Click here to download all references as Bib-File.
| 2023-12-05 ⋅ Proofpoint ⋅ TA422’s Dedicated Exploitation Loop—the Same Week After Week |
| 2023-11-30 ⋅ Blackberry ⋅ AeroBlade on the Hunt Targeting the U.S. Aerospace Industry |
| 2023-10-26 ⋅ Avast Decoded ⋅ Rhysida Ransomware Technical Analysis Rhysida |
| 2023-10-16 ⋅ Sekoia ⋅ ClearFake: a newcomer to the “fake updates” threats landscape ClearFake |
| 2023-09-20 ⋅ Proofpoint ⋅ Chinese Malware Appears in Earnest Across Cybercrime Threat Landscape FatalRat PurpleFox ValleyRAT |
| 2023-08-07 ⋅ Team Cymru ⋅ Visualizing Qakbot Infrastructure Part II: Uncharted Territory QakBot |
| 2023-07-28 ⋅ Team Cymru ⋅ Inside the IcedID BackConnect Protocol (Part 2) IcedID |
| 2023-07-25 ⋅ splunk ⋅ Amadey Threat Analysis and Detections Amadey |
| 2023-07-08 ⋅ Blackberry ⋅ RomCom Threat Actor Suspected of Targeting Ukraine's NATO Membership Talks at the NATO Summit ROMCOM RAT |
| 2023-06-29 ⋅ Avast Decoded ⋅ Decrypted: Akira Ransomware Akira |
| 2023-06-28 ⋅ BI. ZONE Cyber Threats Research Team ⋅ Red Wolf is back to spy on commercial firms Red Wolf is back to spy on commercial firms RedCurl |
| 2023-06-23 ⋅ Phylum ⋅ Phylum Discovers Sophisticated Ongoing Attack on NPM |
| 2023-06-21 ⋅ Elastic ⋅ Initial research exposing JOKERSPY JokerSpy |
| 2023-06-15 ⋅ Team Cymru ⋅ Darth Vidar: The Aesir Strike Back Vidar |
| 2023-05-25 ⋅ cyble ⋅ Invicta Stealer Spreading Through Phony GoDaddy Refund Invoices Invicta Stealer |
| 2023-05-08 ⋅ Blackberry ⋅ SideWinder Uses Server-side Polymorphism to Attack Pakistan Government Officials — and Is Now Targeting Turkey |
| 2023-04-19 ⋅ Team Cymru ⋅ AllaKore(d) the SideCopy Train AllaKore |
| 2023-04-04 ⋅ Team Cymru ⋅ A Blog with NoName Dosia |
| 2023-03-31 ⋅ Blackberry ⋅ Initial Implants and Network Analysis Suggest the 3CX Supply Chain Operation Goes Back to Fall 2022 3CX Backdoor |
| 2023-03-31 ⋅ splunk ⋅ Splunk Insights: Investigating the 3CXDesktopApp Supply Chain Compromise 3CX Backdoor |