Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-10-10Hunt.ioHunt.io
Unmasking Adversary Infrastructure: How Certificates and Redirects Exposed Earth Baxia and PlugX Activity
PlugX
2024-08-27LumenBlack Lotus Labs
Taking the Crossroads: The Versa Director Zero-Day Exploitation
VersaMem
2024-07-25SOC PrimeVeronika Telychko
UAC-0057 Attack Detection: A Surge in Adversary Activity Distributing PICASSOLOADER and Cobalt Strike Beacon
Cobalt Strike PicassoLoader Ghostwriter
2024-07-25CrowdStrikeCounter Adversary Operations
Hacktivist Entity USDoD Claims to Have Leaked CrowdStrike’s Threat Actor List
SAMBASPIDER
2024-07-02SekoiaQuentin Bourgue
Exposing FakeBat loader: distribution methods and adversary infrastructure
BlackCat Royal Ransom EugenLoader Carbanak Cobalt Strike DICELOADER Gozi IcedID Lumma Stealer NetSupportManager RAT Pikabot RedLine Stealer SectopRAT Sliver SmokeLoader Vidar
2024-06-06Hunt.ioHunt.io
Tracking LightSpy: Certificates as Windows into Adversary Behavior
lightSpy
2024-03-06BushidoTokenBushidoToken
Tracking Adversaries: UAC-0050, Cracking The DaVinci Code
2024-02-01SecuronixDen Iyzvyk, Oleg Kolesnikov, Tim Peck
Analysis and Detection of STEADY#URSA Attack Campaign Targeting Ukraine Military Dropping New Covert SUBTLE-PAWS PowerShell Backdoor
SUBTLE-PAWS
2024-01-09Recorded FutureInsikt Group
2023 Adversary Infrastructure Report
AsyncRAT Cobalt Strike Emotet PlugX ShadowPad
2023-12-12FourcoreSwapnil
Rhysida Ransomware: History, TTPs And Adversary Emulation Plans
Rhysida Rhysida Vanilla Tempest
2023-12-11Sentinel LABSAleksandar Milenkoski, Bendik Hagen
Sandman APT | China-Based Adversaries Embrace Lua
KEYPLUG LuaDream
2023-12-07Palo Alto Networks Unit 42Unit 42
Fighting Ursa Aka APT28: Illuminating a Covert Campaign
2023-11-09CrowdStrikeCounter Adversary Operations
IMPERIAL KITTEN Deploys Novel Malware Families in Middle East-Focused Operations
IMAPLoader
2023-10-31Palo Alto Networks Unit 42Daniel Frank, Tom Fakterman
Over the Kazuar’s Nest: Cracking Down on a Freshly Hatched Backdoor Used by Pensive Ursa (Aka Turla)
Kazuar
2023-08-26BushidoToken BlogBushidoToken
Tracking Adversaries: Scattered Spider, the BlackCat affiliate
BlackLotus POORTRY
2023-08-10CrowdStrikeCounter Adversary Operations, Ken Balint, Marco Ortisi, Nicolas Zilio
Discovering and Blocking a Zero-Day Exploit with CrowdStrike Falcon Complete: The Case of CVE-2023-36874
2023-07-12Palo Alto Networks Unit 42Unit 42
Diplomats Beware: Cloaked Ursa Phishing With a Twist
GraphDrop
2023-07-12Palo Alto Networks Unit 42Unit 42
Diplomats Beware: Cloaked Ursa Phishing With a Twist
2023-06-23FourcoreJones Martin
Clop Ransomware: History, Timeline, And Adversary Simulation
Clop
2023-05-15CrowdStrikeCrowdStrike
Hypervisor Jackpotting, Part 3: Lack of Antivirus Support Opens the Door to Adversary Attacks
BlackCat SystemBC