Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-12-06MandiantAshraf Abdalhalim, Ben Read, Doug Bienstock, Gabriella Roncone, Jonathan Leathery, Josh Madeley, Juraj Sucik, Luis Rocha, Luke Jenkins, Manfred Erjak, Marius Fodoreanu, Microsoft Detection and Response Team (DART), Microsoft Threat Intelligence Center (MSTIC), Mitchell Clarke, Parnian Najafi, Sarah Hawley, Wojciech Ledzion
Suspected Russian Activity Targeting Government and Business Entities Around the Globe (UNC2452)
Cobalt Strike CryptBot
2021-12-02MalwarebytesHossein Jazi, Threat Intelligence Team
SideCopy APT: Connecting lures to victims, payloads to infrastructure
SideCopy
2021-11-29Qianxin Threat Intelligence CenterRed Raindrop Team
APT-Q-12: An intelligence espionage campaign targeting the trade industry
Unidentified 100 (APT-Q-12) APT-C-60
2021-11-24GoogleGoogle Cybersecurity Action Team, Google Threat Analysis Group
Threat Horizons Cloud Threat Intelligence November 2021. Issue 1
BlackMatter
2021-11-19360 Threat Intelligence Centeradvanced threat research institute
It is suspected that the APT-C-55 organization used the commercial software Web Browser Password Viewer to carry out the attack
2021-11-18PRODAFT Threat IntelligencePRODAFT
Conti Ransomware Group In-Depth Analysis
Conti
2021-11-18360 netlabAlex.Turing, Hui Wang, litao3rd, YANG XU
The Pitfall of Threat Intelligence Whitelisting: Specter Botnet is 'taking over' Top Legit DNS Domains By Using ClouDNS Service
Specter
2021-11-18MicrosoftMicrosoft Digital Security Unit (DSU), Microsoft Threat Intelligence Center (MSTIC)
Iranian targeting of IT sector on the rise
MimiKatz ShellClient RAT Cuboid Sandstorm
2021-11-16MicrosoftMicrosoft Threat Intelligence
Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021
APT35 Gray Sandstorm
2021-11-16MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021
2021-11-16MalwarebytesMalwarebytes Threat Intelligence Team
TrickBot helps Emotet come back from the dead
Emotet TrickBot
2021-11-11MicrosoftMicrosoft 365 Defender Threat Intelligence Team
HTML smuggling surges: Highly evasive loader technique increasingly used in banking malware, targeted attacks
AsyncRAT Mekotio NjRAT
2021-11-10SekoiaCyber Threat Intelligence team
Walking on APT31 infrastructure footprints
Rekoobe Unidentified ELF 004 Cobalt Strike
2021-11-09PrevailionAccenture Cyber Threat Intelligence, Prevailion
Who are latest targets of cyber group Lyceum?
Milan Shark LYCEUM
2021-11-08MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
Threat actor DEV-0322 exploiting ZOHO ManageEngine ADSelfService Plus
2021-10-28PRODAFT Threat IntelligencePRODAFT
Solarmarker In-Depth Analysis
solarmarker
2021-10-25MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
NOBELIUM targeting delegated administrative privileges to facilitate broader attacks
2021-10-21APNICJames Shank
How to: Threat hunting and threat intelligence
2021-10-21MicrosoftMicrosoft 365 Defender Threat Intelligence Team
Franken-phish: TodayZoo built from other phishing kits
2021-10-13Anchored Narratives on Threat Intelligence and GeopoliticsRJM
Trouble in Asia and the Middle East. Tracking the TransparentTribe threat actor.
Crimson RAT