Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-10-23Cisco TalosEdmund Brumaghin, Holger Unterbrink, Jordyn Dunk, Nicole Hoffman
Highlighting TA866/Asylum Ambuscade Activity Since 2021
WasabiSeed Cobalt Strike csharp-streamer RAT Resident Rhadamanthys WarmCookie
2024-10-23Cisco TalosEdmund Brumaghin, Holger Unterbrink, Jordyn Dunk, Nicole Hoffman
Threat Spotlight: WarmCookie/BadSpace
Cobalt Strike csharp-streamer RAT WarmCookie
2024-10-22Cisco TalosChetan Raghuprasad
Threat actor abuses Gophish to deliver new PowerRAT and DCRAT
PowerRAT
2024-10-17Cisco TalosAsheer Malhotra, Dmytro Korzhevin, Vanja Svajcer, Vitor Ventura
UAT-5647 targets Ukrainian and Polish entities with RomCom malware variants
MeltingClaw ROMCOM RAT ShadyHammock RomCom
2024-09-10Talos IntelligenceJoey Chen
DragonRank, a Chinese-speaking SEO manipulator service provider
IISpy PlugX DragonRank
2024-08-28Talos IntelligenceCraig Jackson, James Nutland, Terryn Valikodath
BlackByte blends tried-and-true tradecraft with newly disclosed vulnerabilities to support ongoing attacks
BlackByte
2024-08-21Cisco TalosAsheer Malhotra, Guilherme Venere, Vitor Ventura
MoonPeak malware from North Korean actors unveils new details on attacker infrastructure
MoonPeak XenoRAT UAT-5394
2024-06-13Cisco TalosAsheer Malhotra, Gi7w0rm, Vitor Ventura
Operation Celestial Force employs mobile and desktop malware to target Indian entities
Gravity RAT Gravity RAT
2024-06-05Cisco TalosCisco Talos
DarkGate switches up its tactics with new payload, email templates
DarkGate
2024-05-30Cisco TalosAsheer Malhotra
LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader
purpleink LilacSquid
2024-04-24CiscoCisco Talos
ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices
ArcaneDoor Storm-1849
2024-02-15Cisco TalosArnaud Zobec, Asheer Malhotra, Holger Unterbrink, Vitor Ventura
TinyTurla Next Generation - Turla APT spies on Polish NGOs
TinyTurlaNG
2024-02-08Cisco TalosCisco Talos
New Zardoor backdoor used in long-term cyber espionage operation targeting an Islamic organization
HTran reGeorg Venom Proxy ZarDoor
2024-01-09Avast DecodedThreat Research Team
Avast Updates Babuk Ransomware Decryptor in Cooperation with Cisco Talos and Dutch Police
Babuk
2023-12-11Cisco TalosAsheer Malhotra, Jungsoo An, Vitor Ventura
Operation Blacksmith: Lazarus targets organizations worldwide using novel Telegram-based malware written in DLang
BottomLoader DLRAT HazyLoad NineRAT
2023-11-17Cisco TalosGuilherme Venere
A deep dive into Phobos ransomware, recently deployed by 8Base group
8Base Phobos
2023-11-17Cisco TalosGuilherme Venere
Understanding the Phobos affiliate structure and activity
Phobos
2023-10-25Cisco TalosAsheer Malhotra, Vitor Ventura
Kazakhstan-associated YoroTrooper disguises origin of attacks as Azerbaijan
Ave Maria Loda YoroTrooper
2023-10-05TalosGuilherme Venere
Qakbot-affiliated actors distribute Ransom Knight malware despite infrastructure takedown
QakBot
2023-09-28Cisco TalosJonathan Munshaw
The security pitfalls of social media sites offering ID-based authentication
RansomVC