Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-05-11IronNetBlake Cahen, IronNet Threat Research
@online{cahen:20220511:detecting:c61fd63, author = {Blake Cahen and IronNet Threat Research}, title = {{Detecting a MUMMY SPIDER campaign and Emotet infection}}, date = {2022-05-11}, organization = {IronNet}, url = {https://www.ironnet.com/blog/detecting-a-mummyspider-campaign-and-emotet-infection}, language = {English}, urldate = {2022-05-17} } Detecting a MUMMY SPIDER campaign and Emotet infection
Emotet
2022-05-08IronNetMichael Leardi, Joey Fitzpatrick, Brent Eskridge
@online{leardi:20220508:tracking:8f52310, author = {Michael Leardi and Joey Fitzpatrick and Brent Eskridge}, title = {{Tracking Cobalt Strike Servers Used in Cyberattacks on Ukraine}}, date = {2022-05-08}, organization = {IronNet}, url = {https://www.ironnet.com/blog/tracking-cobalt-strike-servers-used-in-cyberattacks-on-ukraine}, language = {English}, urldate = {2022-05-09} } Tracking Cobalt Strike Servers Used in Cyberattacks on Ukraine
Cobalt Strike
2021-12-20IronNetPeter Rydzynski, Michael Leardi, Brent Eskridge
@online{rydzynski:20211220:detecting:686a034, author = {Peter Rydzynski and Michael Leardi and Brent Eskridge}, title = {{Detecting anomalous network traffic resulting from a successful Log4j attack}}, date = {2021-12-20}, organization = {IronNet}, url = {https://www.ironnet.com/blog/detecting-anomalous-network-traffic-resulting-from-a-successful-log4j-attack}, language = {English}, urldate = {2022-03-08} } Detecting anomalous network traffic resulting from a successful Log4j attack
2021-11-19IronNetMorgan Demboski
@online{demboski:20211119:is:d05360d, author = {Morgan Demboski}, title = {{Is a coordinated cyberattack brewing in the escalating Russian-Ukrainian conflict?}}, date = {2021-11-19}, organization = {IronNet}, url = {https://www.ironnet.com/blog/is-a-coordinated-cyberattack-brewing-in-the-escalating-russian-ukrainian-conflict}, language = {English}, urldate = {2021-11-25} } Is a coordinated cyberattack brewing in the escalating Russian-Ukrainian conflict?
2021-11-16IronNetIronNet Threat Research, Morgan Demboski, Joey Fitzpatrick, Peter Rydzynski
@online{research:20211116:how:d7fdaf8, author = {IronNet Threat Research and Morgan Demboski and Joey Fitzpatrick and Peter Rydzynski}, title = {{How IronNet's Behavioral Analytics Detect REvil and Conti Ransomware}}, date = {2021-11-16}, organization = {IronNet}, url = {https://www.ironnet.com/blog/ransomware-graphic-blog}, language = {English}, urldate = {2021-11-25} } How IronNet's Behavioral Analytics Detect REvil and Conti Ransomware
Cobalt Strike Conti IcedID REvil
2021-10-12IronNetBrett Fitzpatrick, Joey Fitzpatrick, Morgan Demboski, Peter Rydzynski, IronNet Threat Research
@online{fitzpatrick:20211012:continued:e1f2eb4, author = {Brett Fitzpatrick and Joey Fitzpatrick and Morgan Demboski and Peter Rydzynski and IronNet Threat Research}, title = {{Continued Exploitation of CVE-2021-26084}}, date = {2021-10-12}, organization = {IronNet}, url = {https://www.ironnet.com/blog/continued-exploitation-of-cve-2021-26084}, language = {English}, urldate = {2021-10-25} } Continued Exploitation of CVE-2021-26084
2021-02-19Palo Alto Networks Unit 42Dominik Reichel
@online{reichel:20210219:ironnetinjector:07c7f33, author = {Dominik Reichel}, title = {{IronNetInjector: Turla’s New Malware Loading Tool}}, date = {2021-02-19}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/ironnetinjector/}, language = {English}, urldate = {2021-02-20} } IronNetInjector: Turla’s New Malware Loading Tool
Agent.BTZ TurlaRPC
2020-12-31IronNetIronNet
@online{ironnet:20201231:solarwindssunburst:1422ef4, author = {IronNet}, title = {{SolarWinds/SUNBURST: Behavioral analytics and Collective Defense in action}}, date = {2020-12-31}, organization = {IronNet}, url = {https://www.ironnet.com/blog/solarwinds/sunburst-behavioral-analytics-and-collective-defense-in-action}, language = {English}, urldate = {2021-01-05} } SolarWinds/SUNBURST: Behavioral analytics and Collective Defense in action
SUNBURST
2020-12-24IronNetAdam Hlavek
@online{hlavek:20201224:china:723bed3, author = {Adam Hlavek}, title = {{China cyber attacks: the current threat landscape}}, date = {2020-12-24}, organization = {IronNet}, url = {https://www.ironnet.com/blog/china-cyber-attacks-the-current-threat-landscape}, language = {English}, urldate = {2021-01-01} } China cyber attacks: the current threat landscape
PLEAD TSCookie FlowCloud Lookback PLEAD PlugX Quasar RAT Winnti
2020-12-21IronNetPeter Rydzynski
@online{rydzynski:20201221:solarwindssunburst:cabeea6, author = {Peter Rydzynski}, title = {{SolarWinds/SUNBURST: DGA or DNS Tunneling?}}, date = {2020-12-21}, organization = {IronNet}, url = {https://www.ironnet.com/blog/a-closer-look-at-the-solarwinds/sunburst-malware-dga-or-dns-tunneling}, language = {English}, urldate = {2021-01-05} } SolarWinds/SUNBURST: DGA or DNS Tunneling?
SUNBURST
2020-12-21IronNetAdam Hlavek, Kimberly Ortiz
@online{hlavek:20201221:russian:804662f, author = {Adam Hlavek and Kimberly Ortiz}, title = {{Russian cyber attack campaigns and actors}}, date = {2020-12-21}, organization = {IronNet}, url = {https://www.ironnet.com/blog/russian-cyber-attack-campaigns-and-actors}, language = {English}, urldate = {2021-01-05} } Russian cyber attack campaigns and actors
WellMail elf.wellmess Agent.BTZ BlackEnergy EternalPetya Havex RAT Industroyer Ryuk Triton WellMess
2020-02-06IronNetJonathan Lepore
@online{lepore:20200206:dns:c7069f1, author = {Jonathan Lepore}, title = {{DNS Tunneling Series, Part 3: The Siren Song of RogueRobin}}, date = {2020-02-06}, organization = {IronNet}, url = {https://ironnet.com/blog/dns-tunneling-series-part-3-the-siren-song-of-roguerobin/}, language = {English}, urldate = {2020-02-13} } DNS Tunneling Series, Part 3: The Siren Song of RogueRobin
RogueRobin
2019-09-18IronNetJonathan Lepore
@online{lepore:20190918:chirp:44c11e9, author = {Jonathan Lepore}, title = {{Chirp of the PoisonFrog}}, date = {2019-09-18}, organization = {IronNet}, url = {https://ironnet.com/blog/chirp-of-the-poisonfrog/}, language = {English}, urldate = {2020-01-09} } Chirp of the PoisonFrog
BONDUPDATER