Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-12-07CrowdStrikeShaun Hurley
@online{hurley:20211207:critical:959de2e, author = {Shaun Hurley}, title = {{Critical Hit: How DoppelPaymer Hunts and Kills Windows Processes}}, date = {2021-12-07}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/how-doppelpaymer-hunts-and-kills-windows-processes/}, language = {English}, urldate = {2021-12-08} } Critical Hit: How DoppelPaymer Hunts and Kills Windows Processes
DoppelPaymer
2020-05-18CrowdStrikeKaran Sood, Shaun Hurley, Liviu Arsene
@online{sood:20200518:darkside:a32cfcd, author = {Karan Sood and Shaun Hurley and Liviu Arsene}, title = {{DarkSide Goes Dark: How CrowdStrike Falcon Customers Were Protected}}, date = {2020-05-18}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/falcon-protects-from-darkside-ransomware/}, language = {English}, urldate = {2021-06-09} } DarkSide Goes Dark: How CrowdStrike Falcon Customers Were Protected
DarkSide DarkSide
2020-05-01CrowdStrikeShaun Hurley
@online{hurley:20200501:many:22ed72c, author = {Shaun Hurley}, title = {{The Many Paths Through Maze}}, date = {2020-05-01}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/maze-ransomware-deobfuscation/}, language = {English}, urldate = {2020-05-05} } The Many Paths Through Maze
Maze
2019-03-21CrowdStrikeShaun Hurley, James Scalise
@online{hurley:20190321:interception:7e57329, author = {Shaun Hurley and James Scalise}, title = {{Interception: Dissecting BokBot’s “Man in the Browser”}}, date = {2019-03-21}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/bokbots-man-in-the-browser-overview/}, language = {English}, urldate = {2019-12-20} } Interception: Dissecting BokBot’s “Man in the Browser”
IcedID
2019-01-03CrowdStrikeShaun Hurley, James Scalise
@online{hurley:20190103:digging:5219f6d, author = {Shaun Hurley and James Scalise}, title = {{Digging into BokBot’s Core Module}}, date = {2019-01-03}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/digging-into-bokbots-core-module/}, language = {English}, urldate = {2019-12-20} } Digging into BokBot’s Core Module
IcedID
2017-07-03CrowdStrikeShaun Hurley, Karan Sood
@online{hurley:20170703:notpetya:1453645, author = {Shaun Hurley and Karan Sood}, title = {{NotPetya Technical Analysis Part II: Further Findings and Potential for MBR Recovery}}, date = {2017-07-03}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/petrwrap-technical-analysis-part-2-further-findings-and-potential-for-mbr-recovery/}, language = {English}, urldate = {2019-12-20} } NotPetya Technical Analysis Part II: Further Findings and Potential for MBR Recovery
EternalPetya
2014-10-28CiscoAndrea Allievi, Douglas Goddard, Shaun Hurley, Alain Zidouemba
@online{allievi:20141028:threat:a302fbd, author = {Andrea Allievi and Douglas Goddard and Shaun Hurley and Alain Zidouemba}, title = {{Threat Spotlight: Group 72, Opening the ZxShell}}, date = {2014-10-28}, organization = {Cisco}, url = {https://blogs.cisco.com/security/talos/opening-zxshell}, language = {English}, urldate = {2019-10-15} } Threat Spotlight: Group 72, Opening the ZxShell
ZXShell