Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-11-19IronNetMorgan Demboski
@online{demboski:20211119:is:d05360d, author = {Morgan Demboski}, title = {{Is a coordinated cyberattack brewing in the escalating Russian-Ukrainian conflict?}}, date = {2021-11-19}, organization = {IronNet}, url = {https://www.ironnet.com/blog/is-a-coordinated-cyberattack-brewing-in-the-escalating-russian-ukrainian-conflict}, language = {English}, urldate = {2021-11-25} } Is a coordinated cyberattack brewing in the escalating Russian-Ukrainian conflict?
2021-11-16IronNetIronNet Threat Research, Morgan Demboski, Joey Fitzpatrick, Peter Rydzynski
@online{research:20211116:how:d7fdaf8, author = {IronNet Threat Research and Morgan Demboski and Joey Fitzpatrick and Peter Rydzynski}, title = {{How IronNet's Behavioral Analytics Detect REvil and Conti Ransomware}}, date = {2021-11-16}, organization = {IronNet}, url = {https://www.ironnet.com/blog/ransomware-graphic-blog}, language = {English}, urldate = {2021-11-25} } How IronNet's Behavioral Analytics Detect REvil and Conti Ransomware
Cobalt Strike Conti IcedID REvil
2021-10-12IronNetBrett Fitzpatrick, Joey Fitzpatrick, Morgan Demboski, Peter Rydzynski, IronNet Threat Research
@online{fitzpatrick:20211012:continued:e1f2eb4, author = {Brett Fitzpatrick and Joey Fitzpatrick and Morgan Demboski and Peter Rydzynski and IronNet Threat Research}, title = {{Continued Exploitation of CVE-2021-26084}}, date = {2021-10-12}, organization = {IronNet}, url = {https://www.ironnet.com/blog/continued-exploitation-of-cve-2021-26084}, language = {English}, urldate = {2021-10-25} } Continued Exploitation of CVE-2021-26084
2021-02-19Palo Alto Networks Unit 42Dominik Reichel
@online{reichel:20210219:ironnetinjector:07c7f33, author = {Dominik Reichel}, title = {{IronNetInjector: Turla’s New Malware Loading Tool}}, date = {2021-02-19}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/ironnetinjector/}, language = {English}, urldate = {2021-02-20} } IronNetInjector: Turla’s New Malware Loading Tool
Agent.BTZ TurlaRPC
2020-12-31IronNetIronNet
@online{ironnet:20201231:solarwindssunburst:1422ef4, author = {IronNet}, title = {{SolarWinds/SUNBURST: Behavioral analytics and Collective Defense in action}}, date = {2020-12-31}, organization = {IronNet}, url = {https://www.ironnet.com/blog/solarwinds/sunburst-behavioral-analytics-and-collective-defense-in-action}, language = {English}, urldate = {2021-01-05} } SolarWinds/SUNBURST: Behavioral analytics and Collective Defense in action
SUNBURST
2020-12-24IronNetAdam Hlavek
@online{hlavek:20201224:china:723bed3, author = {Adam Hlavek}, title = {{China cyber attacks: the current threat landscape}}, date = {2020-12-24}, organization = {IronNet}, url = {https://www.ironnet.com/blog/china-cyber-attacks-the-current-threat-landscape}, language = {English}, urldate = {2021-01-01} } China cyber attacks: the current threat landscape
PLEAD TSCookie FlowCloud Lookback PLEAD PlugX Quasar RAT Winnti
2020-12-21IronNetAdam Hlavek, Kimberly Ortiz
@online{hlavek:20201221:russian:804662f, author = {Adam Hlavek and Kimberly Ortiz}, title = {{Russian cyber attack campaigns and actors}}, date = {2020-12-21}, organization = {IronNet}, url = {https://www.ironnet.com/blog/russian-cyber-attack-campaigns-and-actors}, language = {English}, urldate = {2021-01-05} } Russian cyber attack campaigns and actors
WellMail elf.wellmess Agent.BTZ BlackEnergy EternalPetya Havex RAT Industroyer Ryuk Triton WellMess
2020-12-21IronNetPeter Rydzynski
@online{rydzynski:20201221:solarwindssunburst:cabeea6, author = {Peter Rydzynski}, title = {{SolarWinds/SUNBURST: DGA or DNS Tunneling?}}, date = {2020-12-21}, organization = {IronNet}, url = {https://www.ironnet.com/blog/a-closer-look-at-the-solarwinds/sunburst-malware-dga-or-dns-tunneling}, language = {English}, urldate = {2021-01-05} } SolarWinds/SUNBURST: DGA or DNS Tunneling?
SUNBURST
2020-02-06IronNetJonathan Lepore
@online{lepore:20200206:dns:c7069f1, author = {Jonathan Lepore}, title = {{DNS Tunneling Series, Part 3: The Siren Song of RogueRobin}}, date = {2020-02-06}, organization = {IronNet}, url = {https://ironnet.com/blog/dns-tunneling-series-part-3-the-siren-song-of-roguerobin/}, language = {English}, urldate = {2020-02-13} } DNS Tunneling Series, Part 3: The Siren Song of RogueRobin
RogueRobin
2019-09-18IronNetJonathan Lepore
@online{lepore:20190918:chirp:44c11e9, author = {Jonathan Lepore}, title = {{Chirp of the PoisonFrog}}, date = {2019-09-18}, organization = {IronNet}, url = {https://ironnet.com/blog/chirp-of-the-poisonfrog/}, language = {English}, urldate = {2020-01-09} } Chirp of the PoisonFrog
BONDUPDATER