| https://blog.compass-security.com/2022/03/vpn-appliance-forensics/ |
| https://blogs.vmware.com/security/2022/09/esxi-targeting-ransomware-the-threats-that-are-after-your-virtual-machines-part-1.html |
| https://lifars.com/wp-content/uploads/2022/02/LockBitRansomware_Whitepaper.pdf |
| https://security.packt.com/understanding-lockbit/ |
| https://socradar.io/lockbit-3-another-upgrade-to-worlds-most-active-ransomware/ |
| https://www.bleepingcomputer.com/news/security/lockbit-victim-estimates-cost-of-ransomware-attack-to-be-42-million/ |
| https://www.crowdstrike.com/blog/better-together-global-attitude-survey-takeaways-2021/ |
| https://www.dragos.com/blog/industry-news/dragos-ics-ot-ransomware-analysis-q4-2021/ |
| https://www.fortinet.com/blog/threat-research/ransomware-roundup-new-variants |
| https://www.ic3.gov/Media/News/2022/220204.pdf |
| https://www.microsoft.com/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself |
| https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/conti-leaks-examining-the-panama-papers-of-ransomware.html |
| https://www.trendmicro.com/en_us/research/22/a/analysis-and-Impact-of-lockbit-ransomwares-first-linux-and-vmware-esxi-variant.html |
| https://amgedwageh.medium.com/lockbit-ransomware-analysis-notes-93a542fc8511 |
| https://analyst1.com/blog/ransom-mafia-analysis-of-the-worlds-first-ransomware-cartel |
| https://analyst1.com/file-assets/RANSOM-MAFIA-ANALYSIS-OF-THE-WORLD%E2%80%99S-FIRST-RANSOMWARE-CARTEL.pdf |
| https://asec.ahnlab.com/en/35822/ |
| https://asec.ahnlab.com/ko/39682/ |
| https://blog.cyble.com/2021/08/16/a-deep-dive-analysis-of-lockbit-2-0/ |
| https://blog.cyble.com/2022/07/05/lockbit-3-0-ransomware-group-launches-new-version/ |
| https://blog.lexfo.fr/lockbit-malware.html |
| https://blog.minerva-labs.com/lockbit-3.0-aka-lockbit-black-is-here-with-a-new-icon-new-ransom-note-new-wallpaper-but-less-evasiveness |
| https://blog.morphisec.com/the-babadeda-crypter-targeting-crypto-nft-defi-communities |
| https://blog.talosintelligence.com/2020/09/CTIR-quarterly-trends-Q4-2020.html |
| https://chuongdong.com/reverse%20engineering/2022/03/19/LockbitRansomware/ |
| https://cluster25.io/2022/07/06/lockbit-3-0-making-the-ransomware-great-again/ |
| https://cybergeeks.tech/a-technical-analysis-of-the-leaked-lockbit-3-0-builder/ |
| https://docs.google.com/spreadsheets/d/1MI8Z2tBhmqQ5X8Wf_ozv3dVjz5sJOs-3 |
| https://documents.trendmicro.com/assets/pdf/datasheet-ransomware-in-Q1-2022.pdf |
| https://github.com/albertzsigovits/malware-notes/blob/master/Ransomware/Lockbit.md |
| https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2021GTR.pdf |
| https://id-ransomware.blogspot.com/search?q=lockbit |
| https://intel471.com/blog/conti-ransomware-cooperation-maze-lockbit-ragnar-locker |
| https://intel471.com/blog/privateloader-malware |
| https://ke-la.com/lockbit-2-0-interview-with-russian-osint/ |
| https://ke-la.com/zooming-into-darknet-threats-targeting-jp-orgs-kela/ |
| https://lifars.com/wp-content/uploads/2022/02/LockBitRansomware_Whitepaper.pdf |
| https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/06/23093553/Common-TTPs-of-the-modern-ransomware_low-res.pdf |
| https://medium.com/@amgedwageh/lockbit-ransomware-analysis-notes-93a542fc8511 |
| https://medium.com/s2wlab/w4-jan-en-story-of-the-week-ransomware-on-the-darkweb-7595544363b1 |
| https://medium.com/s2wlab/w4-july-en-story-of-the-week-ransomware-on-the-darkweb-c61965d0386a |
| https://news.sophos.com/en-us/2020/04/24/lockbit-ransomware-borrows-tricks-to-keep-up-with-revil-and-maze/ |
| https://news.sophos.com/en-us/2020/10/21/lockbit-attackers-uses-automated-attack-tools-to-identify-tasty-targets |
| https://news.sophos.com/en-us/2022/03/17/the-ransomware-threat-intelligence-center/ |
| https://news.sophos.com/en-us/2022/04/12/attackers-linger-on-government-agency-computers-before-deploying-lockbit-ransomware/ |
| https://redcanary.com/blog/intelligence-insights-november-2021/ |
| https://research.nccgroup.com/2022/08/19/back-in-black-unlocking-a-lockbit-3-0-ransomware-attack |
| https://securelist.com/modern-ransomware-groups-ttps/106824/ |
| https://securelist.com/new-ransomware-trends-in-2022/106457/ |
| https://security.packt.com/understanding-lockbit/ |
| https://securityintelligence.com/posts/lockbit-ransomware-attacks-surge-affiliate-recruitment/ |
| https://securityscorecard.com/research/the-increase-in-ransomware-attacks-on-local-governments |
| https://seguranca-informatica.pt/malware-analysis-details-on-lockbit-ransomware/ |
| https://skyblue.team/posts/hive-recovery-from-lockbit-2.0/ |
| https://socradar.io/lockbit-3-another-upgrade-to-worlds-most-active-ransomware/ |
| https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/lockbit-targets-servers |
| https://symantec.broadcom.com/hubfs/The_Ransomware_Threat_September_2021.pdf |
| https://talos-intelligence-site.s3.amazonaws.com/production/document_files/files/000/095/481/original/010421_LockBit_Interview.pdf |
| https://techcommunity.microsoft.com/t5/security-compliance-and-identity/part-1-lockbit-2-0-ransomware-bugs-and-database-recovery/ba-p/3254354 |
| https://techcommunity.microsoft.com/t5/security-compliance-and-identity/part-2-lockbit-2-0-ransomware-bugs-and-database-recovery/ba-p/3254421 |
| https://therecord.media/an-interview-with-blackmatter-a-new-ransomware-group-thats-learning-from-the-mistakes-of-darkside-and-revil/ |
| https://therecord.media/australian-cybersecurity-agency-warns-of-spike-in-lockbit-ransomware-attacks/ |
| https://therecord.media/conti-ransomware-gang-chats-leaked-by-pro-ukraine-member/ |
| https://therecord.media/missed-opportunity-bug-in-lockbit-ransomware-allowed-free-decryptions/ |
| https://twitter.com/MsftSecIntel/status/1522690116979855360 |
| https://umbrella.cisco.com/blog/cybersecurity-threat-spotlight-blackmatter-lockbit-thor |
| https://unit42.paloaltonetworks.com/emerging-ransomware-groups/ |
| https://unit42.paloaltonetworks.com/lockbit-2-ransomware/ |
| https://www.advanced-intel.com/post/from-russia-with-lockbit-ransomware-inside-look-preventive-solutions |
| https://www.bleepingcomputer.com/news/security/blackmatter-ransomware-moves-victims-to-lockbit-after-shutdown/ |
| https://www.bleepingcomputer.com/news/security/energy-group-erg-reports-minor-disruptions-after-ransomware-attack/ |
| https://www.bleepingcomputer.com/news/security/lockbit-ransomware-gang-claims-attack-on-bridgestone-americas/ |
| https://www.bleepingcomputer.com/news/security/lockbit-ransomware-gang-gets-aggressive-with-triple-extortion-tactic/ |
| https://www.bleepingcomputer.com/news/security/lockbit-ransomware-now-encrypts-windows-domains-using-group-policies/ |
| https://www.bleepingcomputer.com/news/security/lockbit-ransomware-recruiting-insiders-to-breach-corporate-networks/ |
| https://www.bleepingcomputer.com/news/security/lockbit-victim-estimates-cost-of-ransomware-attack-to-be-42-million/ |
| https://www.bleepingcomputer.com/news/security/popular-russian-hacking-forum-xss-bans-all-ransomware-topics/ |
| https://www.bleepingcomputer.com/news/security/ransomware-attack-hits-italys-lazio-region-affects-covid-19-site/ |
| https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-april-1st-2022-i-can-fight-with-a-keyboard/ |
| https://www.bleepingcomputer.com/news/security/uk-rail-network-merseyrail-likely-hit-by-lockbit-ransomware/ |
| https://www.connectwise.com/resources/lockbit-profile |
| https://www.coveware.com/blog/2022/1/26/ransomware-as-a-service-innovation-curve |
| https://www.coveware.com/blog/ransomware-attack-vectors-shift-as-new-software-vulnerability-exploits-abound |
| https://www.crowdstrike.com/blog/better-together-global-attitude-survey-takeaways-2021/ |
| https://www.crowdstrike.com/blog/big-game-hunting-on-the-rise-again-according-to-ecrime-index/ |
| https://www.crowdstrike.com/blog/double-trouble-ransomware-data-leak-extortion-part-1 |
| https://www.crowdstrike.com/blog/double-trouble-ransomware-data-leak-extortion-part-1/ |
| https://www.crowdstrike.com/blog/how-crowdstrike-prevents-volume-shadow-tampering-by-lockbit-ransomware/ |
| https://www.crypsisgroup.com/insights/ransomwares-new-trend-exfiltration-and-extortion |
| https://www.cybereason.com/blog/rising-threat-from-lockbit-ransomware |
| https://www.cybereason.com/blog/threat-analysis-report-inside-the-lockbit-arsenal-the-stealbit-exfiltration-tool |
| https://www.cybereason.com/blog/threat-analysis-report-lockbit-2.0-all-paths-lead-to-ransom |
| https://www.cyborgsecurity.com/cyborg_labs/hunting-ransomware-inhibiting-system-backup-or-recovery/ |
| https://www.dr.dk/nyheder/viden/teknologi/frygtede-skulle-lukke-alle-vindmoeller-nu-aabner-vestas-op-om-hacking-angreb |
| https://www.dragos.com/blog/industry-news/dragos-ics-ot-ransomware-analysis-q4-2021/ |
| https://www.fortinet.com/blog/threat-research/ransomware-roundup-new-variants |
| https://www.glimps.fr/lockbit3-0/ |
| https://www.ic3.gov/Media/News/2022/220204.pdf |
| https://www.intrinsec.com/alphv-ransomware-gang-analysis |
| https://www.lemagit.fr/actualites/252516821/Ransomware-LockBit-30-commence-a-etre-utilise-dans-des-cyberattaques |
| https://www.mandiant.com/resources/unc2165-shifts-to-evade-sanctions |
| https://www.mbsd.jp/2021/10/27/assets/images/MBSD_WhitePaper_A-deep-dive-analysis-of-LockBit2.0_Ransomware.pdf |
| https://www.microsoft.com/security/blog/2020/04/28/ransomware-groups-continue-to-target-healthcare-critical-services-heres-how-to-reduce-risk/ |
| https://www.microsoft.com/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself |
| https://www.microsoft.com/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/ |
| https://www.netskope.com/blog/netskope-threat-coverage-lockbit |
| https://www.prodaft.com/m/reports/LockBit_Case_Report___TLPWHITE.pdf |
| https://www.recordedfuture.com/blackmatter-ransomware-successor-darkside-revil/ |
| https://www.sentinelone.com/blog/living-off-windows-defender-lockbit-ransomware-sideloads-cobalt-strike-through-microsoft-security-tool/ |
| https://www.sentinelone.com/labs/lockbit-3-0-update-unpicking-the-ransomwares-latest-anti-analysis-and-evasion-techniques/ |
| https://www.sentinelone.com/labs/lockbit-ransomware-side-loads-cobalt-strike-beacon-with-legitimate-vmware-utility |
| https://www.sentinelone.com/labs/lockbit-ransomware-side-loads-cobalt-strike-beacon-with-legitimate-vmware-utility/ |
| https://www.splunk.com/en_us/blog/security/gone-in-52-seconds-and-42-minutes-a-comparative-analysis-of-ransomware-encryption-speed.html |
| https://www.splunk.com/en_us/pdfs/resources/whitepaper/an-empirically-comparative-analysis-of-ransomware-binaries.pdf |
| https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/conti-leaks-examining-the-panama-papers-of-ransomware.html |
| https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/d/thwarting-loaders-from-socgholish-to-blisters-lockbit-payload/iocs-thwarting-loaders-socgholish-blister.txt |
| https://www.trendmicro.com/en_no/research/22/d/Thwarting-Loaders-From-SocGholish-to-BLISTERs-LockBit-Payload.html |
| https://www.trendmicro.com/en_us/research/21/h/lockbit-resurfaces-with-version-2-0-ransomware-detections-in-chi.html |
| https://www.trendmicro.com/en_us/research/22/a/analysis-and-Impact-of-lockbit-ransomwares-first-linux-and-vmware-esxi-variant.html |
| https://www.trendmicro.com/en_us/research/22/d/Thwarting-Loaders-From-SocGholish-to-BLISTERs-LockBit-Payload.html |
| https://www.trendmicro.com/en_us/research/22/g/lockbit-ransomware-group-augments-its-latest-variant--lockbit-3-.html |
| https://www.trendmicro.com/vinfo/us/security/news/ransomware-by-the-numbers/lockbit-conti-and-blackcat-lead-pack-amid-rise-in-active-raas-and-extortion-groups-ransomware-in-q1-2022 |
| https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-lockbit |
| https://www.welivesecurity.com/wp-content/uploads/2020/07/ESET_Threat_Report_Q22020.pdf |
| https://www.youtube.com/watch?v=C733AyPzkoc |
| https://www.zdnet.com/article/ransomware-hits-helicopter-maker-kopter/ |
| https://yoroi.company/research/hunting-the-lockbit-gangs-exfiltration-infrastructures/ |