Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-09-30CIPState Service of Special Communication and Information Protection of Ukraine (CIP)
Russian Cyber Operations
WRECKSTEEL HOMESTEEL Amatera GIFTEDCROOK StrelaStealer
2025-09-02At-BayAaron Smith, Laurie Iacono, MC, Ricardo Vazquez, Rohit Pappali, Will Botto, Yiwei Guo
Rhysida: Evading Detection, One Service at a Time
Rhysida
2025-08-21GBHackers on SecurityAman Mishra
Threat Actors Weaponize PDF Editor Trojan to Convert Devices into Proxies
TamperedChef
2025-08-18Medium RaghavtiResearchBeGoodToAll
Qilin Ransomware-as-a-Service: Threat Analysis and Strategic Outlook
Qilin AgendaCrypt
2025-07-14Arda BüyükkayaEclecticIQ Threat Research Team
GLOBAL GROUP: Emerging Ransomware-as-a-Service, Supporting AI Driven Negotiation and Mobile Control Panel for Their Affiliates
Global
2025-07-12t0ast's blogt0ast
Global Group: Ransomware-as-a-Service with AI-powered Negotiation
Global
2025-07-02CrowdStrikeCounter Adversary Operations
CrowdStrike Services Observes SCATTERED SPIDER Escalate Attacks Across Industries
2025-06-29Medium Sapir TwigSapir Twig
Inside DarkGate: In-Depth Technical Analysis of the Malware-as-a-Service Threat
DarkGate
2025-06-05FBIFBI
Alert Number: I-060525-PSA - Home Internet Connected Devices Facilitate Criminal Activity
BADBOX
2025-05-28DarktraceTara Gould
PumaBot: Novel Botnet Targeting IoT Surveillance Devices
PumaBot
2025-05-22SekoiaFélix Aime, Jeremy Scion
ViciousTrap – Infiltrate, Control, Lure: Turning edge devices into honeypots en masse.
2025-05-07FBIFBI
Cyber Criminal Services Target End-of-Life Routers to Launch Attacks and Hide Their Activities
TheMoon
2025-05-07FBIFBI
Alert Number: I-050725-PSA Cyber Criminal Proxy Services Exploiting End of Life Routers
TheMoon
2025-05-06AkamaiKyle Lefton
Here Comes Mirai: IoT Devices RSVP to Active Exploitation
LZRD
2025-04-29France DiplomatieFrance Diplomatie
Russia – Assignment of cyber attacks against France to the Russian military intelligence service (APT28) (29 April 2025)
2025-04-25CensysCensys
The Persistent Threat of Salt Typhoon: Tracking Exposures of Potentially Targeted Devices
MASOL
2025-04-17FORTRAMax Ickert
Threat Actor Profile: SheByte Phishing-as-a-Service
2025-04-16Intel 471Intel 471
LabHost: A defunct but potent phishing service
2025-04-06Cert-UACert-UA
Target espionage activity UAC-0226 in relation to the centers of innovation, state and law enforcement services using the GIFTEDCROOK (CERT-UA#14303)
GIFTEDCROOK UAC-0226
2025-04-01Hunt.ioHunt.io
Same Russian-Speaking Threat Actor, New Tactics: Abuse of Cloudflare Services for Phishing and Telegram to Filter Victim IPs
Pyramid