Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-04-29FireEyeJustin Moore, Raymond Leong, Tyler McLellan
UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat
Cobalt Strike FiveHands HelloKitty
2021-04-18Bleeping ComputerLawrence Abrams
Discord Nitro gift codes now demanded as ransomware payments
Nitro
2021-04-16Team CymruJoshua Picolet
Transparent Tribe APT Infrastructure Mapping Part 1: A High-Level Study of CrimsonRAT Infrastructure October 2020 – March 2021
Crimson RAT
2021-04-07Medium walmartglobaltechJason Reaves
Not your same old adware anymore, PBOT updates
2021-03-26Bleeping ComputerLawrence Abrams
Ransomware gang urges victims’ customers to demand a ransom payment
Clop
2021-03-15Modern War InstituteChristopher Marsh, Mark Grzegorzewski
Incorporating the Cyberspace Domain: How Russia and China Exploit Asymmetric Advantages in Great Power Competition
2021-03-15Team CymruJosh Hopkins
FIN8: BADHATCH Threat Indicator Enrichmen
BADHATCH
2021-03-10PICUS SecuritySüleyman Özarslan
Tactics, Techniques, and Procedures (TTPs) Used by HAFNIUM to Target Microsoft Exchange Servers
CHINACHOPPER
2021-03-08SymantecThreat Hunter Team
How Symantec Stops Microsoft Exchange Server Attacks
CHINACHOPPER MimiKatz
2021-03-08SecureworksCounter Threat Unit ResearchTeam
SUPERNOVA Web Shell Deployment Linked to SPIRAL Threat Group
SUPERNOVA BRONZE SPIRAL
2021-02-18SymantecThreat Hunter Team
Lazarus: Three North Koreans Charged for Financially Motivated Attacks
AppleJeus POOLRAT Unidentified macOS 001 (UnionCryptoTrader) AppleJeus Unidentified 077 (Lazarus Downloader)
2021-02-05Team CymruDavid Monnier
Kobalos Malware Mapping Potentially Impacted Networks and IP Address Mapping
Kobalos
2021-01-27Team CymruJames Shank
Taking Down Emotet How Team Cymru Leveraged Visibility and Relationships to Coordinate Community Efforts
Emotet
2021-01-26Team CymruCERT-BR, Josh Hopkins, Manabu Niseki
GhostDNSbusters (Part 3) Illuminating GhostDNS Infrastructure
2021-01-22SymantecThreat Hunter Team
SolarWinds: How Sunburst Sends Data Back to the Attackers
SUNBURST
2021-01-20Team CymruAndy Kraus
MoqHao Part 1: Identifying Phishing Infrastructure
MoqHao
2021-01-18SymantecThreat Hunter Team
Raindrop: New Malware Discovered in SolarWinds Investigation
Cobalt Strike Raindrop SUNBURST TEARDROP
2021-01-18Twitter (@teamcymru)Team Cymru
Tweet on APT36 CrimsonRAT C2
Crimson RAT
2021-01-15SymantecThreat Hunter Team
SolarWinds: Insights into Attacker Command and Control Process
SUNBURST
2021-01-07SymantecThreat Hunter Team
SolarWinds: How a Rare DGA Helped Attacker Communications Fly Under the Radar
SUNBURST