Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-08-04NetcraftGraham Edgecombe
FluBot malware spreads to Australia
FluBot
2021-08-04Sapienza University of RomeDaniele Cono D’Elia, Lorenzo Invidia
Rope: Bypassing Behavioral Detection of Malware with Distributed ROP-driven Execution (white paper)
2021-08-04Sapienza University of RomeDaniele Cono D’Elia, Lorenzo Invidia
Rope: Bypassing Behavioral Detection of Malware with Distributed ROP-driven Execution (slides)
2021-08-03PTSecurityPT Expert Security Center
APT31 new dropper. Target destinations: Mongolia, Russia, the U.S., and elsewhere
2021-07-28CISAAustralian Cyber Security Centre (ACSC), CISA, FBI, NCSC UK
Top Routinely Exploited Vulnerabilities
2021-07-19Minister for Foreign Affairs of AustraliaKaren Andrews, Peter Dutton
Australia joins international partners in attribution of malicious cyber activity to China
APT31 APT40 HAFNIUM
2021-07-09cyjaxwilliam thomas
REvil-ution – A Persistent Ransomware Operation
REvil
2021-07-04Twitter (@PolarToffee)Toffee
Tweet on AvosLocker, ransomware advertising for affiliates through Dread
2021-07-01Avast DecodedIgor Morgenstern, Jan Vojtěšek, Luigino Camastra
Backdoored Client from Mongolian CA MonPass
Cobalt Strike Earth Lusca
2021-07-01Avast DecodedIgor Morgenstern, Jan Vojtěšek, Luigino Camastra
Backdoored Client from Mongolian CA MonPass
Cobalt Strike FishMaster
2021-07-01The RecordCatalin Cimpanu
Mongolian certificate authority hacked eight times, compromised with malware
Cobalt Strike
2021-07-01Trend MicroWilliam Gamazo Sanchez
PurpleFox Using WPAD to Target Indonesian Users
PurpleFox
2021-06-30GuardicoreLiad Mordekoviz, Ophir Harpaz
SMB Worm “Indexsinas” Uses Lateral Movement to Infect Whole Networks
2021-06-30Group-IBOleg Skulkin
REvil Twins Deep Dive into Prolific RaaS Affiliates' TTPs
Cobalt Strike REvil
2021-06-22MaltegoIntel 471, Maltego Team
Chasing DarkSide Affiliates: Identifying Threat Actors Connected to Darkside Ransomware Using Maltego & Intel 471
DarkSide DarkSide
2021-06-22Twitter (@Cryptolaemus1)Cryptolaemus, dao ming si, Kirk Sayre
Tweet on TA575, a Dridex affiliate delivering cobaltstrike (packed withe Cryptone) directly via the macro docs
Cobalt Strike Dridex
2021-06-21RAND CorporationDerek Grossman, Kristen Gunness, Marigold Black, Michael S. Chase, Natalia D. Simmons-Thomas, Nathan Beauchamp-Mustafaga
Deciphering Chinese Deterrence Signalling in the New Era An Analytic Framework and Seven Case Studies
2021-06-17Trend MicroAliakbar Zahravi
Bash Ransomware DarkRadiation Targets Red Hat- and Debian-based Linux Distributions
2021-06-16MandiantJared Wilson, Jordan Nuce, Justin Moore, Mike Hunhoff, Nick Harbour, Robert Dean, Tyler McLellan
Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise
DarkSide Cobalt Strike DarkSide SMOKEDHAM UNC2465
2021-06-16MandiantJared Wilson, Jordan Nuce, Justin Moore, Mike Hunhoff, Nick Harbour, Robert Dean, Tyler McLellan
Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise
Cobalt Strike SMOKEDHAM