Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2018-11-19FireEyeMatthew Dunwoody, Andrew Thompson, Ben Withnell, Jonathan Leathery, Michael Matonis, Nick Carr
@online{dunwoody:20181119:not:e581291, author = {Matthew Dunwoody and Andrew Thompson and Ben Withnell and Jonathan Leathery and Michael Matonis and Nick Carr}, title = {{Not So Cozy: An Uncomfortable Examination of a Suspected APT29 Phishing Campaign}}, date = {2018-11-19}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2018/11/not-so-cozy-an-uncomfortable-examination-of-a-suspected-apt29-phishing-campaign.html}, language = {English}, urldate = {2019-12-20} } Not So Cozy: An Uncomfortable Examination of a Suspected APT29 Phishing Campaign
Cobalt Strike
2017-04-04GitHub (matthewdunwoody)Matthew Dunwoody
@online{dunwoody:20170404:poshspy:dc59dda, author = {Matthew Dunwoody}, title = {{POSHSPY backdoor code}}, date = {2017-04-04}, organization = {GitHub (matthewdunwoody)}, url = {https://github.com/matthewdunwoody/POSHSPY}, language = {English}, urldate = {2019-12-18} } POSHSPY backdoor code
POSHSPY
2017-04-03FireEyeMatthew Dunwoody
@online{dunwoody:20170403:dissecting:65071e7, author = {Matthew Dunwoody}, title = {{Dissecting One of APT29’s Fileless WMI and PowerShell Backdoors (POSHSPY)}}, date = {2017-04-03}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2017/03/dissecting_one_ofap.html}, language = {English}, urldate = {2019-12-20} } Dissecting One of APT29’s Fileless WMI and PowerShell Backdoors (POSHSPY)
POSHSPY APT29