Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-06-01Twitter (@ItsReallyNick)Nick Carr
@online{carr:20200601:malware:62e3d49, author = {Nick Carr}, title = {{Tweet on malware called NETFLASH}}, date = {2020-06-01}, organization = {Twitter (@ItsReallyNick)}, url = {https://twitter.com/ItsReallyNick/status/1267475216923594755}, language = {English}, urldate = {2020-06-05} } Tweet on malware called NETFLASH
2020-01-14FireEyeNick Carr, Matt Bromiley
@online{carr:20200114:rough:1c149da, author = {Nick Carr and Matt Bromiley}, title = {{Rough Patch: I Promise It'll Be 200 OK (Citrix ADC CVE-2019-19781)}}, date = {2020-01-14}, organization = {FireEye}, url = {https://www.fireeye.com/blog/products-and-services/2020/01/rough-patch-promise-it-will-be-200-ok.html}, language = {English}, urldate = {2020-01-17} } Rough Patch: I Promise It'll Be 200 OK (Citrix ADC CVE-2019-19781)
NOTROBIN
2019-12-20Twitter (@ItsReallyNick)Nick Carr
@online{carr:20191220:grunt:02cb116, author = {Nick Carr}, title = {{Tweet on GRUNT payload}}, date = {2019-12-20}, organization = {Twitter (@ItsReallyNick)}, url = {https://twitter.com/ItsReallyNick/status/1208141697282117633}, language = {English}, urldate = {2020-01-09} } Tweet on GRUNT payload
GRUNT
2019-10-21FireEyeSteve Miller, Evan Reese, Nick Carr
@online{miller:20191021:shikata:4cc9011, author = {Steve Miller and Evan Reese and Nick Carr}, title = {{Shikata Ga Nai Encoder Still Going Strong}}, date = {2019-10-21}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2019/10/shikata-ga-nai-encoder-still-going-strong.html}, language = {English}, urldate = {2020-11-04} } Shikata Ga Nai Encoder Still Going Strong
FIN11
2019-10-10FireEyeNick Carr, Josh Yoder, Kimberly Goody, Scott Runnels, Jeremy Kennelly, Jordan Nuce
@online{carr:20191010:mahalo:917c5b2, author = {Nick Carr and Josh Yoder and Kimberly Goody and Scott Runnels and Jeremy Kennelly and Jordan Nuce}, title = {{Mahalo FIN7: Responding to the Criminal Operators’ New Tools and Techniques}}, date = {2019-10-10}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2019/10/mahalo-fin7-responding-to-new-tools-and-techniques.html}, language = {English}, urldate = {2019-11-18} } Mahalo FIN7: Responding to the Criminal Operators’ New Tools and Techniques
BOOSTWRITE
2019-06-05Twitter (@ItsReallyNick)Nick Carr
@online{carr:20190605:malware:a6892ae, author = {Nick Carr}, title = {{Tweet on Malware Sample}}, date = {2019-06-05}, organization = {Twitter (@ItsReallyNick)}, url = {https://twitter.com/ItsReallyNick/status/1136502701301346305}, language = {English}, urldate = {2020-01-07} } Tweet on Malware Sample
REDPEPPER REDSALT
2018-12-21FireEyeGeoff Ackerman, Rick Cole, Andrew Thompson, Alex Orleans, Nick Carr
@online{ackerman:20181221:overruled:74ac7b4, author = {Geoff Ackerman and Rick Cole and Andrew Thompson and Alex Orleans and Nick Carr}, title = {{OVERRULED: Containing a Potentially Destructive Adversary}}, date = {2018-12-21}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2018/12/overruled-containing-a-potentially-destructive-adversary.html}, language = {English}, urldate = {2019-12-20} } OVERRULED: Containing a Potentially Destructive Adversary
POWERTON PoshC2 pupy
2018-11-19FireEyeMatthew Dunwoody, Andrew Thompson, Ben Withnell, Jonathan Leathery, Michael Matonis, Nick Carr
@online{dunwoody:20181119:not:e581291, author = {Matthew Dunwoody and Andrew Thompson and Ben Withnell and Jonathan Leathery and Michael Matonis and Nick Carr}, title = {{Not So Cozy: An Uncomfortable Examination of a Suspected APT29 Phishing Campaign}}, date = {2018-11-19}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2018/11/not-so-cozy-an-uncomfortable-examination-of-a-suspected-apt29-phishing-campaign.html}, language = {English}, urldate = {2019-12-20} } Not So Cozy: An Uncomfortable Examination of a Suspected APT29 Phishing Campaign
Cobalt Strike
2018-11-06Twitter (@ItsReallyNick)Nick Carr
@online{carr:20181106:griffon:c7f800f, author = {Nick Carr}, title = {{Tweet on a GRIFFON sample}}, date = {2018-11-06}, organization = {Twitter (@ItsReallyNick)}, url = {https://twitter.com/ItsReallyNick/status/1059898708286939136}, language = {English}, urldate = {2019-12-17} } Tweet on a GRIFFON sample
Griffon
2018-08-01FireEyeNick Carr, Kimberly Goody, Steve Miller, Barry Vengerik
@online{carr:20180801:hunt:0fe0e15, author = {Nick Carr and Kimberly Goody and Steve Miller and Barry Vengerik}, title = {{On the Hunt for FIN7: Pursuing an Enigmatic and Evasive Global Criminal Operation}}, date = {2018-08-01}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2018/08/fin7-pursuing-an-enigmatic-and-evasive-global-criminal-operation.html}, language = {English}, urldate = {2019-12-20} } On the Hunt for FIN7: Pursuing an Enigmatic and Evasive Global Criminal Operation
BELLHOP POWERPIPE BABYMETAL SocksBot Anunak
2017-10-26FireEyeBarry Vengerik, Ben Read, Brian Mordosky, Christopher Glyer, Ian Ahl, Matt Williams, Michael Matonis, Nick Carr
@online{vengerik:20171026:backswing:3aab9cf, author = {Barry Vengerik and Ben Read and Brian Mordosky and Christopher Glyer and Ian Ahl and Matt Williams and Michael Matonis and Nick Carr}, title = {{BACKSWING - Pulling a BADRABBIT Out of a Hat}}, date = {2017-10-26}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2017/10/backswing-pulling-a-badrabbit-out-of-a-hat.html}, language = {English}, urldate = {2019-12-20} } BACKSWING - Pulling a BADRABBIT Out of a Hat
EternalPetya
2017-09-21FireEyeStuart Davis, Nick Carr
@online{davis:20170921:apt33:52822d2, author = {Stuart Davis and Nick Carr}, title = {{APT33: New Insights into Iranian Cyber Espionage Group}}, date = {2017-09-21}, organization = {FireEye}, url = {https://www.brighttalk.com/webcast/10703/275683}, language = {English}, urldate = {2019-12-20} } APT33: New Insights into Iranian Cyber Espionage Group
APT33
2017-06-30FireEyeNick Carr, Daniel Bohannon
@online{carr:20170630:obfuscation:c3d947e, author = {Nick Carr and Daniel Bohannon}, title = {{Obfuscation in the Wild: Targeted Attackers Lead the Way in Evasion Techniques}}, date = {2017-06-30}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2017/06/obfuscation-in-the-wild.html}, language = {English}, urldate = {2019-12-20} } Obfuscation in the Wild: Targeted Attackers Lead the Way in Evasion Techniques
FIN8
2017-05-24BrightTALK (FireEye)Nick Carr
@online{carr:20170524:apt32:4060afe, author = {Nick Carr}, title = {{APT32: New Cyber Espionage Group}}, date = {2017-05-24}, organization = {BrightTALK (FireEye)}, url = {https://www.brighttalk.com/webcast/10703/261205}, language = {English}, urldate = {2020-01-07} } APT32: New Cyber Espionage Group
APT32
2017-05-14FireEyeNick Carr
@online{carr:20170514:cyber:0ac720f, author = {Nick Carr}, title = {{Cyber Espionage is Alive and Well: APT32 and the Threat to Global Corporations}}, date = {2017-05-14}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2017/05/cyber-espionage-apt32.html}, language = {English}, urldate = {2019-12-20} } Cyber Espionage is Alive and Well: APT32 and the Threat to Global Corporations
OceanLotus Cuegoe KOMPROGO SOUNDBITE APT32
2017-04-24FireEyeSaravanan Mohankumar, Nick Carr, Yogesh Londhe, Barry Vengerik, Dominik Weber
@online{mohankumar:20170424:fin7:6aec2b4, author = {Saravanan Mohankumar and Nick Carr and Yogesh Londhe and Barry Vengerik and Dominik Weber}, title = {{FIN7 Evolution and the Phishing LNK}}, date = {2017-04-24}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2017/04/fin7-phishing-lnk.html}, language = {English}, urldate = {2019-12-20} } FIN7 Evolution and the Phishing LNK
HALFBAKED Anunak