Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-02-28Avast DecodedJan Vojtěšek
Lazarus and the FudModule Rootkit: Beyond BYOVD with an Admin-to-Kernel Zero-Day
FudModule
2024-02-02Cyber Kendraadmin
FritzFrog Botnet Expands Attack Arsenal with Log4Shell Exploits
FritzFrog
2024-01-30DCSODCSO CyTec
Reporting on Volt Typhoon’s “JDY” Botnet Administration Via Tor Sparks Questions
2023-10-10Qianxinadmin
Sand Cat Group - Attacks on Kurdistan Democratic Party (KDP) Activists
MOrder RAT Caracal Kitten
2022-09-14KISAKISA
TTPs#7: Analysis on Lateral Movement Strategy Using SMB/Admin Share
2022-08-08The DFIR ReportThe DFIR Report
BumbleBee Roasts Its Way to Domain Admin
BumbleBee Cobalt Strike
2022-04-05US Department of JusticeDepartment of Justice
Indictment of Dmitry Olegovich Pavlov in connection with his operation and administration of the servers used to run Hydra
2022-03-29NCSC SwitzerlandNCSC Switzerland
Woche 12: Schadsoftware «FluBot» in der Schweiz wieder aktiv und Web-Administratoren erhalten Drohmails von angeblich ukrainischen Hackern
FluBot
2022-02-23AdvIntelVitali Kremez, Yelisey Boguslavskiy
24 Hours From Log4Shell to Local Admin: Deep-Dive Into Conti Gang Attack on Fortune 500 (DFIR)
Cobalt Strike Conti
2022-02-23AdvIntelVitali Kremez, Yelisey Boguslavskiy
24 Hours From Log4Shell to Local Admin: Deep-Dive Into Conti Gang Attack on Fortune 500 (DFIR)
Cobalt Strike Conti
2021-11-29Trend MicroJaromír Hořejší
Campaign Abusing Legitimate Remote Administrator Tools Uses Fake Cryptocurrency Websites
AsyncRAT Azorult Nanocore RAT NjRAT RedLine Stealer Remcos
2021-11-16IntezerAlik Koldobsky, Joakim Kennedy
New Type of Supply Chain Attack Could Put Popular Admin Tools at Risk
2021-11-16IntezerAlik Koldobsky, Joakim Kennedy
New Type of Supply Chain Attack Could Put Popular Admin Tools at Risk
2021-11-03Team Cymrutcblogposts
Webinject Panel Administration: A Vantage Point into Multiple Threat Actor Campaigns - A Case Study on the Value of Threat Reconnaisance
DoppelDridex IcedID QakBot Zloader
2021-11-01The DFIR Report@iiamaleks, @samaritan_o
From Zero to Domain Admin
Cobalt Strike Hancitor
2021-11-01The DFIR Report@iiamaleks, @samaritan_o
From Zero to Domain Admin
Cobalt Strike Hancitor
2021-10-25MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
NOBELIUM targeting delegated administrative privileges to facilitate broader attacks
2021-06-17Norwegian Police Security Service (PST)Norwegian Police Security Service (PST)
The investigation of the computer network operation (by APT31) against public administration offices is closed
2021-06-10HUNT & HACKETTKrijn de Mik
REvil: the usage of legitimate remote admin tooling
REvil
2021-05-22Youtube (ACPEnw)YouTube (ACPEnw)
Lessons Learned from a Cyber Attack System Admin Perspective
Ryuk