Click here to download all references as Bib-File.
2021-02-26 ⋅ YouTube (Black Hat) ⋅ FASTCash and INJX_Pure: How Threat Actors Use Public Standards for Financial Fraud FastCash |
2021-02-01 ⋅ One Night in Norfolk ⋅ DPRK Targeting Researchers II: .Sys Payload and Registry Hunting ComeBacker |
2021-01-26 ⋅ One Night in Norfolk ⋅ DPRK Malware Targeting Security Researchers ComeBacker |
2020-11-02 ⋅ One Night in Norfolk ⋅ TinyPOS and ProLocker: An Odd Relationship AbaddonPOS PwndLocker |
2020-08-05 ⋅ BlackHat ⋅ FASTCashand INJX_PURE: How Threat Actors Use Public Standards for Financial Fraud FastCash |
2020-08-05 ⋅ BlackHat ⋅ FASTCash and Associated Intrusion Techniques FastCash |
2020-05-18 ⋅ One Night in Norfolk ⋅ Looking Back at LiteDuke LiteDuke |
2020-03-30 ⋅ One Night in Norfolk ⋅ A New Look at Old Dragonfly Malware (Goodor) Goodor |
2020-03-27 ⋅ One Night in Norfolk ⋅ The First Stage of ShadowHammer shadowhammer |
2019-10-02 ⋅ One Night in Norfolk ⋅ Another Lazarus Injector |
2019-08-11 ⋅ Twitter (@KevinPerlow) ⋅ Updated #Lazarus Keylogger (uploaded June) PSLogger |
2019-07-31 ⋅ Twitter (@KevinPerlow) ⋅ Tweet on DPRK malware NetKey |
2019-07-22 ⋅ One Night in Norfolk ⋅ APT33 PowerShell Malware POWERTON |
2019-07-22 ⋅ One Night in Norfolk ⋅ The Lazarus Injector |
2019-07-21 ⋅ One Night in Norfolk ⋅ Emissary Panda DLL Backdoor HyperSSL |
2019-06-05 ⋅ One Night in Norfolk ⋅ Possible Turla HTTP Listener |
2019-05-07 ⋅ One Night in Norfolk ⋅ “Filesnfer” Tool (C#, Python) XServer |
2019-04-03 ⋅ One Night in Norfolk ⋅ Possible ShadowHammer Targeting (Low Confidence) shadowhammer |
2019-03-24 ⋅ One Night in Norfolk ⋅ JEShell: An OceanLotus (APT32) Backdoor Cobalt Strike KerrDown |
2019-02-25 ⋅ One Night in Norfolk ⋅ How To: Analyzing a Malicious Hangul Word Processor Document from a DPRK Threat Actor Group NavRAT |