Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-04-27StairwellSilas Cutler, Steve Miller
The origin story of APT32 macros: The StrikeSuit Gi
StrikeSuit Gift
2022-04-27StairwellSilas Cutler, Steve Miller
The origin story of APT32 macros: The StrikeSuit Gift that keeps giving
2022-02-28StairwellSteve Miller
Quick n’ dirty detection research: Building a labeled malware corpus for YARA testing
2020-12-13FireEyeAlex Berry, Alex Pennino, Alyssa Rahman, Andrew Archer, Andrew Rector, Andrew Thompson, Barry Vengerik, Ben Read, Ben Withnell, Chris DiGiamo, Christopher Glyer, Dan Perez, Dileep Jallepalli, Doug Bienstock, Eric Scales, Evan Reese, Fred House, Glenn Edwards, Ian Ahl, Isif Ibrahima, Jay Smith, John Gorman, John Hultquist, Jon Leathery, Lennard Galang, Marcin Siedlarz, Matt Dunwoody, Matthew McWhirt, Michael Sikorski, Microsoft, Mike Burns, Nalani Fraiser, Nick Bennett, Nick Carr, Nick Hornick, Nick Richard, Nicole Oppenheim, Omer Baig, Ramin Nafisi, Sarah Jones, Scott Runnels, Stephen Eckels, Steve Miller, Steve Stone, William Ballenthin
Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor
SUNBURST SUPERNOVA TEARDROP UNC2452
2020-05-28Twitter (@stvemillertime)Steve Miller
Tweet on TClient / FIRESHADOW used by Tropic Trooper
TClient
2020-05-15Twitter (@stvemillertime)Steve Miller
Tweet on SOGU development timeline, including TIGERPLUG IOCs
PlugX
2020-03-25FireEyeChristopher Glyer, Dan Perez, Sarah Jones, Steve Miller
This Is Not a Test: APT41 Initiates Global Intrusion Campaign Using Multiple Exploits
Speculoos Cobalt Strike
2019-10-21FireEyeEvan Reese, Nick Carr, Steve Miller
Shikata Ga Nai Encoder Still Going Strong
FIN11
2018-08-01FireEyeBarry Vengerik, Kimberly Goody, Nick Carr, Steve Miller
On the Hunt for FIN7: Pursuing an Enigmatic and Evasive Global Criminal Operation
BELLHOP POWERPIPE BABYMETAL SocksBot FIN7
2018-07-11FireEyeBen Read, Ben Wilson, Dan Perez, Marcin Siedlarz, Scott Henderson, Steve Miller
Chinese Espionage Group TEMP.Periscope Targets Cambodia Ahead of July 2018 Elections and Reveals Broad Operations Globally
AIRBREAK APT40
2017-03-07FireEyeBarry Vengerik, Jordan Nuce, Steve Miller
FIN7 Spear Phishing Campaign Targets Personnel Involved in SEC Filings
POWERSOURCE FIN7