Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-07-19CISACISA
Alert (AA21-200B): Chinese State-Sponsored Cyber Operations: Observed TTPs
APT40
2021-07-08CISAUS-CERT
Malware Analysis Report (AR21-189A): DarkSide Ransomware
DarkSide
2021-07-04CISAUS-CERT
CISA-FBI Guidance for MSPs and their Customers Affected by the Kaseya VSA Supply-Chain Ransomware Attack
REvil REvil
2021-07-02CiscoAsheer Malhotra, Justin Thattil
InSideCopy: How this APT continues to evolve its arsenal
AllaKore CetaRAT Lilith NjRAT ReverseRAT
2021-07-01CISA, FBI, NCSC UK, NSA
Russian GRU (APT28) Conducting Global Brute Force Campaign to Compromise Enterprise and Cloud Environments
reGeorg
2021-06-22CiscoNick Biasini
Attackers in Executive Clothing - BEC continues to separate orgs from their money
2021-06-19CISAUS-CERT
Alert (AA21-200A): Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department
APT40
2021-06-04K7 SecurityMary Muthu Francisca
Glupteba back on track spreading via EternalBlue exploits
Glupteba
2021-06-01CiscoJosh Pyorre
Backdoors, RATs, Loaders evasion techniques
BazarNimrod GoldMax Oblique RAT
2021-05-28CISAUS-CERT
Alert (AA21-148A): Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs
Cobalt Strike
2021-05-28CISAUS-CERT
Malware Analysis Report (AR21-148A): Cobalt Strike Beacon
Cobalt Strike
2021-05-26Cisco TalosVitor Ventura, Warren Mercer
Elizabethan England has nothing on modern-day Russia
2021-05-14CISAUS-CERT
Analysis Report (AR21-134A): Eviction Guidance for Networks Affected by the SolarWinds and Active Directory/M365 Compromise
SUNBURST
2021-05-11CISAUS-CERT
Alert (AA21-131A) DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks
DarkSide
2021-05-07Cisco TalosAndrew Windsor, Caitlin Huey, Edmund Brumaghin
Lemon Duck spreads its wings: Actors target Microsoft Exchange servers, incorporate new TTPs
CHINACHOPPER Cobalt Strike Lemon Duck
2021-05-07GCHQCISA, FBI, NCSC UK, NSA
Further TTPs associated with SVR cyber actors: Use of multiple publicly available exploits and Sliver framework to target organisations globally
2021-05-06CISACISA
MAR-10324784-1.v1: FiveHands Ransomware
FiveHands
2021-05-06CISACISA
Analysis Report: FiveHands Ransomware
FiveHands
2021-04-29CISACISA
CISA Identifies SUPERNOVA Malware During Incident Response
SUPERNOVA BRONZE SPIRAL
2021-04-26CISACISA, Department of Homeland Security, FBI
Russian Foreign Intelligence Service (SVR)Cyber Operations: Trends and Best Practices for Network Defenders
elf.wellmess WellMess