Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-16Twitter (@GossiTheDog)Kevin Beaumont
@online{beaumont:20210916:some:550bbaa, author = {Kevin Beaumont}, title = {{Tweet on some unknown threat actor dropping Mgbot, custom IIS modular backdoor and cobalstrike using exploiting ProxyShell}}, date = {2021-09-16}, organization = {Twitter (@GossiTheDog)}, url = {https://twitter.com/GossiTheDog/status/1438500100238577670}, language = {English}, urldate = {2021-09-20} } Tweet on some unknown threat actor dropping Mgbot, custom IIS modular backdoor and cobalstrike using exploiting ProxyShell
Cobalt Strike MgBot
2021-06-27Twitter (@GossiTheDog)Kevin Beaumont
@online{beaumont:20210627:babuk:a031da5, author = {Kevin Beaumont}, title = {{Tweet on babuk ransomware builder}}, date = {2021-06-27}, organization = {Twitter (@GossiTheDog)}, url = {https://twitter.com/GossiTheDog/status/1409117153182224386}, language = {English}, urldate = {2021-07-01} } Tweet on babuk ransomware builder
Babuk
2020-12-19Twitter (@GossiTheDog)Kevin Beaumont
@online{beaumont:20201219:twitter:7b4cb8f, author = {Kevin Beaumont}, title = {{A twitter thread on Azure sentinel hunting queries for detecting UNC2452 activity}}, date = {2020-12-19}, organization = {Twitter (@GossiTheDog)}, url = {https://twitter.com/GossiTheDog/status/1340035657838850048}, language = {English}, urldate = {2020-12-19} } A twitter thread on Azure sentinel hunting queries for detecting UNC2452 activity