Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-07-05NCC GroupNCC RIFT
@online{rift:20200705:rift:8b05486, author = {NCC RIFT}, title = {{RIFT: F5 Networks K52145254: TMUI RCE vulnerability CVE-2020-5902 Intelligence}}, date = {2020-07-05}, organization = {NCC Group}, url = {https://research.nccgroup.com/2020/07/05/rift-f5-networks-k52145254-tmui-rce-vulnerability-cve-2020-5902-intelligence/}, language = {English}, urldate = {2020-07-08} } RIFT: F5 Networks K52145254: TMUI RCE vulnerability CVE-2020-5902 Intelligence
2020-06-23NCC GroupNikolaos Pantazopoulos, Stefano Antenucci, Michael Sandee
@online{pantazopoulos:20200623:wastedlocker:112d6b3, author = {Nikolaos Pantazopoulos and Stefano Antenucci and Michael Sandee}, title = {{WastedLocker: A New Ransomware Variant Developed By The Evil Corp Group}}, date = {2020-06-23}, organization = {NCC Group}, url = {https://research.nccgroup.com/2020/06/23/wastedlocker-a-new-ransomware-variant-developed-by-the-evil-corp-group/}, language = {English}, urldate = {2020-06-23} } WastedLocker: A New Ransomware Variant Developed By The Evil Corp Group
Cobalt Strike ISFB WastedLocker
2020-06-15NCC GroupExploit Development Group
@online{group:20200615:striking:8fdf4bb, author = {Exploit Development Group}, title = {{Striking Back at Retired Cobalt Strike: A look at a legacy vulnerability}}, date = {2020-06-15}, organization = {NCC Group}, url = {https://research.nccgroup.com/2020/06/15/striking-back-at-retired-cobalt-strike-a-look-at-a-legacy-vulnerability/}, language = {English}, urldate = {2020-06-16} } Striking Back at Retired Cobalt Strike: A look at a legacy vulnerability
Cobalt Strike
2020-06-02NCC GroupNikolaos Pantazopoulos, Stefano Antenucci
@online{pantazopoulos:20200602:indepth:bc09c9f, author = {Nikolaos Pantazopoulos and Stefano Antenucci}, title = {{In-depth analysis of the new Team9 malware family}}, date = {2020-06-02}, organization = {NCC Group}, url = {https://research.nccgroup.com/2020/06/02/in-depth-analysis-of-the-new-team9-malware-family/}, language = {English}, urldate = {2020-06-03} } In-depth analysis of the new Team9 malware family
BazarBackdoor
2018-06-12NCC GroupBen Humphrey
@online{humphrey:20180612:cve20178570:4d94250, author = {Ben Humphrey}, title = {{CVE-2017-8570 RTF and the Sisfader RAT}}, date = {2018-06-12}, organization = {NCC Group}, url = {https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/june/cve-2017-8750-rtf-and-the-sisfader-rat/}, language = {English}, urldate = {2020-01-07} } CVE-2017-8570 RTF and the Sisfader RAT
Sisfader
2018-05-18NCC GroupNikolaos Pantazopoulos, Thomas Henry
@online{pantazopoulos:20180518:emissary:ed9583a, author = {Nikolaos Pantazopoulos and Thomas Henry}, title = {{Emissary Panda – A potential new malicious tool}}, date = {2018-05-18}, organization = {NCC Group}, url = {https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/may/emissary-panda-a-potential-new-malicious-tool/}, language = {English}, urldate = {2020-01-10} } Emissary Panda – A potential new malicious tool
HttpBrowser
2018-04-17NCC GroupNikolaos Pantazopoulos
@online{pantazopoulos:20180417:decoding:7d5f713, author = {Nikolaos Pantazopoulos}, title = {{Decoding network data from a Gh0st RAT variant}}, date = {2018-04-17}, organization = {NCC Group}, url = {https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/april/decoding-network-data-from-a-gh0st-rat-variant/}, language = {English}, urldate = {2019-11-27} } Decoding network data from a Gh0st RAT variant
Ghost RAT LuckyMouse
2018-03-16Github (nccgroup)NCC Group PLC
@online{plc:20180316:royal:7ff57f8, author = {NCC Group PLC}, title = {{Royal APT - APT15 Repository}}, date = {2018-03-16}, organization = {Github (nccgroup)}, url = {https://github.com/nccgroup/Royal_APT}, language = {English}, urldate = {2020-01-09} } Royal APT - APT15 Repository
BS2005 MS Exchange Tool RoyalCli Royal DNS Mirage
2018-03-10NCC GroupRob Smallridge
@online{smallridge:20180310:apt15:e5e7ef0, author = {Rob Smallridge}, title = {{APT15 is alive and strong: An analysis of RoyalCli and RoyalDNS}}, date = {2018-03-10}, organization = {NCC Group}, url = {https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/march/apt15-is-alive-and-strong-an-analysis-of-royalcli-and-royaldns/}, language = {English}, urldate = {2019-12-19} } APT15 is alive and strong: An analysis of RoyalCli and RoyalDNS
BS2005 MS Exchange Tool RoyalCli Royal DNS Mirage
2017-09-19NCC GroupOllie Whitehouse
@online{whitehouse:20170919:eternalglue:c4348e0, author = {Ollie Whitehouse}, title = {{EternalGlue part one: Rebuilding NotPetya to assess real-world resilience}}, date = {2017-09-19}, organization = {NCC Group}, url = {https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/eternalglue-part-one-rebuilding-notpetya-to-assess-real-world-resilience/}, language = {English}, urldate = {2019-12-10} } EternalGlue part one: Rebuilding NotPetya to assess real-world resilience
EternalPetya
2017-08-31NCC GroupAhmed Zaki
@online{zaki:20170831:analysing:4c77e47, author = {Ahmed Zaki}, title = {{Analysing a recent Poison Ivy sample}}, date = {2017-08-31}, organization = {NCC Group}, url = {https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/analysing-a-recent-poison-ivy-sample/}, language = {English}, urldate = {2020-01-10} } Analysing a recent Poison Ivy sample
Poison Ivy
2016-07-14Github (nccgroup)NCC Group PLC
@online{plc:20160714:technical:a0afcbd, author = {NCC Group PLC}, title = {{Technical Notes on Sakula}}, date = {2016-07-14}, organization = {Github (nccgroup)}, url = {https://github.com/nccgroup/Cyber-Defence/tree/master/Technical%20Notes/Sakula}, language = {English}, urldate = {2020-01-08} } Technical Notes on Sakula
Sakula RAT
2016-06-16NCC GroupDavid Cannings
@online{cannings:20160616:sakula:cece262, author = {David Cannings}, title = {{Sakula: an adventure in DLL planting}}, date = {2016-06-16}, organization = {NCC Group}, url = {https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2016/june/sakula-an-adventure-in-dll-planting/?page=1}, language = {English}, urldate = {2020-01-06} } Sakula: an adventure in DLL planting