Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-08-04nccgroupMichael Mathews, RIFT: Research and Intelligence Fusion Team
@online{mathews:20220804:top:2e6e156, author = {Michael Mathews and RIFT: Research and Intelligence Fusion Team}, title = {{Top of the Pops: Three common ransomware entry techniques}}, date = {2022-08-04}, organization = {nccgroup}, url = {https://research.nccgroup.com/2022/08/04/top-of-the-pops-three-common-ransomware-entry-techniques}, language = {English}, urldate = {2022-08-22} } Top of the Pops: Three common ransomware entry techniques
2022-07-13NCC GroupRIFT: Research and Intelligence Fusion Team
@online{team:20220713:climbing:eea784b, author = {RIFT: Research and Intelligence Fusion Team}, title = {{Climbing Mount Everest: Black-Byte Bytes Back?}}, date = {2022-07-13}, organization = {NCC Group}, url = {https://research.nccgroup.com/2022/07/13/climbing-mount-everest-black-byte-bytes-back/}, language = {English}, urldate = {2022-07-15} } Climbing Mount Everest: Black-Byte Bytes Back?
BlackByte
2022-03-31nccgroupNikolaos Pantazopoulos, Alex Jessop, Simon Biggs, RIFT: Research and Intelligence Fusion Team
@online{pantazopoulos:20220331:continuation:b38514d, author = {Nikolaos Pantazopoulos and Alex Jessop and Simon Biggs and RIFT: Research and Intelligence Fusion Team}, title = {{Conti-nuation: methods and techniques observed in operations post the leaks}}, date = {2022-03-31}, organization = {nccgroup}, url = {https://research.nccgroup.com/2022/03/31/conti-nuation-methods-and-techniques-observed-in-operations-post-the-leaks/}, language = {English}, urldate = {2022-03-31} } Conti-nuation: methods and techniques observed in operations post the leaks
Cobalt Strike Conti QakBot
2022-03-03NCC GroupRIFT: Research and Intelligence Fusion Team
@online{team:20220303:sharkbot:da02f61, author = {RIFT: Research and Intelligence Fusion Team}, title = {{SharkBot: a “new” generation Android banking Trojan being distributed on Google Play Store}}, date = {2022-03-03}, organization = {NCC Group}, url = {https://research.nccgroup.com/2022/03/03/sharkbot-a-new-generation-android-banking-trojan-being-distributed-on-google-play-store/}, language = {English}, urldate = {2022-03-04} } SharkBot: a “new” generation Android banking Trojan being distributed on Google Play Store
SharkBot
2021-12-12NCC GroupRIFT: Research and Intelligence Fusion Team
@online{team:20211212:log4shell:6021235, author = {RIFT: Research and Intelligence Fusion Team}, title = {{Log4Shell: Reconnaissance and post exploitation network detection}}, date = {2021-12-12}, organization = {NCC Group}, url = {https://research.nccgroup.com/2021/12/12/log4shell-reconnaissance-and-post-exploitation-network-detection/}, language = {English}, urldate = {2022-01-31} } Log4Shell: Reconnaissance and post exploitation network detection
2021-11-08NCC GroupRIFT: Research and Intelligence Fusion Team
@online{team:20211108:ta505:5a3c385, author = {RIFT: Research and Intelligence Fusion Team}, title = {{TA505 exploits SolarWinds Serv-U vulnerability (CVE-2021-35211) for initial access}}, date = {2021-11-08}, organization = {NCC Group}, url = {https://research.nccgroup.com/2021/11/08/ta505-exploits-solarwinds-serv-u-vulnerability-cve-2021-35211-for-initial-access/}, language = {English}, urldate = {2021-11-09} } TA505 exploits SolarWinds Serv-U vulnerability (CVE-2021-35211) for initial access