Click here to download all references as Bib-File.
| 2023-08-07 ⋅ Team Cymru ⋅ Visualizing Qakbot Infrastructure Part II: Uncharted Territory QakBot |
| 2023-07-28 ⋅ Team Cymru ⋅ Inside the IcedID BackConnect Protocol (Part 2) IcedID |
| 2023-06-15 ⋅ Team Cymru ⋅ Darth Vidar: The Aesir Strike Back Vidar |
| 2023-05-17 ⋅ Team Cymru ⋅ Visualizing QakBot Infrastructure QakBot |
| 2023-04-19 ⋅ Team Cymru ⋅ AllaKore(d) the SideCopy Train AllaKore |
| 2023-04-08 ⋅ Team Cymru ⋅ Deriving Insight from Threat Actor Infrastructure Raccoon |
| 2023-04-04 ⋅ Team Cymru ⋅ A Blog with NoName Dosia |
| 2023-03-16 ⋅ Team Cymru ⋅ MoqHao Part 3: Recent Global Targeting Trends MoqHao |
| 2023-02-24 ⋅ Team Cymru ⋅ Desde Chile con Malware (From Chile with Malware) IcedID PhotoLoader |
| 2023-01-19 ⋅ Team Cymru ⋅ Darth Vidar: The Dark Side of Evolving Threat Infrastructure Vidar |
| 2022-12-21 ⋅ Team Cymru ⋅ Inside the IcedID BackConnect Protocol IcedID |
| 2022-10-07 ⋅ Team Cymru ⋅ A Visualizza into Recent IcedID Campaigns: Reconstructing Threat Actor Metrics with Pure Signal™ Recon IcedID PhotoLoader |
| 2022-09-29 ⋅ Team Cymru ⋅ Seychelles, Seychelles, on the C(2) Shore: An overview of a bulletproof hosting provider named ELITETEAM. Amadey Raccoon RedLine Stealer SmokeLoader STOP |
| 2022-09-05 ⋅ Team Cymru ⋅ Mythic Case Study: Assessing Common Offensive Security Tools |
| 2022-07-12 ⋅ Team Cymru ⋅ An Analysis of Infrastructure linked to the Hagga Threat Actor Agent Tesla |
| 2022-07-12 ⋅ Team Cymru ⋅ An Analysis of Infrastructure linked to the Hagga Threat Actor |
| 2022-05-25 ⋅ Team Cymru ⋅ Bablosoft; Lowering the Barrier of Entry for Malicious Actors BlackGuard BumbleBee RedLine Stealer |
| 2022-04-29 ⋅ Team Cymru ⋅ Sliver Case Study: Assessing Common Offensive Security Tools The Use of the Sliver C2 Framework for Malicious Purposes Sliver |
| 2022-04-07 ⋅ Team Cymru ⋅ MoqHao Part 2: Continued European Expansion MoqHao |
| 2022-03-23 ⋅ Team Cymru ⋅ Raccoon Stealer – An Insight into Victim “Gates” Raccoon |