Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-10-15Weixin360 Threat Intelligence Center
Analysis of the attack activities of APT-C-35 (belly brain worm) against a manufacturing company in South Asia
Unidentified 117 (Donot Loader)
2024-05-10Qianxin Threat Intelligence CenterThreat Intelligence Center
Recruitment trap for blockchain practitioners: Analysis of suspected Lazarus (APT-Q-1) stealing operations
BeaverTail
2023-08-28360360 Threat Intelligence Center
APT-C-55 (Kimsuky) organization uses Korean domain names for malicious activities
2023-08-01Qianxin Threat Intelligence CenterRed Raindrop Team
Analysis of Recent Activities of the Mylobot Botnet
MyloBot
2023-07-26WeixinAnheng Threat Intelligence Center
APT29 recently faked the German embassy and issued a malicious PDF file
BEATDROP Unidentified 107 (APT29)
2023-07-04Qianxin Threat Intelligence CenterThreat Intelligence Center
Suspected Maha Grass Organization Uses WarHawk Backdoor Variant Spyder to Spy on Multiple Countries
Spyder Patchwork WarHawk
2023-04-19MicrosoftJustin Warner, Microsoft Threat Intelligence Center (MSTIC)
Exploring STRONTIUM's Abuse of Cloud Services
FusionDrive
2023-03-13MicrosoftMicrosoft Threat Intelligence Center
DEV-1101 enables high-volume AiTM campaigns with open-source phishing kit
2023-02-02YouTube (SLEUTHCON)Christopher Glyer, Microsoft Threat Intelligence Center (MSTIC)
Lions, Tigers, and Infostealers - Oh my!
RecordBreaker RedLine Stealer Vidar
2022-12-06360 Threat Intelligence Center360 Beacon Lab
Analysis of suspected APT-C-56 (Transparent Tribe) attacks against terrorism
AhMyth Meterpreter SpyNote AsyncRAT
2022-11-30Qianxin Threat Intelligence CenterRed Raindrop Team
Analysis of APT29's attack activities against Italy
Unidentified 098 (APT29 Slack Downloader)
2022-10-10RiskIQMicrosoft Threat Intelligence Center (MSTIC)
DEV-0832 Leverages Commodity Tools in Opportunistic Ransomware Campaigns
BlackCat Mount Locker SystemBC Zeppelin
2022-08-25MicrosoftMicrosoft 365 Defender Research Team, Microsoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations
MimiKatz
2022-08-24MicrosoftDetection and Response Team (DART), Microsoft 365 Defender Team, Microsoft Threat Intelligence Center (MSTIC)
MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone
2022-08-17360360 Threat Intelligence Center
Kasablanka organizes attacks against political groups and non-profit organizations in the Middle East
SpyNote Loda Nanocore RAT NjRAT
2022-08-15MicrosoftDigital Threat Analysis Center (DTAC), Microsoft Threat Intelligence Center (MSTIC), Office 365 Threat Research Team
Disrupting SEABORGIUM’s ongoing phishing operations
Callisto
2022-08-15MicrosoftDigital Threat Analysis Center (DTAC), Microsoft Threat Intelligence Center (MSTIC), Office 365 Threat Research Team
Disrupting SEABORGIUM’s ongoing phishing operations
2022-07-27MicrosoftMicrosoft Security Response Center (MSRC), Microsoft Threat Intelligence Center (MSTIC), RiskIQ
Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits
Subzero Denim Tsunami
2022-07-20FreebufQi Anxin Threat Intelligence Center
Abused Slack Service: Analysis of APT29's Attack on Italy
Unidentified 098 (APT29 Slack Downloader)
2022-07-14MicrosoftMicrosoft Digital Security Unit (DSU), Microsoft Threat Intelligence Center (MSTIC)
North Korean threat actor (H0lyGh0st /DEV-0530) targets small and midsize businesses with H0lyGh0st ransomware
SiennaBlue SiennaPurple Storm-0530