Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-10-20MandiantJacob Thompson
@online{thompson:20211020:hidden:c64ea48, author = {Jacob Thompson}, title = {{Hidden in Plain Sight: Identifying Cryptography in BLACKMATTER Ransomware}}, date = {2021-10-20}, organization = {Mandiant}, url = {https://www.mandiant.com/resources/cryptography-blackmatter-ransomware}, language = {English}, urldate = {2021-11-02} } Hidden in Plain Sight: Identifying Cryptography in BLACKMATTER Ransomware
BlackMatter
2021-04-20FireEyeDan Perez, Sarah Jones, Greg Wood, Stephen Eckels, Stroz Friedberg, Joshua Villanueva, Regina Elwell, Jonathan Lepore, Dimiter Andonov, Josh Triplett, Jacob Thompson
@online{perez:20210420:check:986d162, author = {Dan Perez and Sarah Jones and Greg Wood and Stephen Eckels and Stroz Friedberg and Joshua Villanueva and Regina Elwell and Jonathan Lepore and Dimiter Andonov and Josh Triplett and Jacob Thompson}, title = {{Check Your Pulse: Suspected APT Actors Leverage Authentication Bypass Techniques and Pulse Secure Zero-Day}}, date = {2021-04-20}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2021/04/suspected-apt-actors-leverage-bypass-techniques-pulse-secure-zero-day.html}, language = {English}, urldate = {2021-04-21} } Check Your Pulse: Suspected APT Actors Leverage Authentication Bypass Techniques and Pulse Secure Zero-Day
2020-11-12BrightTALK (FireEye)Justin Moore, Jacob Thompson
@online{moore:20201112:living:a1593bb, author = {Justin Moore and Jacob Thompson}, title = {{Living Off The Land on a Private Island: An Overview of UNC1945}}, date = {2020-11-12}, organization = {BrightTALK (FireEye)}, url = {https://www.brighttalk.com/webcast/7451/451508}, language = {English}, urldate = {2020-12-15} } Living Off The Land on a Private Island: An Overview of UNC1945
2020-11-04FireEyeJacob Thompson, Jeffrey Martin, Rapid7
@online{thompson:20201104:in:0931c66, author = {Jacob Thompson and Jeffrey Martin and Rapid7}, title = {{In Wild Critical Buffer Overflow Vulnerability in Solaris Can Allow Remote Takeover — CVE-2020-14871}}, date = {2020-11-04}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2020/11/critical-buffer-overflow-vulnerability-in-solaris-can-allow-remote-takeover.html}, language = {English}, urldate = {2020-11-09} } In Wild Critical Buffer Overflow Vulnerability in Solaris Can Allow Remote Takeover — CVE-2020-14871
2020-05-12FireEyeJacob Thompson
@online{thompson:20200512:analyzing:2dceb57, author = {Jacob Thompson}, title = {{Analyzing Dark Crystal RAT, a C# backdoor}}, date = {2020-05-12}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2020/05/analyzing-dark-crystal-rat-backdoor.html}, language = {English}, urldate = {2020-05-18} } Analyzing Dark Crystal RAT, a C# backdoor
DCRat