CYS586 - Digital Forensics and Investigations - Technology bibliographies - in Harvard style

In-text: (Arghire, 2022)

Your Bibliography: Arghire, I., 2022. Hackers Had Access to Red Cross Network for 70 Days | SecurityWeek.Com. [online] Securityweek.com. Available at: <https://www.securityweek.com/hackers-had-access-red-cross-network-70-days> [Accessed 17 July 2022].

In-text: (Command and Scripting Interpreter: Visual Basic, Sub-technique T1059.005 - Enterprise | MITRE ATT&CK®, n.d.)

Your Bibliography: Attack.mitre.org. n.d. Command and Scripting Interpreter: Visual Basic, Sub-technique T1059.005 - Enterprise | MITRE ATT&CK®. [online] Available at: <https://attack.mitre.org/techniques/T1059/005/> [Accessed 13 August 2022].

In-text: (Endpoint Denial of Service, Technique T1499 - Enterprise | MITRE ATT&CK®, n.d.)

Your Bibliography: Attack.mitre.org. n.d. Endpoint Denial of Service, Technique T1499 - Enterprise | MITRE ATT&CK®. [online] Available at: <https://attack.mitre.org/techniques/T1499/> [Accessed 22 August 2022].

In-text: (Awati, n.d.)

Your Bibliography: Awati, R., n.d. What are metamorphic and polymorphic malware?. [online] TechTarget - SearchSecurity. Available at: <https://www.techtarget.com/searchsecurity/definition/metamorphic-and-polymorphic-malware> [Accessed 7 August 2022].

In-text: (Bajpai, 2014)

Your Bibliography: Bajpai, P., 2014. Windows registry forensics using ‘RegRipper’ command-line on Linux - Infosec Resources. [online] Infosec Resources. Available at: <https://resources.infosecinstitute.com/topic/registry-forensics-regripper-command-line-linux/> [Accessed 25 July 2022].

In-text: (Cimpanu, 2020)

Your Bibliography: Cimpanu, C., 2020. Hacker breaches security firm in act of revenge. [online] ZDNet. Available at: <https://www.zdnet.com/article/hacker-breaches-security-firm-in-act-of-revenge/> [Accessed 10 July 2022].

In-text: (Apache Log4j Vulnerability Guidance | CISA, 2022)

Your Bibliography: Cisa.gov. 2022. Apache Log4j Vulnerability Guidance | CISA. [online] Available at: <https://www.cisa.gov/uscert/apache-log4j-vulnerability-guidance> [Accessed 9 July 2022].

In-text: (Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems | CISA, 2022)

Your Bibliography: Cisa.gov. 2022. Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems | CISA. [online] Available at: <https://www.cisa.gov/uscert/ncas/alerts/aa22-174a> [Accessed 8 August 2022].

In-text: (Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control | CISA, 2022)

Your Bibliography: Cisa.gov. 2022. Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control | CISA. [online] Available at: <https://www.cisa.gov/uscert/ncas/alerts/aa22-138b> [Accessed 8 August 2022].

In-text: (So what is Cloudflare?, 2022)

Your Bibliography: Cloudflare. 2022. So what is Cloudflare?. [online] Available at: <https://www.cloudflare.com/learning/what-is-cloudflare/> [Accessed 23 July 2022].

In-text: (What is SASE?, 2022)

Your Bibliography: Cloudflare. 2022. What is SASE?. [online] Available at: <https://www.cloudflare.com/learning/access-management/what-is-sase/> [Accessed 24 July 2022].

In-text: (Crane, 2021)

Your Bibliography: Crane, C., 2021. Polymorphic Malware and Metamorphic Malware: What You Need to Know. [online] Hashed Out by The SSL Store™. Available at: <https://www.thesslstore.com/blog/polymorphic-malware-and-metamorphic-malware-what-you-need-to-know/> [Accessed 7 August 2022].

In-text: (Cybersecurity and Infrastructure Security Agency, n.d.)

Your Bibliography: Cybersecurity and Infrastructure Security Agency, n.d. ED 22-02: Apache Log4j Recommended Mitigation Measures | CISA. [online] Cisa.gov. Available at: <https://www.cisa.gov/uscert/ed-22-02-apache-log4j-recommended-mitigation-measures> [Accessed 9 July 2022].

In-text: (Delpy, 2018)

Your Bibliography: Delpy, B., 2018. module ~ lsadump · gentilkiwi/mimikatz Wiki. [online] GitHub. Available at: <https://github.com/gentilkiwi/mimikatz/wiki/module-~-lsadump> [Accessed 16 July 2022].

In-text: (Delpy, 2020)

Your Bibliography: Delpy, B., 2020. Home · gentilkiwi/mimikatz Wiki. [online] GitHub. Available at: <https://github.com/gentilkiwi/mimikatz/wiki> [Accessed 16 July 2022].

In-text: (CYS586 - Module 7.4 Quiz, 2022)

Your Bibliography: Excelsior University. 2022. CYS586 - Module 7.4 Quiz. [online] Available at: <https://excelsior.instructure.com/courses/28895/quizzes/88898?module_item_id=2643382> [Accessed 15 August 2022].

In-text: (oleid · decalage2/oletools Wiki, 2019)

Your Bibliography: GitHub - oleic. 2019. oleid · decalage2/oletools Wiki. [online] Available at: <https://github.com/decalage2/oletools/wiki/oleid> [Accessed 13 August 2022].

In-text: (olevba · decalage2/oletools Wiki, 2019)

Your Bibliography: GitHub - olevba. 2019. olevba · decalage2/oletools Wiki. [online] Available at: <https://github.com/decalage2/oletools/wiki/olevba> [Accessed 13 August 2022].

In-text: (GitHub, 2022)

Your Bibliography: GitHub, 2022. GitHub - cisagov/log4j-affected-db: A community sourced list of log4j-affected software. [online] GitHub. Available at: <https://github.com/cisagov/log4j-affected-db> [Accessed 9 July 2022].

In-text: (GitHub - CERTCC/CVE-2021-44228_scanner: Scanners for Jar files that may be vulnerable to CVE-2021-44228, 2022)

Your Bibliography: GitHub. 2022. GitHub - CERTCC/CVE-2021-44228_scanner: Scanners for Jar files that may be vulnerable to CVE-2021-44228. [online] Available at: <https://github.com/CERTCC/CVE-2021-44228_scanner> [Accessed 9 July 2022].

In-text: (RegRipper3.0/plugins at master · keydet89/RegRipper3.0, 2022)

Your Bibliography: GitHub. 2022. RegRipper3.0/plugins at master · keydet89/RegRipper3.0. [online] Available at: <https://github.com/keydet89/RegRipper3.0/tree/master/plugins> [Accessed 24 July 2022].

In-text: (Greenberg, 2019)

Your Bibliography: Greenberg, A., 2019. A Mysterious Hacker Group Is On a Supply Chain Hijacking Spree. [online] Wired. Available at: <https://www.wired.com/story/barium-supply-chain-hackers/?redirectURL=https://www.wired.com/story/barium-supply-chain-hackers/> [Accessed 12 August 2022].

In-text: (Hope, 2021)

Your Bibliography: Hope, A., 2021. F5 Says Web Application Security Is the Greatest Cyber Threat, Also Leveraged by State-Affiliated Actors. [online] Available at: <https://www.cpomagazine.com/cyber-security/f5-says-web-application-security-is-the-greatest-cyber-threat-also-leveraged-by-state-affiliated-actors/> [Accessed 3 August 2022].

In-text: (Hylen, 2019)

Your Bibliography: Hylen, C., 2019. Imperva Security Update | Imperva. [online] Imperva. Available at: <https://www.imperva.com/blog/ceoblog/> [Accessed 10 July 2022].

In-text: (ICRC, 2022)

Your Bibliography: ICRC, 2022. Cyber-attack on ICRC: What we know. [online] ICRC - Internation Committee of the Red Cross. Available at: <https://www.icrc.org/en/document/cyber-attack-icrc-what-we-know> [Accessed 17 July 2022].

In-text: (Jones, 2021)

Your Bibliography: Jones, D., 2021. Log4j: What we know (and what's yet to come). [online] Cybersecurity Dive. Available at: <https://www.cybersecuritydive.com/news/log4j-what-is-known/611718/> [Accessed 9 July 2022].

In-text: (Kapko, 2022)

Your Bibliography: Kapko, M., 2022. CISA releases indicators of compromise for hard-hit VMware Horizon. [online] Cybersecurity Dive. Available at: <https://www.cybersecuritydive.com/news/cisa-vmware-horizon/627537/> [Accessed 8 August 2022].

In-text: (FTP "Ascii" Vs "Binary" Mode -- What It Means, and Why You Want to Use One or the Other (taken from Support Newsletter 32 June 1998), 2018)

Your Bibliography: Knowledge.broadcom.com. 2018. FTP "Ascii" Vs "Binary" Mode -- What It Means, and Why You Want to Use One or the Other (taken from Support Newsletter 32 June 1998). [online] Available at: <https://knowledge.broadcom.com/external/article/28212/ftp-ascii-vs-binary-mode-what-it-means.html> [Accessed 15 August 2022].

In-text: (Kovacs, 2015)

Your Bibliography: Kovacs, E., 2015. Developers of Mysterious Wifatch Malware Come Forward | SecurityWeek.Com. [online] Securityweek.com. Available at: <https://www.securityweek.com/developers-mysterious-wifatch-malware-come-forward> [Accessed 22 August 2022].

In-text: (Krebs, 2020)

Your Bibliography: Krebs, B., 2020. Breached Data Indexer ‘Data Viper’ Hacked – Krebs on Security. [online] Krebsonsecurity.com. Available at: <https://krebsonsecurity.com/2020/07/breached-data-indexer-data-viper-hacked/> [Accessed 10 July 2022].

In-text: (Lakshmanan, 2022)

Your Bibliography: Lakshmanan, R., 2022. Imperva Thwarts 2.5 Million RPS Ransom DDoS Extortion Attacks. [online] The Hacker News. Available at: <https://thehackernews.com/2022/03/imperva-thwarts-25-million-rps-ransom.html> [Accessed 19 August 2022].

In-text: (Fixing the authentication bypass vulnerability affecting REST APIs | ManageEngine ADSelfService Plus, 2021)

Your Bibliography: Manageengine.com. 2021. Fixing the authentication bypass vulnerability affecting REST APIs | ManageEngine ADSelfService Plus. [online] Available at: <https://www.manageengine.com/products/self-service-password/advisory/CVE-2021-40539.html> [Accessed 17 July 2022].

In-text: (Mitropoulos, 2020)

Your Bibliography: Mitropoulos, N., 2020. GCIH GIAC Certified Incident Handler All-in-One Exam Guide. McGraw-Hill.

In-text: (Montalbano, 2020)

Your Bibliography: Montalbano, E., 2020. Leaked Details of 142 Million MGM Hotel Guests Found for Sale on Dark Web. [online] Threatpost.com. Available at: <https://threatpost.com/leaked-details-142-million-mgm-hotel-guests/157402/> [Accessed 10 July 2022].

In-text: (Naveen and Raj, 2022)

Your Bibliography: Naveen, J. and Raj, K., 2022. Phishing Campaigns featuring Ursnif Trojan on the Rise | McAfee Blog. [online] McAfee Blog. Available at: <https://www.mcafee.com/blogs/other-blogs/mcafee-labs/phishing-campaigns-featuring-ursnif-trojan/> [Accessed 13 August 2022].

In-text: (Newman, 2021)

Your Bibliography: Newman, L., 2021. ‘The Internet Is on Fire’. [online] Wired. Available at: <https://www.wired.com/story/log4j-flaw-hacking-internet/?redirectURL=/story/log4j-flaw-hacking-internet/> [Accessed 9 July 2022].

In-text: (NIST, 2021)

Your Bibliography: NIST, 2021. NVD - cve-2021-40539. [online] Nvd.nist.gov. Available at: <https://nvd.nist.gov/vuln/detail/cve-2021-40539#vulnCurrentDescriptionTitle> [Accessed 17 July 2022].

In-text: (A04 Insecure Design - OWASP Top 10:2021, 2021)

Your Bibliography: Owasp.org. 2021. A04 Insecure Design - OWASP Top 10:2021. [online] Available at: <https://owasp.org/Top10/A04_2021-Insecure_Design/> [Accessed 3 August 2022].

In-text: (winzapper.zip ≈ Packet Storm, 2000)

Your Bibliography: Packetstormsecurity.com. 2000. winzapper.zip ≈ Packet Storm. [online] Available at: <https://packetstormsecurity.com/files/23505/winzapper.zip.html> [Accessed 15 August 2022].

In-text: (Scarfone, Grance, Masone and Millar, 2012)

Your Bibliography: Scarfone, K., Grance, T., Masone, K. and Millar, T., 2012. Computer security incident handling guide. [online] Available at: <https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf> [Accessed 9 July 2022].

In-text: (Seals, 2019)

Your Bibliography: Seals, T., 2019. Imperva: Data Breach Caused by Cloud Misconfiguration. [online] Threatpost.com. Available at: <https://threatpost.com/imperva-data-breach-cloud-misconfiguration/149127/> [Accessed 10 July 2022].

In-text: (Operation ShadowHammer: A High Profile Supply Chain Attack, 2019)

Your Bibliography: SECURELIST By Kaspersky. 2019. Operation ShadowHammer: A High Profile Supply Chain Attack. [online] Available at: <https://securelist.com/operation-shadowhammer-a-high-profile-supply-chain-attack/90380/> [Accessed 13 August 2022].

In-text: (Swiss Government Emergency Response Team, 2021)

Your Bibliography: Swiss Government Emergency Response Team, 2021. Zero-Day Exploit Targeting Popular Java Library Log4j. [online] Govcert.ch. Available at: <https://www.govcert.ch/blog/zero-day-exploit-targeting-popular-java-library-log4j/> [Accessed 9 July 2022].

In-text: (VNC Server 'password' Password, 2022)

Your Bibliography: Tenable.com. 2022. VNC Server 'password' Password. [online] Available at: <https://www.tenable.com/plugins/nessus/61708> [Accessed 11 July 2022].

In-text: (VirusTotal, n.d.)

Your Bibliography: Virustotal.com. n.d. VirusTotal. [online] Available at: <https://www.virustotal.com/gui/home/upload> [Accessed 13 August 2022].

In-text: (Wilson, 2011)

Your Bibliography: Wilson, T., 2011. 'Night Dragon' Attacks Threaten Major Energy Firms. [online] Dark Reading. Available at: <https://www.darkreading.com/attacks-breaches/-night-dragon-attacks-threaten-major-energy-firms> [Accessed 7 August 2022].

In-text: (Yoachimik, 2021)

Your Bibliography: Yoachimik, O., 2021. How to customize your HTTP DDoS protection settings. [online] Cloudflare - Cloudflare Blog. Available at: <https://blog.cloudflare.com/http-ddos-managed-rules/> [Accessed 24 July 2022].

In-text: (Yoachimik, 2022)

Your Bibliography: Yoachimik, O., 2022. A deep-dive into Cloudflare’s autonomous edge DDoS protection. [online] Cloudflare - Cloudflare Blog. Available at: <https://blog.cloudflare.com/deep-dive-cloudflare-autonomous-edge-ddos-protection/> [Accessed 24 July 2022].

In-text: (Yoachimik, 2022)

Your Bibliography: Yoachimik, O., 2022. Mantis - the most powerful botnet to date. [online] Cloudflare - Cloudflare Blog. Available at: <https://blog.cloudflare.com/mantis-botnet/> [Accessed 23 July 2022].