Click here to download all references as Bib-File.
2022-07-20 ⋅ Advanced Intelligence ⋅ Anatomy of Attack: Truth Behind the Costa Rica Government Ransomware 5-Day Intrusion Cobalt Strike |
2022-06-07 ⋅ AdvIntel ⋅ BlackCat — In a Shifting Threat Landscape, It Helps to Land on Your Feet: Tech Dive BlackCat BlackCat Cobalt Strike |
2022-05-20 ⋅ AdvIntel ⋅ DisCONTInued: The End of Conti’s Brand Marks New Chapter For Cybercrime Landscape AvosLocker Black Basta BlackByte BlackCat Conti HelloKitty Hive |
2022-05-17 ⋅ Advanced Intelligence ⋅ Hydra with Three Heads: BlackByte & The Future of Ransomware Subsidiary Groups BlackByte Conti |
2022-05-01 ⋅ Github (k-vitali) ⋅ REvil Reborn Ransom Config REvil |
2022-04-18 ⋅ AdvIntel ⋅ Enter KaraKurt: Data Extortion Arm of Prolific Ransomware Group AvosLocker BazarBackdoor BlackByte BlackCat Cobalt Strike HelloKitty Hive |
2022-02-23 ⋅ AdvIntel ⋅ 24 Hours From Log4Shell to Local Admin: Deep-Dive Into Conti Gang Attack on Fortune 500 (DFIR) Cobalt Strike Conti |
2021-12-17 ⋅ Advanced Intelligence ⋅ Ransomware Advisory: Log4Shell Exploitation for Initial Access & Lateral Movement Conti |
2021-11-20 ⋅ Advanced Intelligence ⋅ Corporate Loader "Emotet": History of "X" Project Return for Ransomware Emotet |
2021-09-29 ⋅ Advanced Intelligence ⋅ Backup “Removal” Solutions - From Conti Ransomware With Love Cobalt Strike Conti |
2021-08-17 ⋅ Advanced Intelligence ⋅ Hunting for Corporate Insurance Policies: Indicators of [Ransom] Exfiltration Cobalt Strike Conti |
2021-08-11 ⋅ Advanced Intelligence ⋅ Secret "Backdoor" Behind Conti Ransomware Operation: Introducing Atera Agent Cobalt Strike Conti |
2021-08-05 ⋅ Twitter (@VK_intel) ⋅ Tweet on Linux variant of BlackMatter BlackMatter |
2021-07-02 ⋅ Twitter (@VK_intel) ⋅ Tweet on Revil ransomware analysis used in Kaseya attack REvil |
2021-06-29 ⋅ Twitter (@VK_intel) ⋅ Tweet on Linux version of REvil ransomware REvil |
2021-06-28 ⋅ Twitter (@VK_intel) ⋅ Tweet on ELF version of REvil REvil |
2021-06-16 ⋅ Advanced Intelligence ⋅ The Rise & Demise of Multi-Million Ransomware Business Empire Avaddon |
2021-06-08 ⋅ Advanced Intelligence ⋅ From QBot...with REvil Ransomware: Initial Attack Exposure of JBS QakBot REvil |
2021-05-14 ⋅ Advanced Intelligence ⋅ From Dawn to "Silent Night": "DarkSide Ransomware" Initial Attack Vector Evolution DarkSide |
2021-04-17 ⋅ Advanced Intelligence ⋅ Adversary Dossier: Ryuk Ransomware Anatomy of an Attack in 2021 Ryuk |