Click here to download all references as Bib-File.
2022-04-27 ⋅ Stairwell ⋅ The origin story of APT32 macros: The StrikeSuit Gift that keeps giving |
2022-04-27 ⋅ Stairwell ⋅ The origin story of APT32 macros: The StrikeSuit Gi StrikeSuit Gift |
2022-02-28 ⋅ Stairwell ⋅ Quick n’ dirty detection research: Building a labeled malware corpus for YARA testing |
2020-12-13 ⋅ FireEye ⋅ Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor SUNBURST SUPERNOVA TEARDROP UNC2452 |
2020-05-28 ⋅ Twitter (@stvemillertime) ⋅ Tweet on TClient / FIRESHADOW used by Tropic Trooper TClient |
2020-05-15 ⋅ Twitter (@stvemillertime) ⋅ Tweet on SOGU development timeline, including TIGERPLUG IOCs PlugX |
2020-03-25 ⋅ FireEye ⋅ This Is Not a Test: APT41 Initiates Global Intrusion Campaign Using Multiple Exploits Speculoos Cobalt Strike |
2019-10-21 ⋅ FireEye ⋅ Shikata Ga Nai Encoder Still Going Strong FIN11 |
2018-08-01 ⋅ FireEye ⋅ On the Hunt for FIN7: Pursuing an Enigmatic and Evasive Global Criminal Operation BELLHOP POWERPIPE BABYMETAL SocksBot FIN7 |
2018-07-11 ⋅ FireEye ⋅ Chinese Espionage Group TEMP.Periscope Targets Cambodia Ahead of July 2018 Elections and Reveals Broad Operations Globally AIRBREAK APT40 |
2017-03-07 ⋅ FireEye ⋅ FIN7 Spear Phishing Campaign Targets Personnel Involved in SEC Filings POWERSOURCE FIN7 |