Click here to download all references as Bib-File.•
| 2025-02-13
⋅
Elastic
⋅
From South America to Southeast Asia: The Fragile Web of REF7707 FINALDRAFT FINALDRAFT GUIDLOADER PATHLOADER REF7707 |
| 2024-12-12
⋅
Elastic
⋅
Under the SADBRIDGE with GOSAR: QUASAR Gets a Golang Rewrite Gosar Quasar RAT SADBRIDGE |
| 2024-08-01
⋅
Elastic
⋅
BITS and Bytes: Analyzing BITSLOTH, a newly identified backdoor BITSloth |
| 2023-10-31
⋅
Elastic
⋅
Elastic catches DPRK passing out KANDYKORN HLOADER KANDYKORN SUGARLOADER |
| 2023-10-03
⋅
Elastic
⋅
Introducing the REF5961 intrusion set (RUDEBIRD, DOWNTOWN, and EAGERBEE) EagerBee SManager REF2924 REF5961 |
| 2023-06-29
⋅
Elastic
⋅
The DPRK strikes using a new variant of RUSTBUCKET RustBucket |
| 2023-06-21
⋅
Elastic
⋅
Initial research exposing JOKERSPY JokerSpy |
| 2023-06-09
⋅
Elastic
⋅
Elastic charms SPECTRALVIPER |
| 2023-06-09
⋅
Elastic
⋅
Elastic charms SPECTRALVIPER SPECTRALVIPER |
| 2023-02-02
⋅
Elastic
⋅
Update to the REF2924 intrusion set and related campaigns DoorMe ShadowPad SiestaGraph |
| 2022-12-16
⋅
Elastic
⋅
SiestaGraph: New implant uncovered in ASEAN member foreign ministry DoorMe SiestaGraph |
| 2022-10-31
⋅
Elastic
⋅
ICEDIDs network infrastructure is alive and well IcedID |
| 2022-07-27
⋅
Elastic
⋅
Exploring the QBOT Attack Pattern QakBot |
| 2022-06-01
⋅
Elastic
⋅
CUBA Ransomware Campaign Analysis Cobalt Strike Cuba Meterpreter MimiKatz SystemBC |
| 2022-01-19
⋅
Elastic
⋅
Extracting Cobalt Strike Beacon Configurations Cobalt Strike |
| 2022-01-19
⋅
Elastic
⋅
Collecting Cobalt Strike Beacons with the Elastic Stack Cobalt Strike |
| 2022-01-18
⋅
Elastic
⋅
FORMBOOK Adopts CAB-less Approach Formbook |
| 2020-02-13
⋅
Elastic
⋅
Playing defense against Gamaredon Group Pteranodon |