Bryan Lee, Author at Unit42

34,968

people reacted

Behind the Scenes with OilRig

By Bryan Lee and Robert Falcone
April 30, 2019 at 6:00 AM

24 min. read

DarkHydrus delivers new Trojan that can use Google Drive for C2 communications

By Robert Falcone and Bryan Lee
January 18, 2019 at 10:40 AM

14 min. read

Dear Joohn: The Sofacy Group’s Global Campaign

By Bryan Lee and Robert Falcone
December 12, 2018 at 6:00 AM

14 min. read

16,865

people reacted

Sofacy Continues Global Attacks and Wheels Out New ‘Cannon’ Trojan

By Robert Falcone and Bryan Lee
November 20, 2018 at 6:00 AM

13 min. read

8,939

people reacted

New KONNI Malware attacking Eurasia and Southeast Asia

By Josh Grunzweig and Bryan Lee
September 27, 2018 at 8:00 AM

10 min. read

10,086

people reacted

OilRig targets a Middle Eastern Government and Adds Evasion Techniques to OopsIE

By Robert Falcone, Bryan Lee and Riley Porter
September 4, 2018 at 1:00 PM

9 min. read

13,198

people reacted

New Threat Actor Group DarkHydrus Targets Middle East Government

By Robert Falcone, Bryan Lee and Tom Lancaster
July 27, 2018 at 4:15 PM

9 min. read

OilRig Targets Technology Service Provider and Government Agency with QUADAGENT

By Bryan Lee and Robert Falcone
July 25, 2018 at 5:00 AM

14 min. read

27,547

people reacted

Sofacy Group’s Parallel Attacks

By Bryan Lee and Robert Falcone
June 6, 2018 at 5:00 AM

11 min. read

31,791

people reacted

Sofacy Attacks Multiple Government Entities

By Bryan Lee, Mike Harbison and Robert Falcone
February 28, 2018 at 10:00 AM

12 min. read

22,734

people reacted

OopsIE! OilRig Uses ThreeDollars to Deliver New Trojan

By Bryan Lee and Robert Falcone
February 23, 2018 at 5:00 AM

11 min. read

20,515

people reacted

OilRig Group Steps Up Attacks with New Delivery Documents and New Injector Trojan

By Robert Falcone and Bryan Lee
October 9, 2017 at 10:00 AM

12 min. read

17,276

people reacted

Striking Oil: A Closer Look at Adversary Infrastructure

By Robert Falcone and Bryan Lee
September 26, 2017 at 1:00 PM

8 min. read

22,226

people reacted

TwoFace Webshell: Persistent Access Point for Lateral Movement

By Robert Falcone and Bryan Lee
July 31, 2017 at 5:00 AM

12 min. read

22,643

people reacted

OilRig Uses ISMDoor Variant; Possibly Linked to Greenbug Threat Group

By Robert Falcone and Bryan Lee
July 27, 2017 at 5:00 AM

14 min. read

Posts created by: Bryan Lee

Behind the Scenes with OilRig

DarkHydrus delivers new Trojan that can use Google Drive for C2 communications

Dear Joohn: The Sofacy Group’s Global Campaign

Sofacy Continues Global Attacks and Wheels Out New ‘Cannon’ Trojan

New KONNI Malware attacking Eurasia and Southeast Asia

OilRig targets a Middle Eastern Government and Adds Evasion Techniques to OopsIE

New Threat Actor Group DarkHydrus Targets Middle East Government

OilRig Targets Technology Service Provider and Government Agency with QUADAGENT

Sofacy Group’s Parallel Attacks

Sofacy Attacks Multiple Government Entities

OopsIE! OilRig Uses ThreeDollars to Deliver New Trojan

OilRig Group Steps Up Attacks with New Delivery Documents and New Injector Trojan

Striking Oil: A Closer Look at Adversary Infrastructure

TwoFace Webshell: Persistent Access Point for Lateral Movement

OilRig Uses ISMDoor Variant; Possibly Linked to Greenbug Threat Group

Popular Resources

Legal Notices

Account

Trending

Popular Resources

Legal Notices

Account