Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-05-18One Night in NorfolkKevin Perlow
@online{perlow:20200518:looking:eaa7bde, author = {Kevin Perlow}, title = {{Looking Back at LiteDuke}}, date = {2020-05-18}, organization = {One Night in Norfolk}, url = {https://norfolkinfosec.com/looking-back-at-liteduke/}, language = {English}, urldate = {2020-05-18} } Looking Back at LiteDuke
LiteDuke
2020-03-30One Night in NorfolkKevin Perlow
@online{perlow:20200330:new:a5c6c8b, author = {Kevin Perlow}, title = {{A New Look at Old Dragonfly Malware (Goodor)}}, date = {2020-03-30}, organization = {One Night in Norfolk}, url = {https://norfolkinfosec.com/a-new-look-at-old-dragonfly-malware-goodor/}, language = {English}, urldate = {2020-03-30} } A New Look at Old Dragonfly Malware (Goodor)
Goodor
2020-03-27One Night in NorfolkKevin Perlow
@online{perlow:20200327:first:6b7c827, author = {Kevin Perlow}, title = {{The First Stage of ShadowHammer}}, date = {2020-03-27}, organization = {One Night in Norfolk}, url = {https://norfolkinfosec.com/the-first-stage-of-shadowhammer/}, language = {English}, urldate = {2020-05-19} } The First Stage of ShadowHammer
shadowhammer
2019-12-31One Night in NorfolkNorfolk
@online{norfolk:20191231:fuel:37d7e73, author = {Norfolk}, title = {{Fuel Pumps II – PoSlurp.B}}, date = {2019-12-31}, organization = {One Night in Norfolk}, url = {https://norfolkinfosec.com/fuel-pumps-ii-poslurp-b/}, language = {English}, urldate = {2020-01-08} } Fuel Pumps II – PoSlurp.B
PoSlurp
2019-10-02One Night in NorfolkKevin Perlow
@online{perlow:20191002:another:31638d8, author = {Kevin Perlow}, title = {{Another Lazarus Injector}}, date = {2019-10-02}, organization = {One Night in Norfolk}, url = {https://norfolkinfosec.com/another-lazarus-injector/}, language = {English}, urldate = {2020-05-19} } Another Lazarus Injector
2019-07-22One Night in NorfolkKevin Perlow
@online{perlow:20190722:apt33:3258e71, author = {Kevin Perlow}, title = {{APT33 PowerShell Malware}}, date = {2019-07-22}, organization = {One Night in Norfolk}, url = {https://norfolkinfosec.com/apt33-powershell-malware/}, language = {English}, urldate = {2020-05-19} } APT33 PowerShell Malware
POWERTON
2019-07-22One Night in NorfolkKevin Perlow
@online{perlow:20190722:lazarus:b7111b1, author = {Kevin Perlow}, title = {{The Lazarus Injector}}, date = {2019-07-22}, organization = {One Night in Norfolk}, url = {https://norfolkinfosec.com/the-lazarus-injector/}, language = {English}, urldate = {2020-05-19} } The Lazarus Injector
2019-07-21One Night in NorfolkKevin Perlow
@online{perlow:20190721:emissary:dbd4bd3, author = {Kevin Perlow}, title = {{Emissary Panda DLL Backdoor}}, date = {2019-07-21}, organization = {One Night in Norfolk}, url = {https://norfolkinfosec.com/emissary-panda-dll-backdoor/}, language = {English}, urldate = {2020-05-19} } Emissary Panda DLL Backdoor
Unidentified 060
2019-06-05One Night in NorfolkKevin Perlow
@online{perlow:20190605:possible:47a6f30, author = {Kevin Perlow}, title = {{Possible Turla HTTP Listener}}, date = {2019-06-05}, organization = {One Night in Norfolk}, url = {https://norfolkinfosec.com/http-listener/}, language = {English}, urldate = {2020-05-19} } Possible Turla HTTP Listener
2019-05-07One Night in NorfolkKevin Perlow
@online{perlow:20190507:filesnfer:36164a2, author = {Kevin Perlow}, title = {{“Filesnfer” Tool (C#, Python)}}, date = {2019-05-07}, organization = {One Night in Norfolk}, url = {https://norfolkinfosec.com/filesnfer-tool-c-python/}, language = {English}, urldate = {2020-05-19} } “Filesnfer” Tool (C#, Python)
XServer
2019-04-10One Night in NorfolkNorfolk
@online{norfolk:20190410:osint:7dfb7d1, author = {Norfolk}, title = {{OSINT Reporting Regarding DPRK and TA505 Overlap}}, date = {2019-04-10}, organization = {One Night in Norfolk}, url = {https://norfolkinfosec.com/osint-reporting-on-dprk-and-ta505-overlap/}, language = {English}, urldate = {2020-01-06} } OSINT Reporting Regarding DPRK and TA505 Overlap
PowerBrace
2019-04-03One Night in NorfolkKevin Perlow
@online{perlow:20190403:possible:0a08c3a, author = {Kevin Perlow}, title = {{Possible ShadowHammer Targeting (Low Confidence)}}, date = {2019-04-03}, organization = {One Night in Norfolk}, url = {https://norfolkinfosec.com/possible-shadowhammer-targeting-low-confidence/}, language = {English}, urldate = {2020-05-19} } Possible ShadowHammer Targeting (Low Confidence)
shadowhammer
2019-03-24One Night in NorfolkKevin Perlow
@online{perlow:20190324:jeshell:439ae8b, author = {Kevin Perlow}, title = {{JEShell: An OceanLotus (APT32) Backdoor}}, date = {2019-03-24}, organization = {One Night in Norfolk}, url = {https://norfolkinfosec.com/jeshell-an-oceanlotus-apt32-backdoor/}, language = {English}, urldate = {2020-05-19} } JEShell: An OceanLotus (APT32) Backdoor
Cobalt Strike KerrDown
2019-02-25One Night in NorfolkKevin Perlow
@online{perlow:20190225:how:d4a68d6, author = {Kevin Perlow}, title = {{How To: Analyzing a Malicious Hangul Word Processor Document from a DPRK Threat Actor Group}}, date = {2019-02-25}, organization = {One Night in Norfolk}, url = {https://norfolkinfosec.com/how-to-analyzing-a-malicious-hangul-word-processor-document-from-a-dprk-threat-actor-group/}, language = {English}, urldate = {2020-05-19} } How To: Analyzing a Malicious Hangul Word Processor Document from a DPRK Threat Actor Group
NavRAT
2019-02-11One Night in NorfolkKevin Perlow
@online{perlow:20190211:how:05b5d9a, author = {Kevin Perlow}, title = {{How the Silence Downloader Has Evolved Over Time}}, date = {2019-02-11}, organization = {One Night in Norfolk}, url = {https://norfolkinfosec.com/how-the-silence-downloader-has-evolved-over-time/}, language = {English}, urldate = {2020-05-19} } How the Silence Downloader Has Evolved Over Time
Silence
2019-02-06One Night in NorfolkKevin Perlow
@online{perlow:20190206:some:8835f31, author = {Kevin Perlow}, title = {{Some Notes on the Silence Proxy}}, date = {2019-02-06}, organization = {One Night in Norfolk}, url = {https://norfolkinfosec.com/some-notes-on-the-silence-proxy/}, language = {English}, urldate = {2020-05-19} } Some Notes on the Silence Proxy
Silence
2019-01-22One Night in NorfolkNorfolk
@online{norfolk:20190122:lazarus:74b5983, author = {Norfolk}, title = {{A Lazarus Keylogger- PSLogger}}, date = {2019-01-22}, organization = {One Night in Norfolk}, url = {https://norfolkinfosec.com/a-lazarus-keylogger-pslogger/}, language = {English}, urldate = {2020-01-10} } A Lazarus Keylogger- PSLogger
PSLogger