Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-01-24Trend MicroJunestherry Dela Cruz
Analysis and Impact of LockBit Ransomware’s First Linux and VMware ESXi Variant
LockBit LockBit
2022-01-24ProofpointProofpoint
DTPacker – a .NET Packer with a Curious Password
Agent Tesla TA2536
2022-01-18Trend MicroArianne Dela Cruz, Bren Matthew Ebriega, Don Ovid Ladores, Mary Yambao
New Ransomware Spotted: White Rabbit and Its Evasion Tactics
2022-01-17Trend MicroCedric Pernet, Daniel Lunghi, Gloria Chen, Jaromír Hořejší, Joseph Chen, Kenney Lu
Delving Deep: An Analysis of Earth Lusca’s Operations
BIOPASS Cobalt Strike FunnySwitch JuicyPotato ShadowPad Winnti Earth Lusca
2022-01-16forensicitguyTony Lambert
Analyzing a CACTUSTORCH HTA Leading to Cobalt Strike
CACTUSTORCH Cobalt Strike
2022-01-11Twitter (@cglyer)Christopher Glyer
Thread on DEV-0401, a china based ransomware operator exploiting VMware Horizon with log4shell and deploying NightSky ransomware
Cobalt Strike NightSky
2022-01-09Github (xephora)@x3ph1
Observed malicious IOCs for the ChromeLoader/CS_installer aka Choziosi Loader Malware
Choziosi Choziosi
2021-12-14Kaspersky LabsPaul Rascagnères, Pierre Delcher
Owowa: the add-on that turns your OWA into a credential stealer and remote access panel
Owowa
2021-12-09Trend MicroVeronica Chierzi
The Evolution of IoT Linux Malware Based on MITRE ATT&CK TTPs
Dark Nexus QSnatch
2021-12-09MicrosoftMicrosoft 365 Defender Threat Intelligence Team
A closer look at Qakbot’s latest building blocks (and how to knock them down)
QakBot
2021-12-07MandiantJake Nicastro, Nick Richard, Rufus Brown, Van Ta
FIN13: A Cybercriminal Threat Actor Focused on Mexico
jspRAT win.rekoobe FIN13
2021-12-01AvastJakub Kaloč, Jan Rubín
Toss a Coin to your Helper (Part 2 of 2)
2021-11-23MorphisecArnold Osipov, Hido Cohen
Babadeda Crypter targeting crypto, NFT, and DeFi communities
Babadeda BitRAT LockBit Remcos
2021-11-19IronNetMorgan Demboski
Is a coordinated cyberattack brewing in the escalating Russian-Ukrainian conflict?
2021-11-17MandiantJoshua Goddard
ProxyNoShell: A Change in Tactics Exploiting ProxyShell Vulnerabilities
2021-11-17Investigative reporting project ItalyLorenzo Bagnoli, Riccardo Coluccini
Sorveglianza: l’azienda italiana che vuole sfidare i colossi NSO e Palantir
Chrysaor
2021-11-11QianxinRed Raindrop Team
SideCopy organization's recent attack incident analysis using China-India current affairs news
2021-11-08KELAKELA Cyber Intelligence Center
Ain’t No Actor Trustworthy Enough: The importance of validating sources
2021-11-03Team Cymrutcblogposts
Webinject Panel Administration: A Vantage Point into Multiple Threat Actor Campaigns - A Case Study on the Value of Threat Reconnaisance
DoppelDridex IcedID QakBot Zloader
2021-10-28LookoutKristina Balaam, Paul Shunk
Rooting Malware Makes a Comeback: Lookout Discovers Global Campaign
AbstractEmu