Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-11-20TrellixJambul Tologonov, John Fokker, Phuc Pham
Phobos: Stealthy Ransomware That Operated Under the Radar - Until Now
8Base CryptXXXX Dharma Phobos
2024-11-07Cisco TalosAliza Johnson, Chetan Raghuprasad, Elio Biasiotto, Michael Szeliga
Unwrapping the emerging Interlock ransomware attack
Rhysida
2024-09-19PWCJohn Southworth
COLDWASTREL of space
Callisto
2024-08-14CitizenLabJohn Scott-Railton, Ksenia Ermoshina, Rebekah Brown, Ron Deibert
Rivers of Phish: Sophisticated Phishing Targets Russia’s Perceived Enemies Around the Globe
Callisto
2024-07-24GoogleAlice Revelli, Fred Plan, JEFF JOHNSON, Michael Barnhart, Taylor Long
APT45: North Korea’s Digital Military Machine
SHATTEREDGLASS APT45
2024-04-16MandiantAlden Wahlstrom, Anton Prokopenkov, Dan Black, Dan Perez, Gabby Roncone, John Wolfram, Lexie Aytes, Nick Simonian, Ryan Hall, Tyler McLellan
APT44: Unearthing Sandworm
VPNFilter BlackEnergy CaddyWiper EternalPetya HermeticWiper Industroyer INDUSTROYER2 Olympic Destroyer PartyTicket RoarBAT Sandworm
2024-04-04MandiantAshley Pearson, Austin Larsen, Billy Wong, John Wolfram, Joseph Pisano, Josh Murchie, Lukasz Lamparski, Matt Lin, Ron Craft, Ryan Hall, Shawn Chew, Tyler McLellan
Cutting Edge, Part 4: Ivanti Connect Secure VPN Post-Exploitation Lateral Movement Case Studies
TONERJAM
2024-04-04InfoSec Handlers Diary BlogJohn Moutos
Slicing up DoNex with Binary Ninja
Donex
2024-02-29SANS ISCJohn Moutos
Dissecting DarkGate: Modular Malware Delivery and Persistence as a Service
DarkGate
2024-02-05YouTube (John Hammond)John Hammond, Ryan Chapman
PikaBot Malware Analysis: Debugging in Visual Studio
Pikabot
2024-01-12MandiantDimiter Andonov, Gabby Roncone, John Wolfram, Matt Lin, Robert Wallace, Tyler McLellan
Cutting Edge: Suspected APT Targets Ivanti Connect Secure VPN in New Zero-Day Exploitation
UTA0178
2024-01-09Trend MicroArianne Dela Cruz, Charles Steven Derion, Francisrey Joshua Castillo, Henry Salcedo, Ian Kenefick, John Carlo Marquez, John Rainier Navato, Joshua Aquino, Juhn Emmanuel Atanque, Raymart Yambot, Shinji Robert Arasawa
Black Basta-Affiliated Water Curupira’s Pikabot Spam Campaign
Pikabot Water Curupira
2023-12-14ImpervaDaniel Johnston
Imperva Detects Undocumented 8220 Gang Activities
Water Sigbin
2023-12-13FortinetAmey Gat, Angelo Cris Deveraturda, Hongkei Chan, Jared Betts, Jayesh Zala, John Simmons, Ken Evans, Mark Robson
TeamCity Intrusion Saga: APT29 Suspected Among the Attackers Exploiting CVE-2023-42793
GraphDrop
2023-11-15FortinetAmey Gat, Andrew Nicchi, John Simmons, Mark Robson
Investigating the New Rhysida Ransomware
Rhysida
2023-11-09MandiantChris Sistrunk, Daniel Kapellmann Zafra, Jared Wilson, John Wolfram, Keith Lunden, Ken Proska, Nathan Brubaker, Tyler McLellan
Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology
CaddyWiper
2023-10-23SarlackLabJohn Faria
Advice For Catching a RedLine Stealer
RedLine Stealer
2023-10-10MandiantAdrian Hernandez, Austin Larsen, JEFF JOHNSON, Michael Barnhart, Michelle Cantos, Taylor Long
Assessed Cyber Structure and Alignments of North Korea in 2023
TraderTraitor
2023-09-28Ransomware.orgJohn E. Dunn
The Scattered Spider Ransomware Group’s Secret Weapons? Social Engineering and Fluent English
2023-08-29MandiantAustin Larsen, John Palmisano, John Wolfram, Mathew Potaczek, Michael Raggi
Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868)
GhostEmperor