Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-03-13EclecticIQArda Büyükkaya
Inside BRUTED: Black Basta (RaaS) Members Used Automated Brute Forcing Framework to Target Edge Network Devices
Black Basta
2025-03-11Hunt.ioHunt.io
JSPSpy and ‘filebroser’: A Custom File Management Tool in Webshell Infrastructure
2025-02-27Palo Alto Networks Unit 42Lior Rochberger, Tom Fakterman
Squidoor: Suspected Chinese Threat Actor’s Backdoor Targets Global Organizations
FINALDRAFT FINALDRAFT
2025-02-25Sentinel LABSTom Hegel
Ghostwriter | New Campaign Targets Ukrainian Government and Belarusian Opposition
2025-02-15Youtube (greenplan)greenplan
[BINARY REFINERY] (Emmenhtal) - Deobfuscation of a custom obfuscation algorithm
Emmenhtal
2025-02-13VolexityCharlie Gardner, Steven Adair, Tom Lancaster
Multiple Russian Threat Actors Targeting Microsoft Device Code Authentication
2025-02-03SentinelOnePhil Stokes, Tom Hegel
macOS FlexibleFerret | Further Variants of DPRK Malware Family Unearthed
FlexibleFerret FriendlyFerret FrostyFerret
2025-01-29SecurityScorecardSecurityScorecard STRIKE Team
Operation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign
BeaverTail InvisibleFerret
2025-01-27SecurityScorecardSTRIKE Team
Operation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign
2024-12-11JPCERT/CCTomoya Kamei
Attack Exploiting Legitimate Service by APT-C-60
SpyGrace
2024-12-10cybleCyble
Head Mare Group Intensifies Attacks on Russia with PhantomCore Backdoor
PhantomCore Head Mare
2024-12-04Rapid7Tyler McGraw
Black Basta Ransomware Campaign Drops Zbot, DarkGate, and Custom Malware
Black Basta Cobalt Strike DarkGate SystemBC Zloader
2024-11-22VolexitySean Koessel, Steven Adair, Tom Lancaster
The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access
APT28
2024-11-20CofenseKahng An
Custom I2P RAT “I2Parcae” Delivered via Pornographic Customer Support Form Spam
I2PRAT Unidentified 118
2024-11-10DFIR.chStephan Berger
Reptile's Custom Kernel-Module Launcher
reptile
2024-10-19Emanuele De Lucia on SecurityEmanuele De Lucia
“Hey ESET, Wait for the Leak”: Dissecting the “OctoberSeventh” Wiper targeting ESET customers in Israel
OctoberSeventh
2024-10-17SekoiaQuentin Bourgue, Sekoia TDR
ClickFix tactic: The Phantom Meet
Rhadamanthys Stealc
2024-10-08TrustwaveCris Tomboc, King Orande
Pronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader
Pronsis Loader Latrodectus Lumma Stealer
2024-09-12Cado SecurityNate Bill, Tara Gould
From Automation to Exploitation: The Growing Misuse of Selenium Grid for Cryptomining and Proxyjacking
perfctl
2024-08-30Denwp ResearchTonmoy Jitu
Anatomy of a Lumma Stealer Attack via Fake CAPTCHA Pages - Part 1
Lumma Stealer