10} } Mass exploitation of on-prem Exchange servers :(
CHINACHOPPER HAFNIUM
2021-03-03Huntress LabsJohn Hammond
@online{hammond:20210303:rapid:7c97ee5, author = {John Hammond}, title = {{Rapid Response: Mass Exploitation of On-Prem Exchange Servers}}, date = {2021-03-03}, organization = {Huntress Labs}, url = {https://www.huntress.com/blog/rapid-response-mass-exploitation-of-on-prem-exchange-servers}, language = {English}, urldate = {2021-03-10} } Rapid Response: Mass Exploitation of On-Prem Exchange Servers
CHINACHOPPER HAFNIUM
2021-01-28Huntress LabsJohn Hammond
@techreport{hammond:20210128:analyzing:2f8dae2, author = {John Hammond}, title = {{Analyzing Ryuk Another Link in the Cyber Attack Chain}}, date = {2021-01-28}, institution = {Huntress Labs}, url = {https://storage.pardot.com/652283/16118467480sqebwq7/MSP_Security_Summit___John_Hammond_Huntress___Analyzing_Ryuk.pdf}, language = {English}, urldate = {2021-01-29} } Analyzing Ryuk Another Link in the Cyber Attack Chain
BazarBackdoor Ryuk
2020-06-18Medium Huntress LabsJohn Ferrell
@online{ferrell:20200618:hiding:c2db03f, author = {John Ferrell}, title = {{Hiding In Plain Sight}}, date = {2020-06-18}, organization = {Medium Huntress Labs}, url = {https://blog.huntresslabs.com/hiding-in-plain-sight-556469e0a4e}, language = {English}, urldate = {2020-06-19} } Hiding In Plain Sight