Click here to download all references as Bib-File.•
| 2023-11-01
⋅
nccgroup
⋅
Popping Blisters for research: An overview of past payloads and exploring recent developments Blister Cobalt Strike |
| 2022-09-02
⋅
nccgroup
⋅
Sharkbot is back in Google Play SharkBot |
| 2022-08-19
⋅
nccgroup
⋅
Back in Black: Unlocking a LockBit 3.0 Ransomware Attack FAKEUPDATES Cobalt Strike LockBit |
| 2022-08-04
⋅
nccgroup
⋅
Top of the Pops: Three common ransomware entry techniques |
| 2022-05-20
⋅
nccgroup
⋅
Metastealer – filling the Racoon void MetaStealer |
| 2022-04-28
⋅
nccgroup
⋅
LAPSUS$: Recent techniques, tactics and procedures |
| 2022-03-31
⋅
nccgroup
⋅
Conti-nuation: methods and techniques observed in operations post the leaks Cobalt Strike Conti QakBot |
| 2022-03-25
⋅
nccgroup
⋅
Mining data from Cobalt Strike beacons Cobalt Strike |
| 2021-11-08
⋅
nccgroup
⋅
TA505 exploits SolarWinds Serv-U vulnerability (CVE-2021-35211) for initial access TiltedTemple |
| 2021-10-11
⋅
NCC Group
⋅
SnapMC skips ransomware, steals data |
| 2021-06-14
⋅
nccgroup
⋅
Incremental Machine Learning by Example: Detecting Suspicious Activity with Zeek Data Streams, River, and JA3 Hashes |
| 2021-01-31
⋅
Twitter (@NCCGroupInfosec)
⋅
Tweet on ITW exploitation of 0-day in SonicWall SMA 100 series |
| 2021-01-15
⋅
nccgroup
⋅
Sign over Your Hashes – Stealing NetNTLM Hashes via Outlook Signatures |
| 2018-11-22
⋅
nccgroup
⋅
Turla PNG Dropper is back Uroburos Turla |
| 2018-11-22
⋅
nccgroup
⋅
Turla PNG Dropper is back Uroburos Turla |
| 2018-03-16
⋅
Github (nccgroup)
⋅
Royal APT - APT15 Repository BS2005 MS Exchange Tool RoyalCli Royal DNS APT15 |
| 2017-04-03
⋅
Github (nccgroup)
⋅
Technical Notes on RedLeaves RedLeaves |
| 2016-07-14
⋅
Github (nccgroup)
⋅
Technical Notes on Sakula Sakula RAT |