Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2019-09-02VolexityAndrew Case, Matthew Meltzer, Steven Adair
Digital Crackdown: Large-Scale Surveillance and Exploitation of Uyghurs
scanbox POISON CARP
2019-08-19FireEyeAlex Pennino, Matt Bromiley
GAME OVER: Detecting and Stopping an APT41 Operation
ACEHASH CHINACHOPPER HIGHNOON
2019-07-18FireEyeJessica Rocchio, Matt Bromiley, Nick Schroeder, Noah Klapprodt
Hard Pass: Declining APT34’s Invite to Join Their Professional Network
LONGWATCH PICKPOCKET TONEDEAF VALUEVAULT
2019-07-02ProofpointDennis Schwarz, Matthew Mesa, Proofpoint Threat Insight Team
TA505 begins summer campaigns with a new pet malware downloader, AndroMut, in the UAE, South Korea, Singapore, and the United States
AndroMut FlawedAmmyy
2019-06-14CertegoMatteo Lodi
Malware Tales: Sodinokibi
REvil
2019-05-29ESET ResearchMatthieu Faou, Romain Dumont
A dive into Turla PowerShell usage
PowerShellRunner TurlaRPC
2019-05-07ESET ResearchMatthieu Faou
Turla LightNeuron: An email too far
LightNeuron
2019-05-01ESET ResearchMatthieu Faou
TURLA LIGHTNEURON: One email away from remote code execution
LightNeuron
2019-04-30Cisco TalosColin Grady, Jaeson Schultz, Matt Valites, Pierre Cadieux
Sodinokibi ransomware exploits WebLogic Server vulnerability
REvil
2019-04-17Cisco TalosDanny Adamitis, David Maynor, Matthew Olney, Paul Rascagnères, Warren Mercer
DNS Hijacking Abuses Trust In Core Internet Service
Sea Turtle
2019-02-20Cisco TalosEdmund Brumaghin, Matthew Molyett, Nick Biasini
Combing Through Brushaloader Amid Massive Detection Uptick
BrushaLoader
2019-02-14CertegoMatteo Lodi
Malware Tales: Gootkit
GootKit
2019-01-25CrowdStrikeMatt Dahl
Widespread DNS Hijacking Activity Targets Multiple Sectors
DNSpionage
2019-01-17AccentureMatthew Brady
Pond Loach delivers BadCake malware
Salgorea APT32
2018-11-23CertegoMatteo Lodi
Sload hits Italy. Unveil the power of powershell as a downloader
sLoad
2018-11-22nccgroupMatt Lewis
Turla PNG Dropper is back
Uroburos Turla
2018-11-19FireEyeAndrew Thompson, Ben Withnell, Jonathan Leathery, Matthew Dunwoody, Michael Matonis, Nick Carr
Not So Cozy: An Uncomfortable Examination of a Suspected APT29 Phishing Campaign
Cobalt Strike
2018-09-05ESET ResearchMatthieu Faou
PowerPool malware exploits ALPC LPE zero‑day vulnerability
ALPC Local PrivEsc PowerPool
2018-08-30Twitter (@mesa_matt)Matthew Mesa
Tweet on PsiX
PsiX
2018-07-26IEEE Symposium on Security and Privacy (SP)Alex C. Snoeren, Damon McCoy, Danny Yuxing Huang, Elie Bursztein, Jonathan Levin, Kirill Levchenko, Kylie McRoberts, Luca Invernizzi, Maxwell Matthaios Aliapoulios, Vector Guo Li
Tracking Ransomware End-to-end
Cerber Locky WannaCryptor