Click here to download all references as Bib-File.
2020-12-15 ⋅ Github (itsreallynick) ⋅ A quick note from Nick Carr on COSMICGALE and SUPERNOVA that those are unrelated to UC2452 intrusion campaign SUPERNOVA |
2020-12-14 ⋅ Twitter (@ItsReallyNick) ⋅ Tweet on summarizing post-compromise actvity of UNC2452 SUNBURST |
2020-12-13 ⋅ FireEye ⋅ Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor SUNBURST SUPERNOVA TEARDROP UNC2452 |
2020-06-01 ⋅ Twitter (@ItsReallyNick) ⋅ Tweet on malware called NETFLASH |
2020-01-14 ⋅ FireEye ⋅ Rough Patch: I Promise It'll Be 200 OK (Citrix ADC CVE-2019-19781) NOTROBIN |
2019-12-20 ⋅ Twitter (@ItsReallyNick) ⋅ Tweet on GRUNT payload GRUNT |
2019-10-21 ⋅ FireEye ⋅ Shikata Ga Nai Encoder Still Going Strong FIN11 |
2019-10-10 ⋅ FireEye ⋅ Mahalo FIN7: Responding to the Criminal Operators’ New Tools and Techniques BOOSTWRITE |
2019-06-05 ⋅ Twitter (@ItsReallyNick) ⋅ Tweet on Malware Sample REDPEPPER REDSALT |
2018-12-21 ⋅ FireEye ⋅ OVERRULED: Containing a Potentially Destructive Adversary POWERTON PoshC2 pupy |
2018-11-19 ⋅ FireEye ⋅ Not So Cozy: An Uncomfortable Examination of a Suspected APT29 Phishing Campaign Cobalt Strike |
2018-11-06 ⋅ Twitter (@ItsReallyNick) ⋅ Tweet on a GRIFFON sample Griffon |
2018-08-01 ⋅ FireEye ⋅ On the Hunt for FIN7: Pursuing an Enigmatic and Evasive Global Criminal Operation BELLHOP POWERPIPE BABYMETAL SocksBot FIN7 |
2017-10-26 ⋅ FireEye ⋅ BACKSWING - Pulling a BADRABBIT Out of a Hat EternalPetya |
2017-09-21 ⋅ FireEye ⋅ APT33: New Insights into Iranian Cyber Espionage Group APT33 |
2017-06-30 ⋅ FireEye ⋅ Obfuscation in the Wild: Targeted Attackers Lead the Way in Evasion Techniques FIN8 |
2017-05-24 ⋅ BrightTALK (FireEye) ⋅ APT32: New Cyber Espionage Group APT32 |
2017-05-14 ⋅ FireEye ⋅ Cyber Espionage is Alive and Well: APT32 and the Threat to Global Corporations OceanLotus Cuegoe KOMPROGO SOUNDBITE APT32 |
2017-04-24 ⋅ FireEye ⋅ FIN7 Evolution and the Phishing LNK HALFBAKED FIN7 |