Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-04-22VolexityCharlie Gardner, Josh Duke, Matthew Meltzer, Sean Koessel, Steven Adair, Tom Lancaster
Phishing for Codes: Russian Threat Actors Target Microsoft 365 OAuth Workflows
UTA0352 UTA0355
2025-02-13VolexityCharlie Gardner, Steven Adair, Tom Lancaster
Multiple Russian Threat Actors Targeting Microsoft Device Code Authentication
2024-11-22VolexitySean Koessel, Steven Adair, Tom Lancaster
The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access
APT28
2024-08-02VolexityAnkur Saini, Paul Rascagnères, Steven Adair, Thomas Lancaster
StormBamboo Compromises ISP to Abuse Insecure Software Update Mechanisms
CDDS DUSTPAN MgBot
2024-01-10VolexityMatthew Meltzer, Robert Jan Mora, Sean Koessel, Steven Adair, Thomas Lancaster
Active Exploitation of Two Zero-Day Vulnerabilities in Ivanti Connect Secure VPN
UTA0178
2023-03-30VolexityAnkur Saini, Callum Roxan, Charlie Gardner, Paul Rascagnères, Steven Adair, Thomas Lancaster
3CX Supply Chain Compromise Leads to ICONIC Incident
3CX Backdoor IconicStealer
2022-06-15VolexitySteven Adair, Thomas Lancaster, Volexity Threat Research
DriftingCloud: Zero-Day Sophos Firewall Exploitation and an Insidious Breach
pupy Sliver DriftingCloud
2022-03-22VolexityDamien Cash, Steven Adair, Thomas Lancaster
Storm Cloud on the Horizon: GIMMICK Malware Strikes at macOS
GIMMICK GIMMICK
2022-02-03VolexitySteven Adair, Thomas Lancaster
Operation EmailThief: Active Exploitation of Zero-day XSS Vulnerability in Zimbra
TEMP_Heretic
2021-08-24VolexityDamien Cash, Josh Grunzweig, Steven Adair, Thomas Lancaster
North Korean BLUELIGHT Special: InkySquid Deploys RokRAT
RokRAT
2021-08-17Volatility LabsDamien Cash, Josh Grunzweig, Matthew Meltzer, Steven Adair, Thomas Lancaster
North Korean APT37 / InkySquid Infects Victims Using Browser Exploits
BLUELIGHT APT37
2021-05-27VolexityDamien Cash, Josh Grunzweig, Matthew Meltzer, Sean Koessel, Steven Adair, Thomas Lancaster
Suspected APT29 Operation Launches Election Fraud Themed Phishing Campaigns
Cobalt Strike
2021-03-02VolexityJosh Grunzweig, Matthew Meltzer, Sean Koessel, Steven Adair, Thomas Lancaster
Operation Exchange Marauder: Active Exploitation of Multiple Zero-Day Microsoft Exchange Vulnerabilities
CHINACHOPPER HAFNIUM
2020-12-14VolexityDamien Cash, Matthew Meltzer, Sean Koessel, Steven Adair, Thomas Lancaster, Volexity Threat Research
Dark Halo Leverages SolarWinds Compromise to Breach Organizations
SUNBURST
2020-11-06VolexitySteven Adair, Thomas Lancaster, Volexity Threat Research
OceanLotus: Extending Cyber Espionage Operations Through Fake Websites
Cobalt Strike KerrDown APT32
2020-04-21VolexityAndrew Case, Dave Lassalle, Matthew Meltzer, Sean Koessel, Steven Adair, Thomas Lancaster
Evil Eye Threat Actor Resurfaces with iOS Exploit and Updated Implant
2019-09-11VolexitySean Koessel, Steven Adair
Vulnerable Private Networks: Corporate VPNs Exploited in the Wild
2019-09-02VolexityAndrew Case, Matthew Meltzer, Steven Adair
Digital Crackdown: Large-Scale Surveillance and Exploitation of Uyghurs
scanbox POISON CARP
2018-06-07VolexityMatthew Meltzer, Sean Koessel, Steven Adair
Patchwork APT Group Targets US Think Tanks
Quasar RAT Unidentified 047 QUILTED TIGER
2016-11-09VolexitySteven Adair
PowerDuke: Widespread Post-Election Spear Phishing Campaigns Targeting Think Tanks and NGOs
PowerDuke