Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-11-19Trend MicroMohamed Fahmy, Sherif Magdy, Abdelrhman Sharshar
@online{fahmy:20211119:squirrelwaffle:1e8fa78, author = {Mohamed Fahmy and Sherif Magdy and Abdelrhman Sharshar}, title = {{Squirrelwaffle Exploits ProxyShell and ProxyLogon to Hijack Email Chains}}, date = {2021-11-19}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/k/Squirrelwaffle-Exploits-ProxyShell-and-ProxyLogon-to-Hijack-Email-Chains.html}, language = {English}, urldate = {2021-11-25} } Squirrelwaffle Exploits ProxyShell and ProxyLogon to Hijack Email Chains
Cobalt Strike QakBot Squirrelwaffle
2021-11-17Trend MicroMohamed Fahmy, Abdelrhman Sharshar, Sherif Magdy, Ryan Maglaque
@online{fahmy:20211117:analyzing:c6c52d1, author = {Mohamed Fahmy and Abdelrhman Sharshar and Sherif Magdy and Ryan Maglaque}, title = {{Analyzing ProxyShell-related Incidents via Trend Micro Managed XDR}}, date = {2021-11-17}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_in/research/21/k/analyzing-proxyshell-related-incidents-via-trend-micro-managed-x.html}, language = {English}, urldate = {2021-11-18} } Analyzing ProxyShell-related Incidents via Trend Micro Managed XDR
Cobalt Strike Cotx RAT
2021-10-19Trend MicroAbdelrhman Sharshar, Jay Yaneza, Sherif Magdy
@online{sharshar:20211019:purplefox:06308c3, author = {Abdelrhman Sharshar and Jay Yaneza and Sherif Magdy}, title = {{PurpleFox Adds New Backdoor That Uses WebSockets}}, date = {2021-10-19}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/j/purplefox-adds-new-backdoor-that-uses-websockets.html}, language = {English}, urldate = {2021-10-24} } PurpleFox Adds New Backdoor That Uses WebSockets
FoxSocket win.purplefox