Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-12-04The DFIR ReportThe DFIR Report
SQL Brute Force leads to Bluesky Ransomware
BlueSky Cobalt Strike
2023-08-28The DFIR ReportThe DFIR Report
HTML Smuggling Leads to Domain Wide Ransomware
Cobalt Strike IcedID Nokoyawa Ransomware
2023-06-12The DFIR ReportMaxime Thiebaut
A Truly Graceful Wipe Out
FlawedGrace Silence
2023-05-22The DFIR ReportThe DFIR Report
IcedID Macro Ends in Nokoyawa Ransomware
IcedID Nokoyawa Ransomware PhotoLoader
2023-04-03The DFIR ReportThe DFIR Report
Malicious ISO File Leads to Domain Wide Ransomware
Cobalt Strike IcedID Mount Locker
2023-01-09The DFIR ReportThe DFIR Report
Unwrapping Ursnifs Gifts
ISFB
2022-11-28The DFIR ReportThe DFIR Report
Emotet Strikes Again – LNK File Leads to Domain Wide Ransomware
Emotet Mount Locker
2022-09-26The DFIR ReportThe DFIR Report
BumbleBee: Round Two
BumbleBee Cobalt Strike Meterpreter
2022-09-12The DFIR ReportThe DFIR Report
Dead or Alive? An Emotet Story
Cobalt Strike Emotet
2022-08-08The DFIR ReportThe DFIR Report
BumbleBee Roasts Its Way to Domain Admin
BumbleBee Cobalt Strike
2022-07-11The DFIR ReportThe DFIR Report
SELECT XMRig FROM SQLServer
2022-06-06The DFIR ReportThe DFIR Report
Will the Real Msiexec Please Stand Up? Exploit Leads to Data Exfiltration
2022-05-09The DFIR ReportThe DFIR Report
SEO Poisoning – A Gootloader Story
GootLoader LaZagne Cobalt Strike GootKit
2022-04-25The DFIR ReportThe DFIR Report
Quantum Ransomware
Cobalt Strike IcedID
2022-04-04The DFIR Report@0xtornado, @MettalicHack, @yatinwad, @_pete_0
Stolen Images Campaign Ends in Conti Ransomware
Conti IcedID
2022-04-04The DFIR Report@0xtornado, @MettalicHack, @yatinwad, @_pete_0
Stolen Images Campaign Ends in Conti Ransomware
Conti IcedID
2022-04-04The DFIR Report@0xtornado, @MettalicHack, @yatinwad, @_pete_0
Stolen Images Campaign Ends in Conti Ransomware
Conti IcedID
2022-04-04The DFIR Report@0xtornado, @MettalicHack, @yatinwad, @_pete_0
Stolen Images Campaign Ends in Conti Ransomware
Conti IcedID
2022-03-21The DFIR ReportThe DFIR Report
APT35 Automates Initial Access Using ProxyShell
2022-03-07The DFIR ReportThe DFIR Report
2021 Year In Review
Cobalt Strike