Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-10-18Medium ConfiantTaha Karim
@online{karim:20211018:profiling:5e4f3a5, author = {Taha Karim}, title = {{Profiling hackers using the Malvertising Attack Matrix by Confiant}}, date = {2021-10-18}, organization = {Medium Confiant}, url = {https://blog.confiant.com/profiling-hackers-using-the-malvertising-attack-matrix-by-confiant-9341838887b7}, language = {English}, urldate = {2021-10-26} } Profiling hackers using the Malvertising Attack Matrix by Confiant
2021-04-24Medium lordx64Taha Karim
@online{karim:20210424:initial:b6d138f, author = {Taha Karim}, title = {{Initial analysis of PasswordState supply chain attack backdoor code}}, date = {2021-04-24}, organization = {Medium lordx64}, url = {https://lordx64.medium.com/initial-analysis-of-passwordstate-supply-chain-attack-backdoor-code-aaff1df389e4}, language = {English}, urldate = {2021-04-29} } Initial analysis of PasswordState supply chain attack backdoor code
2020-12-14Twitter (@lordx64)Taha Karim
@online{karim:20201214:one:5d9f92c, author = {Taha Karim}, title = {{Tweet on a one liner to decrypt SUNBURST backdoor}}, date = {2020-12-14}, organization = {Twitter (@lordx64)}, url = {https://twitter.com/lordx64/status/1338526166051934213}, language = {English}, urldate = {2020-12-15} } Tweet on a one liner to decrypt SUNBURST backdoor
SUNBURST
2020-07-14ConfiantTaha Karim
@online{karim:20200714:internet:a2f6f67, author = {Taha Karim}, title = {{Internet Explorer CVE-2019–1367 Exploitation — part 3}}, date = {2020-07-14}, organization = {Confiant}, url = {https://blog.confiant.com/internet-explorer-cve-2019-1367-exploitation-part-3-a92d3011b38}, language = {English}, urldate = {2020-07-15} } Internet Explorer CVE-2019–1367 Exploitation — part 3
2020-07-13ConfiantTaha Karim
@online{karim:20200713:internet:d7f7dd7, author = {Taha Karim}, title = {{Internet Explorer CVE-2019–1367 In the wild Exploitation - prelude}}, date = {2020-07-13}, organization = {Confiant}, url = {https://blog.confiant.com/internet-explorer-cve-2019-1367-in-the-wild-exploitation-prelude-ef546f19cd30}, language = {English}, urldate = {2020-07-15} } Internet Explorer CVE-2019–1367 In the wild Exploitation - prelude
2020-07-13ConfiantTaha Karim
@online{karim:20200713:internet:be95d1e, author = {Taha Karim}, title = {{Internet Explorer CVE-2019–1367 Exploitation — part 1}}, date = {2020-07-13}, organization = {Confiant}, url = {https://blog.confiant.com/internet-explorer-cve-2019-1367-exploitation-part-1-7ff08b7dcc8b}, language = {English}, urldate = {2020-07-15} } Internet Explorer CVE-2019–1367 Exploitation — part 1
2019-12-10ConfiantTaha Karim
@online{karim:20191210:new:b423605, author = {Taha Karim}, title = {{New macOS Bundlore Loader Analysis}}, date = {2019-12-10}, organization = {Confiant}, url = {https://blog.confiant.com/new-macos-bundlore-loader-analysis-ca16d19c058c}, language = {English}, urldate = {2020-01-07} } New macOS Bundlore Loader Analysis
Bundlore
2019-04-08SANS Cyber Security SummitTaha Karim
@techreport{karim:20190408:trails:83a8378, author = {Taha Karim}, title = {{Trails of WindShift}}, date = {2019-04-08}, institution = {SANS Cyber Security Summit}, url = {https://www.sans.org/cyber-security-summit/archives/file/summit-archive-1554718868.pdf}, language = {English}, urldate = {2020-01-20} } Trails of WindShift
WindTail ZhMimikatz
2016-04-13FireEyeDaniel Regalado, Taha Karim, Varun Jian, Erye Hernandez
@online{regalado:20160413:ghosts:5d2944f, author = {Daniel Regalado and Taha Karim and Varun Jian and Erye Hernandez}, title = {{Ghosts in the Endpoint}}, date = {2016-04-13}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2016/04/ghosts_in_the_endpoi.html}, language = {English}, urldate = {2020-04-20} } Ghosts in the Endpoint
PLEAD
2015-12-11FireEyeDaniel Regalado, Taha Karim
@online{regalado:20151211:latentbot:76a6ff3, author = {Daniel Regalado and Taha Karim}, title = {{LATENTBOT: Trace Me If You Can}}, date = {2015-12-11}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2015/12/latentbot_trace_me.html}, language = {English}, urldate = {2019-12-20} } LATENTBOT: Trace Me If You Can
LatentBot