Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-09-16SekoiaAmaury G., Charles M., Sekoia TDR
APT28 Operation Phantom Net Voxel
BEARDSHELL GRUNT SLIMAGENT
2025-05-22SekoiaFélix Aime, Jeremy Scion
ViciousTrap – Infiltrate, Control, Lure: Turning edge devices into honeypots en masse.
2025-04-16SekoiaSekoia TDR
Interlock ransomware evolving under the radar
Interlock Berserk Stealer Interlock Lumma Stealer Supper
2025-03-31SekoiaAmaury G., Coline Chavane, Félix Aime, Sekoia TDR
From Contagious to ClickFake Interview: Lazarus leveraging the ClickFix tactic
FrostyFerret GolangGhost GolangGhost
2025-02-25Félix Aime, Jeremy Scion, Sekoia TDR
PolarEdge: Unveiling an uncovered ORB network
PolarEdge
2025-02-11SekoiaPierre Le Bourhis
RATatouille: Cooking Up Chaos in the I2P Kitchen
Unidentified 118
2025-01-13SekoiaAmaury G., Erwan Chevalier, Félix Aime, Maxime A.
Double-Tap Campaign: Russia-nexus APT possibly related to APT28 conducts cyber espionage on Central Asia and Kazakhstan diplomatic relations
HATVIBE
2025-01-13SekoiaAmaury G., Erwan Chevalier, Félix Aime, Maxime A.
Double-Tap Campaign: Russia-nexus APT possibly related to APT28 conducts cyber espionage on Central Asia and Kazakhstan diplomatic relations
HATVIBE
2024-11-13SekoiaColine Chavane, Sekoia TDR
A three-beat waltz: The ecosystem behind Chinese state-sponsored cyber threats
2024-10-17SekoiaQuentin Bourgue, Sekoia TDR
ClickFix tactic: The Phantom Meet
Rhadamanthys Stealc
2024-07-15SekoiaSekoia TDR
MuddyWater replaces Atera by custom MuddyRot implant in a recent campaign
bugsleep
2024-07-02SekoiaQuentin Bourgue
Exposing FakeBat loader: distribution methods and adversary infrastructure
BlackCat Royal Ransom EugenLoader Carbanak Cobalt Strike DICELOADER Gozi IcedID Lumma Stealer NetSupportManager RAT Pikabot RedLine Stealer SectopRAT Sliver SmokeLoader Vidar
2024-06-05SekoiaCharles Meslay
Reverse engineering of malicious code in CTI - Analysis of the evolution of an infection chain (Paper)
FlowCloud
2024-06-05SekoiaCharles Meslay
The reverse engineering of malicious code in the ITC - Analysis of the evolution of a chain of infection (Slides)
FlowCloud
2024-06-03SekoiaPierre Le Bourhis, Quentin Bourgue, Sekoia TDR
PikaBot: a Guide to its Deep Secrets and Operations
Pikabot
2024-05-21SekoiaAmaury G., Coline Chavane, Kilian Seznec, Sekoia TDR
Master of Puppets: Uncovering the DoppelGänger pro-Russian influence campaign
2024-04-29Twitter (@sekoia_io)sekoia
@sekoia_io's tweet about the (not so) new infostealer, named ACR Stealer
ACR Stealer
2024-03-14SekoiaAmaury G., Grégoire Clermont, Livia Tibirna, Maël SARP, Marine PICHON, Vincent HINDERER, Ziad MASLAH
Unveiling the depths of Residential Proxies providers
2024-03-01SekoiaSekoia TDR
NoName057(16)’s DDoSia project: 2024 updates and behavioural shifts
Dosia
2024-02-22SekoiaLivia Tibirna, Pierre-Antoine D., Quentin Bourgue, Threat & Detection Research Team
Scattered Spider laying new eggs
BlackCat