Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-08-05Twitter (@AltShiftPrtScn)Peter Mackenzie
Tweet on Conti ransomware affiliates using AnyDesk, Atera, Splashtop, Remote Utilities and ScreenConnect to maintain network access
2021-08-05Twitter (@AltShiftPrtScn)Peter Mackenzie
Tweet on Lorenz ransomware tricking user into allowing OAuth permissions to "Thunderbird with ExQuilla" for O365
2021-07-21Twitter (@AltShiftPrtScn)Peter Mackenzie
Tweet on Conti ransomware actor installing AnyDesk for remote access in victim environment
2021-06-12Twitter (@AltShiftPrtScn)Peter Mackenzie
A thread on RagnarLocker ransomware group's TTP seen in an Incident Response
Cobalt Strike RagnarLocker
2021-04-22Twitter (@AltShiftPrtScn)Peter Mackenzie
Twwet On TTPs seen in IR used by DOPPEL SPIDER
Cobalt Strike DoppelPaymer
2021-01-17Twitter (@AltShiftPrtScn)Peter Mackenzie
Tweet on Conti Ransomware group exploiting FortiGate VPNs to drop in CobaltStrike loaders
Cobalt Strike Conti