Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-02-08Huntress LabsJoe Slowik, Matt Anderson
@online{slowik:20230208:investigating:4b8fbaf, author = {Joe Slowik and Matt Anderson}, title = {{Investigating Intrusions From Intriguing Exploits}}, date = {2023-02-08}, organization = {Huntress Labs}, url = {https://www.huntress.com/blog/investigating-intrusions-from-intriguing-exploits}, language = {English}, urldate = {2023-04-06} } Investigating Intrusions From Intriguing Exploits
Silence
2022-11-23Stranded on Pylos BlogJoe Slowik
@online{slowik:20221123:detailing:3a1ddea, author = {Joe Slowik}, title = {{Detailing Daily Domain Hunting}}, date = {2022-11-23}, organization = {Stranded on Pylos Blog}, url = {https://pylos.co/2022/11/23/detailing-daily-domain-hunting/}, language = {English}, urldate = {2022-11-25} } Detailing Daily Domain Hunting
2022-04-23Stranded on Pylos BlogJoe Slowik
@online{slowik:20220423:industroyer2:c8064df, author = {Joe Slowik}, title = {{Industroyer2 in Perspective}}, date = {2022-04-23}, organization = {Stranded on Pylos Blog}, url = {https://pylos.co/2022/04/23/industroyer2-in-perspective/}, language = {English}, urldate = {2022-04-25} } Industroyer2 in Perspective
INDUSTROYER2
2022-01-27GigamonJoe Slowik
@online{slowik:20220127:focusing:5b47208, author = {Joe Slowik}, title = {{Focusing on “Left of Boom”}}, date = {2022-01-27}, organization = {Gigamon}, url = {https://blog.gigamon.com/2022/01/28/focusing-on-left-of-boom/}, language = {English}, urldate = {2022-02-02} } Focusing on “Left of Boom”
WhisperGate
2021-12-30Stranded on Pylos BlogJoe Slowik
@online{slowik:20211230:lights:65d52c9, author = {Joe Slowik}, title = {{Lights Out in Isfahan}}, date = {2021-12-30}, organization = {Stranded on Pylos Blog}, url = {https://pylos.co/2021/12/30/lights-out-in-isfahan/}, language = {English}, urldate = {2022-01-25} } Lights Out in Isfahan
2021-12-21GigamonJoe Slowik
@online{slowik:20211221:log:c950f86, author = {Joe Slowik}, title = {{The Log Keeps Rolling On: Evaluating Log4j Developments and Defensive Requirements}}, date = {2021-12-21}, organization = {Gigamon}, url = {https://blog.gigamon.com/2021/12/21/the-log-keeps-rolling-on-evaluating-log4j-developments-and-defensive-requirements/}, language = {English}, urldate = {2022-02-10} } The Log Keeps Rolling On: Evaluating Log4j Developments and Defensive Requirements
2021-12-14GigamonJoe Slowik
@online{slowik:20211214:network:0d17ac7, author = {Joe Slowik}, title = {{Network Security Monitoring Opportunities and Best Practices for Log4j Defense}}, date = {2021-12-14}, organization = {Gigamon}, url = {https://blog.gigamon.com/2021/12/14/network-security-monitoring-opportunities-and-best-practices-for-log4j-defense/}, language = {English}, urldate = {2022-02-10} } Network Security Monitoring Opportunities and Best Practices for Log4j Defense
2021-10-25GigamonJoe Slowik
@online{slowik:20211025:bear:ea7ac23, author = {Joe Slowik}, title = {{Bear in the Net: A Network-Focused Perspective on Berserk Bear}}, date = {2021-10-25}, organization = {Gigamon}, url = {https://blog.gigamon.com/2021/10/25/bear-in-the-net-a-network-focused-perspective-on-berserk-bear/}, language = {English}, urldate = {2022-02-10} } Bear in the Net: A Network-Focused Perspective on Berserk Bear
2021-09-10GigamonJoe Slowik
@online{slowik:20210910:rendering:59082b0, author = {Joe Slowik}, title = {{Rendering Threats: A Network Perspective}}, date = {2021-09-10}, organization = {Gigamon}, url = {https://blog.gigamon.com/2021/09/10/rendering-threats-a-network-perspective/}, language = {English}, urldate = {2023-04-06} } Rendering Threats: A Network Perspective
BumbleBee Cobalt Strike
2021-09-09Stranded on Pylos BlogJoe Slowik
@online{slowik:20210909:spectrum:0b31314, author = {Joe Slowik}, title = {{A Spectrum of State Ransomware Responsibility}}, date = {2021-09-09}, organization = {Stranded on Pylos Blog}, url = {https://pylos.co/2021/09/09/a-spectrum-of-state-ransomware-responsibility/}, language = {English}, urldate = {2021-09-28} } A Spectrum of State Ransomware Responsibility
2021-07-27GigamonJoe Slowik
@online{slowik:20210727:ghosts:af3dc18, author = {Joe Slowik}, title = {{Ghosts on the Wire: Expanding Conceptions of Network Anomalies}}, date = {2021-07-27}, organization = {Gigamon}, url = {https://blog.gigamon.com/2021/07/27/ghosts-on-the-wire-expanding-conceptions-of-network-anomalies/}, language = {English}, urldate = {2021-08-02} } Ghosts on the Wire: Expanding Conceptions of Network Anomalies
SUNBURST
2021-07-08GigamonJoe Slowik
@online{slowik:20210708:observations:21f913b, author = {Joe Slowik}, title = {{Observations and Recommendations from the Ongoing REvil-Kaseya Incident}}, date = {2021-07-08}, organization = {Gigamon}, url = {https://blog.gigamon.com/2021/07/08/observations-and-recommendations-from-the-ongoing-revil-kaseya-incident/}, language = {English}, urldate = {2021-07-12} } Observations and Recommendations from the Ongoing REvil-Kaseya Incident
REvil
2021-06-24GigamonJoe Slowik
@techreport{slowik:20210624:baffling:d37b293, author = {Joe Slowik}, title = {{The Baffling Berserk Bear: A Decade's Activity targeting Critical Infrastructure}}, date = {2021-06-24}, institution = {Gigamon}, url = {https://vblocalhost.com/uploads/VB2021-Slowik.pdf}, language = {English}, urldate = {2021-10-26} } The Baffling Berserk Bear: A Decade's Activity targeting Critical Infrastructure
Havex RAT Heriplor Karagany
2021-06-17GigamonJoe Slowik
@online{slowik:20210617:hold:dc6ce6d, author = {Joe Slowik}, title = {{Hold the Door: Examining Exfiltration Activity and Applying Countermeasures}}, date = {2021-06-17}, organization = {Gigamon}, url = {https://blog.gigamon.com/2021/06/17/hold-the-door-examining-exfiltration-activity-and-applying-countermeasures}, language = {English}, urldate = {2021-06-22} } Hold the Door: Examining Exfiltration Activity and Applying Countermeasures
2021-05-17GigamonJoe Slowik
@online{slowik:20210517:tracking:060c759, author = {Joe Slowik}, title = {{Tracking DarkSide and Ransomware: The Network View}}, date = {2021-05-17}, organization = {Gigamon}, url = {https://blog.gigamon.com/2021/05/17/tracking-darkside-and-ransomware-the-network-view/}, language = {English}, urldate = {2021-05-17} } Tracking DarkSide and Ransomware: The Network View
DarkSide DarkSide
2021-05-13Stranded on Pylos BlogJoe Slowik
@online{slowik:20210513:mind:66194c8, author = {Joe Slowik}, title = {{Mind the (Air) Gap}}, date = {2021-05-13}, organization = {Stranded on Pylos Blog}, url = {https://pylos.co/2021/05/13/mind-the-air-gap/}, language = {English}, urldate = {2021-05-17} } Mind the (Air) Gap
DarkSide
2021-04-29DomainToolsJoe Slowik
@online{slowik:20210429:leaping:b1c6f2f, author = {Joe Slowik}, title = {{Leaping Down a Rabbit Hole of Fraud and Misdirection}}, date = {2021-04-29}, organization = {DomainTools}, url = {https://www.domaintools.com/resources/blog/leaping-down-a-rabbit-hole-of-fraud-and-misdirection}, language = {English}, urldate = {2021-05-03} } Leaping Down a Rabbit Hole of Fraud and Misdirection
2021-04-22DomainToolsJoe Slowik
@online{slowik:20210422:undersea:b41a1d6, author = {Joe Slowik}, title = {{An Undersea Royal Road: Exploring Malicious Documents and Associated Malware}}, date = {2021-04-22}, organization = {DomainTools}, url = {https://www.domaintools.com/resources/blog/an-undersea-royal-road-exploring-malicious-documents-and-associated-malware}, language = {English}, urldate = {2021-04-28} } An Undersea Royal Road: Exploring Malicious Documents and Associated Malware
2021-04-01DomainToolsJoe Slowik
@online{slowik:20210401:covid19:6a96e45, author = {Joe Slowik}, title = {{COVID-19 Phishing With a Side of Cobalt Strike}}, date = {2021-04-01}, organization = {DomainTools}, url = {https://www.domaintools.com/resources/blog/covid-19-phishing-with-a-side-of-cobalt-strike#}, language = {English}, urldate = {2021-04-06} } COVID-19 Phishing With a Side of Cobalt Strike
Cobalt Strike
2021-03-10DomainToolsJoe Slowik
@online{slowik:20210310:examining:e3eee78, author = {Joe Slowik}, title = {{Examining Exchange Exploitation and its Lessons for Defenders}}, date = {2021-03-10}, organization = {DomainTools}, url = {https://www.domaintools.com/resources/blog/examining-exchange-exploitation-and-its-lessons-for-defenders}, language = {English}, urldate = {2021-03-12} } Examining Exchange Exploitation and its Lessons for Defenders
CHINACHOPPER