Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-04-28NetresecErik Hjelmvik
Decoding njRAT traffic with NetworkMiner
NjRAT
2025-04-25CensysCensys
The Persistent Threat of Salt Typhoon: Tracking Exposures of Potentially Targeted Devices
MASOL
2025-04-25Twitter (@teamcymru_S2)TEAM CYMRU S2 THREAT RESEARCH
Tweet on North Korean Cyber Ops Leveraging Russian Infrastructure
2025-04-25HiSolutionsNicolas Sprenger
Rolling in the Deep(Web): Lazarus Tsunami
tsunami
2025-04-24MandiantMandiant
M-Trends 2025 Report
Akira Black Basta LockBit SystemBC GootLoader LockBit WIREFIRE Akira Black Basta Cobalt Strike LockBit RansomHub SystemBC
2025-04-24Positive TechnologiesPT Expert Security Center
Crypters And Tools. Part 2: Different Paws — Same Tangle
2025-04-240xreverseUtku Çorbacı
Understanding Alcatraz ~ Obfuscator Analysis [EN]
2025-04-24Silent PushSilent Push
Contagious Interview (DPRK) Launches a New Campaign Creating Three Front Companies to Deliver a Trio of Malware: BeaverTail, InvisibleFerret, and OtterCookie
BeaverTail OtterCookie FrostyFerret GolangGhost InvisibleFerret GolangGhost
2025-04-23MicrosoftMicrosoft Threat Intelligence
Understanding the threat landscape for Kubernetes and containerized assets
2025-04-23Trend MicroFeike Hacquebord, Stephen Hilt
Russian Infrastructure Plays Crucial Role in North Korean Cybercrime Operations
BeaverTail FrostyFerret GolangGhost InvisibleFerret GolangGhost
2025-04-23PorthasHassan Faraz, Mohamed Talaat
Breaking the B0 ransomware: Investigation & Decryption
B0
2025-04-23Medium b.magnezi0xMrMagnezi
AsyncRAT Malware Analysis
AsyncRAT
2025-04-22Kaspersky LabsAlexander Demidov, Georgy Kucherin, Igor Kuznetsov
Russian organizations targeted by backdoor masquerading as secure networking software updates
2025-04-22VolexityCharlie Gardner, Josh Duke, Matthew Meltzer, Sean Koessel, Steven Adair, Tom Lancaster
Phishing for Codes: Russian Threat Actors Target Microsoft 365 OAuth Workflows
2025-04-21Twitter (@browsercookies)Cookie Connoisseur
Tweet on public Google Drive potentially connected to DPRK activity.
2025-04-17Cisco TalosJoey Chen
Unmasking the new XorDDoS controller and infrastructure
XOR DDoS
2025-04-17ProofpointGreg Lesnewich, Josh Miller, Mark Kelly, Saher Naumaan
Around the World in 90 Days: State-Sponsored Actors Try ClickFix
Quasar RAT
2025-04-17Kaspersky LabsGReAT
IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia
MysterySnail
2025-04-17TrustwaveDawid Nesterowicz, Pawel Knapczyk
Proton66 Part 2: Compromised WordPress Pages and Malware Campaigns
StrelaStealer TargetCompany XWorm
2025-04-17FORTRAMax Ickert
Threat Actor Profile: SheByte Phishing-as-a-Service