Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-01-20BrightTALK (Mandiant)John Hultquist, Matthew McWhirt
@online{hultquist:20220120:anticipating:b2d356a, author = {John Hultquist and Matthew McWhirt}, title = {{Anticipating and Preparing for Russian Cyber Activity}}, date = {2022-01-20}, organization = {BrightTALK (Mandiant)}, url = {https://www.brighttalk.com/webcast/7451/527124}, language = {English}, urldate = {2022-02-14} } Anticipating and Preparing for Russian Cyber Activity
2022-01-14MandiantMatthew McWhirt, Daniel Smith, Omar Toor, Bryan Turner
@online{mcwhirt:20220114:proactive:5ecb6a7, author = {Matthew McWhirt and Daniel Smith and Omar Toor and Bryan Turner}, title = {{Proactive Preparation and Hardening to Protect Against Destructive Attacks}}, date = {2022-01-14}, organization = {Mandiant}, url = {https://www.mandiant.com/media/14506/download}, language = {English}, urldate = {2022-01-18} } Proactive Preparation and Hardening to Protect Against Destructive Attacks
2021-12-15MandiantMatthew McWhirt, John Hultquist
@online{mcwhirt:20211215:log4shell:9216a09, author = {Matthew McWhirt and John Hultquist}, title = {{Log4Shell Initial Exploitation and Mitigation Recommendations}}, date = {2021-12-15}, organization = {Mandiant}, url = {https://www.mandiant.com/resources/log4shell-recommendations}, language = {English}, urldate = {2021-12-31} } Log4Shell Initial Exploitation and Mitigation Recommendations
2021-01-19FireEyeMike Burns, Matthew McWhirt, Douglas Bienstock, Nick Bennett
@online{burns:20210119:remediation:76c7695, author = {Mike Burns and Matthew McWhirt and Douglas Bienstock and Nick Bennett}, title = {{Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452}}, date = {2021-01-19}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2021/01/remediation-and-hardening-strategies-for-microsoft-365-to-defend-against-unc2452.html}, language = {English}, urldate = {2021-01-21} } Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452
2021-01-19MandiantMike Burns, Matthew McWhirt, Douglas Bienstock, Nick Bennett
@techreport{burns:20210119:remediation:044c1db, author = {Mike Burns and Matthew McWhirt and Douglas Bienstock and Nick Bennett}, title = {{Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452 (WHITE PAPER)}}, date = {2021-01-19}, institution = {Mandiant}, url = {https://www.fireeye.com/content/dam/fireeye-www/blog/pdfs/wp-m-unc2452-2021-000343-01.pdf}, language = {English}, urldate = {2021-01-21} } Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452 (WHITE PAPER)
2020-12-13FireEyeAndrew Archer, Doug Bienstock, Chris DiGiamo, Glenn Edwards, Nick Hornick, Alex Pennino, Andrew Rector, Scott Runnels, Eric Scales, Nalani Fraiser, Sarah Jones, John Hultquist, Ben Read, Jon Leathery, Fred House, Dileep Jallepalli, Michael Sikorski, Stephen Eckels, William Ballenthin, Jay Smith, Alex Berry, Nick Richard, Isif Ibrahima, Dan Perez, Marcin Siedlarz, Ben Withnell, Barry Vengerik, Nicole Oppenheim, Ian Ahl, Andrew Thompson, Matt Dunwoody, Evan Reese, Steve Miller, Alyssa Rahman, John Gorman, Lennard Galang, Steve Stone, Nick Bennett, Matthew McWhirt, Mike Burns, Omer Baig, Nick Carr, Christopher Glyer, Ramin Nafisi, Microsoft
@online{archer:20201213:highly:9fe1728, author = {Andrew Archer and Doug Bienstock and Chris DiGiamo and Glenn Edwards and Nick Hornick and Alex Pennino and Andrew Rector and Scott Runnels and Eric Scales and Nalani Fraiser and Sarah Jones and John Hultquist and Ben Read and Jon Leathery and Fred House and Dileep Jallepalli and Michael Sikorski and Stephen Eckels and William Ballenthin and Jay Smith and Alex Berry and Nick Richard and Isif Ibrahima and Dan Perez and Marcin Siedlarz and Ben Withnell and Barry Vengerik and Nicole Oppenheim and Ian Ahl and Andrew Thompson and Matt Dunwoody and Evan Reese and Steve Miller and Alyssa Rahman and John Gorman and Lennard Galang and Steve Stone and Nick Bennett and Matthew McWhirt and Mike Burns and Omer Baig and Nick Carr and Christopher Glyer and Ramin Nafisi and Microsoft}, title = {{Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor}}, date = {2020-12-13}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html}, language = {English}, urldate = {2020-12-19} } Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor
SUNBURST SUPERNOVA TEARDROP UNC2452
2017-05-03FireEyeMatthew McWhirt, Jon Erickson, DJ Palombo
@online{mcwhirt:20170503:to:0acd52b, author = {Matthew McWhirt and Jon Erickson and DJ Palombo}, title = {{To SDB, Or Not To SDB: FIN7 Leveraging Shim Databases for Persistence}}, date = {2017-05-03}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2017/05/fin7-shim-databases-persistence.html}, language = {English}, urldate = {2019-12-20} } To SDB, Or Not To SDB: FIN7 Leveraging Shim Databases for Persistence
FIN7