Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-08-05SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20210805:detecting:235fe13, author = {Counter Threat Unit ResearchTeam}, title = {{Detecting Cobalt Strike: Government-Sponsored Threat Groups (APT32)}}, date = {2021-08-05}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/detecting-cobalt-strike-government-sponsored-threat-groups}, language = {English}, urldate = {2021-08-06} } Detecting Cobalt Strike: Government-Sponsored Threat Groups (APT32)
Cobalt Strike
2021-08-04SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20210804:detecting:b379acb, author = {Counter Threat Unit ResearchTeam}, title = {{Detecting Cobalt Strike: Cybercrime Attacks (GOLD LAGOON)}}, date = {2021-08-04}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/detecting-cobalt-strike-cybercrime-attacks}, language = {English}, urldate = {2021-08-06} } Detecting Cobalt Strike: Cybercrime Attacks (GOLD LAGOON)
Cobalt Strike
2021-07-20SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20210720:ongoing:1e6dbd0, author = {Counter Threat Unit ResearchTeam}, title = {{Ongoing Campaign Leveraging Exchange Vulnerability Potentially Linked to Iran}}, date = {2021-07-20}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/ongoing-campaign-leveraging-exchange-vulnerability-potentially-linked-to-iran}, language = {English}, urldate = {2021-07-26} } Ongoing Campaign Leveraging Exchange Vulnerability Potentially Linked to Iran
CHINACHOPPER MimiKatz RGDoor
2021-06-22SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20210622:lv:a58b99f, author = {Counter Threat Unit ResearchTeam}, title = {{LV Ransomware}}, date = {2021-06-22}, organization = {Secureworks}, url = {https://www.secureworks.com/research/lv-ransomware}, language = {English}, urldate = {2021-06-23} } LV Ransomware
REvil
2021-06-15SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20210615:hades:e1734d8, author = {Counter Threat Unit ResearchTeam}, title = {{Hades Ransomware Operators Use Distinctive Tactics and Infrastructure}}, date = {2021-06-15}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/hades-ransomware-operators-use-distinctive-tactics-and-infrastructure}, language = {English}, urldate = {2021-06-21} } Hades Ransomware Operators Use Distinctive Tactics and Infrastructure
Cobalt Strike Hades
2021-06-03SecureworksSecureworks Adversary Group, Counter Threat Unit ResearchTeam
@online{group:20210603:oauths:50516b7, author = {Secureworks Adversary Group and Counter Threat Unit ResearchTeam}, title = {{OAuth’s Device Code Flow Abused in Phishing Attacks}}, date = {2021-06-03}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/oauths-device-code-flow-abused-in-phishing-attacks}, language = {English}, urldate = {2021-06-22} } OAuth’s Device Code Flow Abused in Phishing Attacks
2021-05-13SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20210513:ransomware:1c6898a, author = {Counter Threat Unit ResearchTeam}, title = {{Ransomware Groups Use Tor-Based Backdoor for Persistent Access}}, date = {2021-05-13}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/ransomware-groups-use-tor-based-backdoor-for-persistent-access}, language = {English}, urldate = {2021-05-26} } Ransomware Groups Use Tor-Based Backdoor for Persistent Access
DarkSide Snatch GOLD WATERFALL
2021-03-08SecureworksCounter Threat Unit ResearchTeam
@online{researchteam:20210308:supernova:c12f8f7, author = {Counter Threat Unit ResearchTeam}, title = {{SUPERNOVA Web Shell Deployment Linked to SPIRAL Threat Group}}, date = {2021-03-08}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/supernova-web-shell-deployment-linked-to-spiral-threat-group}, language = {English}, urldate = {2021-03-10} } SUPERNOVA Web Shell Deployment Linked to SPIRAL Threat Group
SUPERNOVA
2021SecureworksSecureWorks
@online{secureworks:2021:threat:a35a451, author = {SecureWorks}, title = {{Threat Profile: GOLD CABIN}}, date = {2021}, organization = {Secureworks}, url = {https://www.secureworks.com/research/threat-profiles/gold-cabin}, language = {English}, urldate = {2021-05-31} } Threat Profile: GOLD CABIN
GOLD CABIN
2021SecureworksSecureWorks
@online{secureworks:2021:threat:197feaf, author = {SecureWorks}, title = {{Threat Profile: GOLD FAIRFAX}}, date = {2021}, organization = {Secureworks}, url = {http://www.secureworks.com/research/threat-profiles/gold-fairfax}, language = {English}, urldate = {2021-05-31} } Threat Profile: GOLD FAIRFAX
Ramnit GOLD FAIRFAX
2021SecureworksSecureWorks
@online{secureworks:2021:threat:9cb31b0, author = {SecureWorks}, title = {{Threat Profile: GOLD GALLEON}}, date = {2021}, organization = {Secureworks}, url = {http://www.secureworks.com/research/threat-profiles/gold-galleon}, language = {English}, urldate = {2021-06-01} } Threat Profile: GOLD GALLEON
Agent Tesla HawkEye Keylogger Pony GOLD GALLEON
2021SecureworksSecureWorks
@online{secureworks:2021:threat:45f61e0, author = {SecureWorks}, title = {{Threat Profile: GOLD WATERFALL}}, date = {2021}, organization = {Secureworks}, url = {https://www.secureworks.com/research/threat-profiles/gold-waterfall}, language = {English}, urldate = {2021-05-31} } Threat Profile: GOLD WATERFALL
Cobalt Strike DarkSide GOLD WATERFALL
2021SecureworksSecureWorks
@online{secureworks:2021:threat:d17547d, author = {SecureWorks}, title = {{Threat Profile: GOLD BURLAP}}, date = {2021}, organization = {Secureworks}, url = {http://www.secureworks.com/research/threat-profiles/gold-burlap}, language = {English}, urldate = {2021-05-31} } Threat Profile: GOLD BURLAP
Empire Downloader Mespinoza MimiKatz GOLD BURLAP
2021SecureworksSecureWorks
@online{secureworks:2021:threat:0808fb8, author = {SecureWorks}, title = {{Threat Profile: GOLD FLANDERS}}, date = {2021}, organization = {Secureworks}, url = {http://www.secureworks.com/research/threat-profiles/gold-flanders}, language = {English}, urldate = {2021-05-31} } Threat Profile: GOLD FLANDERS
GOLD FLANDERS
2021SecureworksSecureWorks
@online{secureworks:2021:threat:b0aa2ab, author = {SecureWorks}, title = {{Threat Profile: GOLD MANSARD}}, date = {2021}, organization = {Secureworks}, url = {http://www.secureworks.com/research/threat-profiles/gold-mansard}, language = {English}, urldate = {2021-05-31} } Threat Profile: GOLD MANSARD
Nefilim Nemty GOLD MANSARD
2021SecureworksSecureWorks
@online{secureworks:2021:threat:98f1049, author = {SecureWorks}, title = {{Threat Profile: GOLD HERON}}, date = {2021}, organization = {Secureworks}, url = {http://www.secureworks.com/research/threat-profiles/gold-heron}, language = {English}, urldate = {2021-05-31} } Threat Profile: GOLD HERON
DoppelPaymer Dridex Empire Downloader DOPPEL SPIDER
2021SecureworksSecureWorks
@online{secureworks:2021:threat:5afd502, author = {SecureWorks}, title = {{Threat Profile: GOLD LAGOON}}, date = {2021}, organization = {Secureworks}, url = {http://www.secureworks.com/research/threat-profiles/gold-lagoon}, language = {English}, urldate = {2021-05-31} } Threat Profile: GOLD LAGOON
QakBot MALLARD SPIDER
2021SecureworksSecureWorks
@online{secureworks:2021:threat:c0ba914, author = {SecureWorks}, title = {{Threat Profile: GOLD FRANKLIN}}, date = {2021}, organization = {Secureworks}, url = {http://www.secureworks.com/research/threat-profiles/gold-franklin}, language = {English}, urldate = {2021-05-31} } Threat Profile: GOLD FRANKLIN
Grateful POS Meterpreter MimiKatz RemCom FIN6
2021SecureworksSecureWorks
@online{secureworks:2021:threat:7406344, author = {SecureWorks}, title = {{Threat Profile: GOLD NORTHFIELD}}, date = {2021}, organization = {Secureworks}, url = {http://www.secureworks.com/research/threat-profiles/gold-northfield}, language = {English}, urldate = {2021-06-01} } Threat Profile: GOLD NORTHFIELD
GOLD NORTHFIELD
2021SecureworksSecureWorks
@online{secureworks:2021:threat:7e8aa73, author = {SecureWorks}, title = {{Threat Profile: GOLD VILLAGE}}, date = {2021}, organization = {Secureworks}, url = {http://www.secureworks.com/research/threat-profiles/gold-village}, language = {English}, urldate = {2021-05-31} } Threat Profile: GOLD VILLAGE
Maze TA2101