Click here to download all references as Bib-File.
2022-10-03 ⋅ One Night in Norfolk ⋅ Some Notes on VIRTUALGATE VIRTUALGATE |
2021-02-01 ⋅ One Night in Norfolk ⋅ DPRK Targeting Researchers II: .Sys Payload and Registry Hunting ComeBacker |
2021-01-26 ⋅ One Night in Norfolk ⋅ DPRK Malware Targeting Security Researchers ComeBacker |
2020-11-02 ⋅ One Night in Norfolk ⋅ TinyPOS and ProLocker: An Odd Relationship AbaddonPOS PwndLocker |
2020-05-18 ⋅ One Night in Norfolk ⋅ Looking Back at LiteDuke LiteDuke |
2020-03-30 ⋅ One Night in Norfolk ⋅ A New Look at Old Dragonfly Malware (Goodor) Goodor |
2020-03-27 ⋅ One Night in Norfolk ⋅ The First Stage of ShadowHammer shadowhammer |
2019-12-31 ⋅ One Night in Norfolk ⋅ Fuel Pumps II – PoSlurp.B PoSlurp |
2019-12-23 ⋅ POS Malware Used at Fuel Pumps Grateful POS |
2019-10-02 ⋅ One Night in Norfolk ⋅ Another Lazarus Injector |
2019-07-22 ⋅ One Night in Norfolk ⋅ APT33 PowerShell Malware POWERTON |
2019-07-22 ⋅ One Night in Norfolk ⋅ The Lazarus Injector |
2019-07-21 ⋅ One Night in Norfolk ⋅ Emissary Panda DLL Backdoor HyperSSL |
2019-06-05 ⋅ One Night in Norfolk ⋅ Possible Turla HTTP Listener |
2019-05-07 ⋅ One Night in Norfolk ⋅ “Filesnfer” Tool (C#, Python) XServer |
2019-04-10 ⋅ One Night in Norfolk ⋅ OSINT Reporting Regarding DPRK and TA505 Overlap PowerBrace |
2019-04-03 ⋅ One Night in Norfolk ⋅ Possible ShadowHammer Targeting (Low Confidence) shadowhammer |
2019-03-24 ⋅ One Night in Norfolk ⋅ JEShell: An OceanLotus (APT32) Backdoor Cobalt Strike KerrDown |
2019-02-25 ⋅ One Night in Norfolk ⋅ How To: Analyzing a Malicious Hangul Word Processor Document from a DPRK Threat Actor Group NavRAT |
2019-02-11 ⋅ One Night in Norfolk ⋅ How the Silence Downloader Has Evolved Over Time Silence |