Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-01-01Toli SecurityTolisec
Cryptomining botnet exploiting exposed Docker API
2021-12-29AquaNitzan Yaakov
Threat Alert: Evolving Attack Techniques of Autom Cryptomining Campaign
2021-12-16TEAMT5Aragorn Tseng, Charles Li, Peter Syu, Tom Lai
Winnti is Coming - Evolution after Prosecution
Cobalt Strike FishMaster FunnySwitch HIGHNOON ShadowPad Spyder
2021-12-12SophosSean Gallagher
Log4Shell Hell: anatomy of an exploit outbreak
2021-12-06MicrosoftTom Burt
Protecting people from recent cyberattacks
2021-12-02MicrosoftMicrosoft Threat Experts
Structured threat hunting: One way Microsoft Threat Experts prioritizes customer defense
2021-11-30360 netlabAlex.Turing, Hui Wang
EwDoor Botnet Is Attacking AT&T Customers
EwDoor
2021-11-29CrowdStrikeFalcon OverWatch Team
Nowhere to Hide: Detecting SILENT CHOLLIMA’s Custom Tooling
2021-11-24safebreachTomer Bar
New PowerShortShell Stealer Exploits Recent Microsoft MSHTML Vulnerability to Spy on Farsi Speakers
PowerShortShell
2021-11-19Twitter (@knight0x07)neeraj
Tweet on Exmatter, custom data exfiltration tool, used by Blackmatter ransomware group
ExMatter
2021-11-16Intel 471Intel 471
How cryptomixers allow cybercriminals to clean their ransoms
2021-11-16BlackberryDean Given, Eoin Wickens, Jim Simpson, Marta Janus, T.J. O'Leary, Tom Bonner
Finding Beacons in the dark
Cobalt Strike
2021-11-13YouTube (AGDC Services)AGDC Services
Automate Qbot Malware String Decryption With Ghidra Script
QakBot
2021-11-12360 netlabAlex.Turing, Hui Wang, YANG XU
Malware uses namesilo Parking pages and Google's custom pages to spread
2021-11-11vmwareGiovanni Vigna, Jason Zhang, Stefano Ortolani, Threat Analysis Unit
Research Recap: How To Automate Malware Campaign Detection With Telemetry Peak Analyzer
Phorpiex QakBot
2021-11-10CrowdStrikeAntonio Parata
Ploutus ATM Malware Case Study: Automated Deobfuscation of a Strongly Obfuscated .NET Binary
Ploutus ATM
2021-11-09Trend MicroTrend Micro Research
Compromised Docker Hub Accounts Abused for Cryptomining Linked to TeamTNT
2021-10-27Avast DecodedAvast
Avast releases decryptor for AtomSilo and LockFile ransomware
ATOMSILO LockFile
2021-10-24MicrosoftTom Burt
New activity from Russian actor Nobelium
2021-10-15ZscalerRajdeepsinh Dodia
AtomSilo Ransomware Enters the League of Double Extortion
ATOMSILO