Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-05-03ZscalerBrett Stone-Gross, Javier Vicente
Analysis of BlackByte Ransomware's Go-Based Variants
BlackByte
2022-05-03Cluster25Cluster25
The Strange Link Between A Destructive Malware And A Ransomware-Gang Linked Custom Loader: IsaacWiper Vs Vatet
Cobalt Strike IsaacWiper PyXie
2022-05-02cocomelonccocomelonc
Malware development: persistence - part 3. COM DLL hijack. Simple C++ example
Agent.BTZ Ave Maria Konni Mosquito TurlaRPC
2022-05-02eSentireeSentire Threat Response Unit (TRU)
AsyncRAT Activity
AsyncRAT
2022-05-02Sentinel LABSAmitai Ben Shushan Ehrlich, Joey Chen
Moshen Dragon’s Triad-and-Error Approach | Abusing Security Software to Sideload PlugX and ShadowPad
PlugX ShadowPad Moshen Dragon
2022-05-02AT&TFernando Martinez
Analysis on recent wiper attacks: examples and how wiper malware works
AcidRain CaddyWiper DoubleZero HermeticWiper INDUSTROYER2 IsaacWiper
2022-05-02MacnicaHiroshi Takeuchi
Attack Campaigns that Exploit Shortcuts and ISO Files
Cobalt Strike
2022-05-01BushidoTokenBushidoToken
Gamer Cheater Hacker Spy
Egregor HelloKitty NetfilterRootkit RagnarLocker Winnti
2022-05-01Bleeping ComputerLawrence Abrams
REvil ransomware returns: New malware sample confirms gang is back
REvil
2022-04-30CybereasonAssaf Dahan, Daniel Frank
PortDoor: New Chinese APT Backdoor Attack Targets Russian Defense Sector
PortDoor
2022-04-29MandiantAnders Vejlby, John Wolfram, Nick Simonian, Sarah Hawley, Tyler McLellan
Trello From the Other Side: Tracking APT29 Phishing Campaigns
BEATDROP VaporRage
2022-04-29AttackIQFrancis Guibernau, Jackson Wells
Attack Graph Response to UNC1151 Continued Targeting of Ukraine
MicroBackdoor
2022-04-28Bleeping ComputerIonut Ilascu
New Bumblebee malware replaces Conti's BazarLoader in cyberattacks
BumbleBee
2022-04-28BlackberryThe BlackBerry Research & Intelligence Team
Threat Thursday: BoratRAT
Borat RAT
2022-04-28SymantecKarthikeyan C Kasiviswanathan, Vishal Kamble
Ransomware: How Attackers are Breaching Corporate Networks
AvosLocker Conti Emotet Hive IcedID PhotoLoader QakBot TrickBot
2022-04-28Cert-UACert-UA
Malicious JavaScript-code BrownFlood injected into web-sites used for DDoS attacks (CERT-UA#4553)
2022-04-28MandiantAnders Vejlby, John Wolfram, Nick Simonian, Sarah Hawley, Tyler McLellan
Trello From the Other Side: Tracking APT29 Phishing Campaigns
Cobalt Strike
2022-04-28ProofpointKelsey Merriman, Pim Trouerbach
This isn't Optimus Prime's Bumblebee but it's Still Transforming
BumbleBee TA578 TA579
2022-04-28nccgroupDavid Brown, Michael Matthews, Rob Smallridge
LAPSUS$: Recent techniques, tactics and procedures
2022-04-27StairwellSilas Cutler, Steve Miller
The origin story of APT32 macros: The StrikeSuit Gi
StrikeSuit Gift