Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-12-15Github (itsreallynick)Nick Carr
A quick note from Nick Carr on COSMICGALE and SUPERNOVA that those are unrelated to UC2452 intrusion campaign
SUPERNOVA
2020-12-14Twitter (@ItsReallyNick)Nick Carr
Tweet on summarizing post-compromise actvity of UNC2452
SUNBURST
2020-12-13FireEyeAlex Berry, Alex Pennino, Alyssa Rahman, Andrew Archer, Andrew Rector, Andrew Thompson, Barry Vengerik, Ben Read, Ben Withnell, Chris DiGiamo, Christopher Glyer, Dan Perez, Dileep Jallepalli, Doug Bienstock, Eric Scales, Evan Reese, Fred House, Glenn Edwards, Ian Ahl, Isif Ibrahima, Jay Smith, John Gorman, John Hultquist, Jon Leathery, Lennard Galang, Marcin Siedlarz, Matt Dunwoody, Matthew McWhirt, Michael Sikorski, Microsoft, Mike Burns, Nalani Fraiser, Nick Bennett, Nick Carr, Nick Hornick, Nick Richard, Nicole Oppenheim, Omer Baig, Ramin Nafisi, Sarah Jones, Scott Runnels, Stephen Eckels, Steve Miller, Steve Stone, William Ballenthin
Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor
SUNBURST SUPERNOVA TEARDROP UNC2452
2020-06-01Twitter (@ItsReallyNick)Nick Carr
Tweet on malware called NETFLASH
2020-01-14FireEyeMatt Bromiley, Nick Carr
Rough Patch: I Promise It'll Be 200 OK (Citrix ADC CVE-2019-19781)
NOTROBIN
2019-12-20Twitter (@ItsReallyNick)Nick Carr
Tweet on GRUNT payload
GRUNT
2019-10-21FireEyeEvan Reese, Nick Carr, Steve Miller
Shikata Ga Nai Encoder Still Going Strong
FIN11
2019-10-10FireEyeJeremy Kennelly, Jordan Nuce, Josh Yoder, Kimberly Goody, Nick Carr, Scott Runnels
Mahalo FIN7: Responding to the Criminal Operators’ New Tools and Techniques
BOOSTWRITE
2019-06-05Twitter (@ItsReallyNick)Nick Carr
Tweet on Malware Sample
REDPEPPER REDSALT
2018-12-21FireEyeAlex Orleans, Andrew Thompson, Geoff Ackerman, Nick Carr, Rick Cole
OVERRULED: Containing a Potentially Destructive Adversary
POWERTON PoshC2 pupy
2018-11-19FireEyeAndrew Thompson, Ben Withnell, Jonathan Leathery, Matthew Dunwoody, Michael Matonis, Nick Carr
Not So Cozy: An Uncomfortable Examination of a Suspected APT29 Phishing Campaign
Cobalt Strike
2018-11-06Twitter (@ItsReallyNick)Nick Carr
Tweet on a GRIFFON sample
Griffon
2018-08-01FireEyeBarry Vengerik, Kimberly Goody, Nick Carr, Steve Miller
On the Hunt for FIN7: Pursuing an Enigmatic and Evasive Global Criminal Operation
BELLHOP POWERPIPE BABYMETAL SocksBot FIN7
2017-10-26FireEyeBarry Vengerik, Ben Read, Brian Mordosky, Christopher Glyer, Ian Ahl, Matt Williams, Michael Matonis, Nick Carr
BACKSWING - Pulling a BADRABBIT Out of a Hat
EternalPetya
2017-09-21FireEyeNick Carr, Stuart Davis
APT33: New Insights into Iranian Cyber Espionage Group
APT33
2017-06-30FireEyeDaniel Bohannon, Nick Carr
Obfuscation in the Wild: Targeted Attackers Lead the Way in Evasion Techniques
FIN8
2017-05-24BrightTALK (FireEye)Nick Carr
APT32: New Cyber Espionage Group
APT32
2017-05-14FireEyeNick Carr
Cyber Espionage is Alive and Well: APT32 and the Threat to Global Corporations
OceanLotus Cuegoe KOMPROGO SOUNDBITE APT32
2017-04-24FireEyeBarry Vengerik, Dominik Weber, Nick Carr, Saravanan Mohankumar, Yogesh Londhe
FIN7 Evolution and the Phishing LNK
HALFBAKED FIN7