Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-04-29The DFIR ReportThe DFIR Report
From IcedID to Dagon Locker Ransomware in 29 Days
IcedID Mount Locker
2024-04-01The DFIR ReportThe DFIR Report
From OneNote to RansomNote: An Ice Cold Intrusion
Cobalt Strike IcedID Nokoyawa Ransomware PhotoLoader
2023-12-04The DFIR ReportThe DFIR Report
SQL Brute Force leads to Bluesky Ransomware
BlueSky Cobalt Strike
2023-08-28The DFIR ReportThe DFIR Report
HTML Smuggling Leads to Domain Wide Ransomware
Cobalt Strike IcedID Nokoyawa Ransomware
2023-06-12The DFIR ReportMaxime Thiebaut
A Truly Graceful Wipe Out
FlawedGrace Silence
2023-06-10The DFIR ReportThe DFIR Report
IcedID Brings ScreenConnect and CSharp Streamer to ALPHV Ransomware Deployment
BlackCat Cobalt Strike IcedID
2023-05-22The DFIR ReportThe DFIR Report
IcedID Macro Ends in Nokoyawa Ransomware
IcedID Nokoyawa Ransomware PhotoLoader
2023-04-03The DFIR ReportThe DFIR Report
Malicious ISO File Leads to Domain Wide Ransomware
Cobalt Strike IcedID Mount Locker
2023-01-09The DFIR ReportThe DFIR Report
Unwrapping Ursnifs Gifts
ISFB
2022-11-28The DFIR ReportThe DFIR Report
Emotet Strikes Again – LNK File Leads to Domain Wide Ransomware
Emotet Mount Locker
2022-09-26The DFIR ReportThe DFIR Report
BumbleBee: Round Two
BumbleBee Cobalt Strike Meterpreter
2022-09-12The DFIR ReportThe DFIR Report
Dead or Alive? An Emotet Story
Cobalt Strike Emotet
2022-08-08The DFIR ReportThe DFIR Report
BumbleBee Roasts Its Way to Domain Admin
BumbleBee Cobalt Strike
2022-07-11The DFIR ReportThe DFIR Report
SELECT XMRig FROM SQLServer
2022-06-06The DFIR ReportThe DFIR Report
Will the Real Msiexec Please Stand Up? Exploit Leads to Data Exfiltration
2022-05-09The DFIR ReportThe DFIR Report
SEO Poisoning – A Gootloader Story
GootLoader LaZagne Cobalt Strike GootKit
2022-04-25The DFIR ReportThe DFIR Report
Quantum Ransomware
Cobalt Strike IcedID
2022-04-04The DFIR Report@0xtornado, @MettalicHack, @yatinwad, @_pete_0
Stolen Images Campaign Ends in Conti Ransomware
Conti IcedID
2022-04-04The DFIR Report@0xtornado, @MettalicHack, @yatinwad, @_pete_0
Stolen Images Campaign Ends in Conti Ransomware
Conti IcedID
2022-04-04The DFIR Report@0xtornado, @MettalicHack, @yatinwad, @_pete_0
Stolen Images Campaign Ends in Conti Ransomware
Conti IcedID