Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-09-26CrowdStrikeIoan Iacob, Iulian Madalin Ionita
@online{iacob:20220926:anatomy:248e6ff, author = {Ioan Iacob and Iulian Madalin Ionita}, title = {{The Anatomy of Wiper Malware, Part 3: Input/Output Controls}}, date = {2022-09-26}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/the-anatomy-of-wiper-malware-part-3/}, language = {English}, urldate = {2022-09-29} } The Anatomy of Wiper Malware, Part 3: Input/Output Controls
CaddyWiper DEADWOOD DistTrack DoubleZero DUSTMAN HermeticWiper IsaacWiper Meteor Petya Sierra(Alfa,Bravo, ...) StoneDrill WhisperGate ZeroCleare
2022-09-15SentinelOneJim Walter
@online{walter:20220915:from:0d72348, author = {Jim Walter}, title = {{From the Front Lines | Slam! Anatomy of a Publicly-Available Ransomware Builder}}, date = {2022-09-15}, organization = {SentinelOne}, url = {https://www.sentinelone.com/blog/from-the-front-lines-slam-anatomy-of-a-publicly-available-ransomware-builder/}, language = {English}, urldate = {2022-09-26} } From the Front Lines | Slam! Anatomy of a Publicly-Available Ransomware Builder
Slam
2022-08-24CrowdStrikeIoan Iacob, Iulian Madalin Ionita
@online{iacob:20220824:anatomy:64f6451, author = {Ioan Iacob and Iulian Madalin Ionita}, title = {{The Anatomy of Wiper Malware, Part 2: Third-Party Drivers}}, date = {2022-08-24}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/the-anatomy-of-wiper-malware-part-2}, language = {English}, urldate = {2022-08-31} } The Anatomy of Wiper Malware, Part 2: Third-Party Drivers
2022-08-12CrowdStrikeIoan Iacob, Iulian Madalin Ionita
@online{iacob:20220812:anatomy:b13ce32, author = {Ioan Iacob and Iulian Madalin Ionita}, title = {{The Anatomy of Wiper Malware, Part 1: Common Techniques}}, date = {2022-08-12}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/the-anatomy-of-wiper-malware-part-1/}, language = {English}, urldate = {2022-08-15} } The Anatomy of Wiper Malware, Part 1: Common Techniques
Apostle CaddyWiper DistTrack DoubleZero DUSTMAN HermeticWiper IsaacWiper IsraBye KillDisk Meteor Olympic Destroyer Ordinypt Petya Sierra(Alfa,Bravo, ...) StoneDrill WhisperGate ZeroCleare
2022-07-20Advanced IntelligenceVitali Kremez, Yelisey Boguslavskiy, Marley Smith
@online{kremez:20220720:anatomy:cd94a81, author = {Vitali Kremez and Yelisey Boguslavskiy and Marley Smith}, title = {{Anatomy of Attack: Truth Behind the Costa Rica Government Ransomware 5-Day Intrusion}}, date = {2022-07-20}, organization = {Advanced Intelligence}, url = {https://www.advintel.io/post/anatomy-of-attack-truth-behind-the-costa-rica-government-ransomware-5-day-intrusion}, language = {English}, urldate = {2022-07-25} } Anatomy of Attack: Truth Behind the Costa Rica Government Ransomware 5-Day Intrusion
Cobalt Strike
2022-07-18NetWitnessStefano Maccaglia, Will Gragido
@techreport{maccaglia:20220718:fin13:bcc74d2, author = {Stefano Maccaglia and Will Gragido}, title = {{FIN13 (Elephant Beetle): Viva la Threat! Anatomy of a Fintech Attack}}, date = {2022-07-18}, institution = {NetWitness}, url = {https://www.netwitness.com/wp-content/uploads/FIN13-Elephant-Beetle-NetWitness.pdf}, language = {English}, urldate = {2022-08-05} } FIN13 (Elephant Beetle): Viva la Threat! Anatomy of a Fintech Attack
FIN13
2022-06-16RiskIQJennifer Grob
@online{grob:20220616:riskiq:319bce7, author = {Jennifer Grob}, title = {{RiskIQ: New ManaTools Panel Identified}}, date = {2022-06-16}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/69dfdba2}, language = {English}, urldate = {2022-07-01} } RiskIQ: New ManaTools Panel Identified
2022-06-13SANS ISCRenato Marinho
@online{marinho:20220613:translating:633e46a, author = {Renato Marinho}, title = {{Translating Saitama's DNS tunneling messages}}, date = {2022-06-13}, organization = {SANS ISC}, url = {https://isc.sans.edu/diary/Translating+Saitama%27s+DNS+tunneling+messages/28738}, language = {English}, urldate = {2022-06-16} } Translating Saitama's DNS tunneling messages
Saitama Backdoor
2022-03-21Azure DevOps (Mastadamus)Mastadamus
@online{mastadamus:20220321:anatomy:5e52c7b, author = {Mastadamus}, title = {{Anatomy of An Mirai Botnet Attack}}, date = {2022-03-21}, organization = {Azure DevOps (Mastadamus)}, url = {https://dev.azure.com/Mastadamus/Mirai%20Botnet%20Analysis/_wiki/wikis/Mirai-Botnet-Analysis.wiki/12/Anatomy-of-An-Mirai-Botnet-Attack}, language = {English}, urldate = {2022-03-22} } Anatomy of An Mirai Botnet Attack
Mirai
2021-12-28Morphus LabsRenato Marinho
@online{marinho:20211228:attackers:48320eb, author = {Renato Marinho}, title = {{Attackers are abusing MSBuild to evade defenses and implant Cobalt Strike beacons}}, date = {2021-12-28}, organization = {Morphus Labs}, url = {https://morphuslabs.com/attackers-are-abusing-msbuild-to-evade-defenses-and-implant-cobalt-strike-beacons-edac4ab84f42}, language = {English}, urldate = {2021-12-31} } Attackers are abusing MSBuild to evade defenses and implant Cobalt Strike beacons
Cobalt Strike
2021-12-12SophosSean Gallagher
@online{gallagher:20211212:log4shell:0609a1c, author = {Sean Gallagher}, title = {{Log4Shell Hell: anatomy of an exploit outbreak}}, date = {2021-12-12}, organization = {Sophos}, url = {https://news.sophos.com/en-us/2021/12/12/log4shell-hell-anatomy-of-an-exploit-outbreak/}, language = {English}, urldate = {2021-12-31} } Log4Shell Hell: anatomy of an exploit outbreak
2021-10-27CERT.PLCERT.PL
@online{certpl:20211027:vidar:8fe3984, author = {CERT.PL}, title = {{Vidar stealer campaign targeting Baltic region and NATO entities}}, date = {2021-10-27}, organization = {CERT.PL}, url = {https://cert.pl/en/posts/2021/10/vidar-campaign/}, language = {English}, urldate = {2021-11-02} } Vidar stealer campaign targeting Baltic region and NATO entities
Vidar
2021-09-02nvisoMaxime Thiebaut
@online{thiebaut:20210902:anatomy:7db38c7, author = {Maxime Thiebaut}, title = {{Anatomy and Disruption of Metasploit Shellcode}}, date = {2021-09-02}, organization = {nviso}, url = {https://blog.nviso.eu/2021/09/02/anatomy-and-disruption-of-metasploit-shellcode/}, language = {English}, urldate = {2021-09-06} } Anatomy and Disruption of Metasploit Shellcode
2021-08-06ESET ResearchZuzana Hromcová, Anton Cherepanov
@online{hromcov:20210806:anatomy:27b293f, author = {Zuzana Hromcová and Anton Cherepanov}, title = {{Anatomy of native IIS malware}}, date = {2021-08-06}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/08/06/anatomy-native-iis-malware/}, language = {English}, urldate = {2021-08-09} } Anatomy of native IIS malware
IISniff RGDoor
2021-08-04ESET ResearchZuzana Hromcová
@techreport{hromcov:20210804:anatomy:e1c9d94, author = {Zuzana Hromcová}, title = {{Anatomy of Native IIS Malware (white papaer)}}, date = {2021-08-04}, institution = {ESET Research}, url = {https://i.blackhat.com/USA21/Wednesday-Handouts/us-21-Anatomy-Of-Native-Iis-Malware-wp.pdf}, language = {English}, urldate = {2021-08-06} } Anatomy of Native IIS Malware (white papaer)
IISniff RGDoor
2021-08-04ESET ResearchZuzana Hromcová
@techreport{hromcov:20210804:anatomy:2bcd04b, author = {Zuzana Hromcová}, title = {{Anatomy of Native IIS Malware (slides)}}, date = {2021-08-04}, institution = {ESET Research}, url = {https://i.blackhat.com/USA21/Wednesday-Handouts/us-21-Anatomy-Of-Native-Iis-Malware.pdf}, language = {English}, urldate = {2021-08-06} } Anatomy of Native IIS Malware (slides)
IISniff RGDoor
2021-06-28MalwarebytesJérôme Segura
@online{segura:20210628:lil:e675ba5, author = {Jérôme Segura}, title = {{Lil' skimmer, the Magecart impersonator - Malwarebytes Labs}}, date = {2021-06-28}, organization = {Malwarebytes}, url = {https://blog.malwarebytes.com/cybercrime/2021/06/lil-skimmer-the-magecart-impersonator/}, language = {English}, urldate = {2021-07-09} } Lil' skimmer, the Magecart impersonator - Malwarebytes Labs
magecart
2021-06-19NATONATO Strategic CommunicationsCentre of Excellence
@techreport{excellence:20210619:russias:27ef3e8, author = {NATO Strategic CommunicationsCentre of Excellence}, title = {{Russia's Strategy in Cyberspace}}, date = {2021-06-19}, institution = {NATO}, url = {https://stratcomcoe.org/cuploads/pfiles/Nato-Cyber-Report_15-06-2021.pdf}, language = {English}, urldate = {2021-06-24} } Russia's Strategy in Cyberspace
2021-05-12Zero DayKim Zetter
@online{zetter:20210512:anatomy:f5df5c4, author = {Kim Zetter}, title = {{Anatomy of a $2 Million Darkside Ransomware Breach}}, date = {2021-05-12}, organization = {Zero Day}, url = {https://zetter.substack.com/p/anatomy-of-one-of-the-first-darkside}, language = {English}, urldate = {2021-05-13} } Anatomy of a $2 Million Darkside Ransomware Breach
DarkSide
2021-04-26nvisoMaxime Thiebaut
@online{thiebaut:20210426:anatomy:0ade0a5, author = {Maxime Thiebaut}, title = {{Anatomy of Cobalt Strike’s DLL Stager}}, date = {2021-04-26}, organization = {nviso}, url = {https://blog.nviso.eu/2021/04/26/anatomy-of-cobalt-strike-dll-stagers/}, language = {English}, urldate = {2021-04-29} } Anatomy of Cobalt Strike’s DLL Stager
Cobalt Strike