Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-03-30Huntress LabsJohn Hammond
@online{hammond:20230330:3cx:bba6690, author = {John Hammond}, title = {{3CX VoIP Software Compromise & Supply Chain Threats}}, date = {2023-03-30}, organization = {Huntress Labs}, url = {https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats}, language = {English}, urldate = {2023-04-02} } 3CX VoIP Software Compromise & Supply Chain Threats
3CX Backdoor
2022-10-04YouTube (John Hammond)John Hammond
@online{hammond:20221004:havoc:ba93acc, author = {John Hammond}, title = {{HAVOC C2 - Demon Bypasses Windows 11 Defender}}, date = {2022-10-04}, organization = {YouTube (John Hammond)}, url = {https://www.youtube.com/watch?v=ErPKP4Ms28s}, language = {English}, urldate = {2022-10-12} } HAVOC C2 - Demon Bypasses Windows 11 Defender
Havoc
2022-03-01Huntress LabsJohn Hammond
@online{hammond:20220301:targeted:c462269, author = {John Hammond}, title = {{Targeted APT Activity: BABYSHARK Is Out for Blood}}, date = {2022-03-01}, organization = {Huntress Labs}, url = {https://www.huntress.com/blog/targeted-apt-activity-babyshark-is-out-for-blood}, language = {English}, urldate = {2022-03-07} } Targeted APT Activity: BABYSHARK Is Out for Blood
BabyShark
2022-02-18YouTube (John Hammond)John Hammond
@online{hammond:20220218:uncovering:1c5162c, author = {John Hammond}, title = {{Uncovering NETWIRE Malware - Discovery & Deobfuscation}}, date = {2022-02-18}, organization = {YouTube (John Hammond)}, url = {https://www.youtube.com/watch?v=TeQdZxP0RYY}, language = {English}, urldate = {2022-02-19} } Uncovering NETWIRE Malware - Discovery & Deobfuscation
NetWire RC
2021-09-22YouTube (John Hammond)John Hammond
@online{hammond:20210922:snip3:319b687, author = {John Hammond}, title = {{Snip3 Crypter/RAT Loader - DcRat MALWARE ANALYSIS}}, date = {2021-09-22}, organization = {YouTube (John Hammond)}, url = {https://www.youtube.com/watch?v=ElqmQDySy48}, language = {English}, urldate = {2021-09-23} } Snip3 Crypter/RAT Loader - DcRat MALWARE ANALYSIS
DCRat
2021-08-19Huntress LabsJohn Hammond
@online{hammond:20210819:microsoft:a25f571, author = {John Hammond}, title = {{Microsoft Exchange Servers Still Vulnerable to ProxyShell Exploit}}, date = {2021-08-19}, organization = {Huntress Labs}, url = {https://www.huntress.com/blog/rapid-response-microsoft-exchange-servers-still-vulnerable-to-proxyshell-exploit}, language = {English}, urldate = {2021-08-25} } Microsoft Exchange Servers Still Vulnerable to ProxyShell Exploit
2021-07-27Youtube (SANS Institute)Katie Nickels, John Hammond
@online{nickels:20210727:sans:7432e9e, author = {Katie Nickels and John Hammond}, title = {{SANS Threat Analysis Rundown - Kaseya VSA attack}}, date = {2021-07-27}, organization = {Youtube (SANS Institute)}, url = {https://www.youtube.com/watch?v=tZVFMVm5GAk}, language = {English}, urldate = {2021-08-02} } SANS Threat Analysis Rundown - Kaseya VSA attack
REvil
2021-07-20Huntress LabsJohn Hammond
@online{hammond:20210720:security:50ec27a, author = {John Hammond}, title = {{Security Researchers’ Hunt to Discover Origins of the Kaseya VSA Mass Ransomware Incident}}, date = {2021-07-20}, organization = {Huntress Labs}, url = {https://www.huntress.com/blog/security-researchers-hunt-to-discover-origins-of-the-kaseya-vsa-mass-ransomware-incident}, language = {English}, urldate = {2021-07-26} } Security Researchers’ Hunt to Discover Origins of the Kaseya VSA Mass Ransomware Incident
REvil
2021-07-13YouTube (John Hammond)John Hammond
@online{hammond:20210713:jscript:ba194e0, author = {John Hammond}, title = {{JScript Deobfuscation - More WSHRAT (Malware Analysis)}}, date = {2021-07-13}, organization = {YouTube (John Hammond)}, url = {https://www.youtube.com/watch?v=XDAiS6KBDOs}, language = {English}, urldate = {2021-07-26} } JScript Deobfuscation - More WSHRAT (Malware Analysis)
Houdini
2021-04-05Huntress LabsJohn Hammond
@online{hammond:20210405:from:6062bef, author = {John Hammond}, title = {{From PowerShell to Payload: An Analysis of Weaponized Malware}}, date = {2021-04-05}, organization = {Huntress Labs}, url = {https://www.huntress.com/blog/from-powershell-to-payload-an-analysis-of-weaponized-malware}, language = {English}, urldate = {2021-05-26} } From PowerShell to Payload: An Analysis of Weaponized Malware
2021-03-09YouTube (John Hammond)John Hammond
@online{hammond:20210309:hafnium:dc2de8d, author = {John Hammond}, title = {{HAFNIUM - Post-Exploitation Analysis from Microsoft Exchange}}, date = {2021-03-09}, organization = {YouTube (John Hammond)}, url = {https://www.youtube.com/watch?v=rn-6t7OygGk}, language = {English}, urldate = {2021-03-12} } HAFNIUM - Post-Exploitation Analysis from Microsoft Exchange
CHINACHOPPER
2021-03-03Huntress LabsJohn Hammond
@online{hammond:20210303:rapid:7c97ee5, author = {John Hammond}, title = {{Rapid Response: Mass Exploitation of On-Prem Exchange Servers}}, date = {2021-03-03}, organization = {Huntress Labs}, url = {https://www.huntress.com/blog/rapid-response-mass-exploitation-of-on-prem-exchange-servers}, language = {English}, urldate = {2021-03-10} } Rapid Response: Mass Exploitation of On-Prem Exchange Servers
CHINACHOPPER HAFNIUM
2021-03-01YouTube (John Hammond)John Hammond
@online{hammond:20210301:mozi:5b3568d, author = {John Hammond}, title = {{Mozi Malware - Finding Breadcrumbs...}}, date = {2021-03-01}, organization = {YouTube (John Hammond)}, url = {https://www.youtube.com/watch?v=cDFO_MRlg3M}, language = {English}, urldate = {2022-02-19} } Mozi Malware - Finding Breadcrumbs...
Mozi
2021-01-28Huntress LabsJohn Hammond
@techreport{hammond:20210128:analyzing:2f8dae2, author = {John Hammond}, title = {{Analyzing Ryuk Another Link in the Cyber Attack Chain}}, date = {2021-01-28}, institution = {Huntress Labs}, url = {https://storage.pardot.com/652283/16118467480sqebwq7/MSP_Security_Summit___John_Hammond_Huntress___Analyzing_Ryuk.pdf}, language = {English}, urldate = {2021-01-29} } Analyzing Ryuk Another Link in the Cyber Attack Chain
BazarBackdoor Ryuk