Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-05-19Nozomi NetworksAlexey Kleymenov
Colonial Pipeline Ransomware Attack: Revealing How DarkSide Works
DarkSide
2021-05-11The RecordCatalin Cimpanu
15% of 2020 ransomware payments carried a sanctions violations risk
2021-05-05SymantecThreat Hunter Team
Multi-Factor Authentication: Headache for Cyber Actors Inspires New Attack Techniques
CHINACHOPPER
2021-04-29FireEyeJustin Moore, Raymond Leong, Tyler McLellan
UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat
Cobalt Strike FiveHands HelloKitty
2021-04-18Bleeping ComputerLawrence Abrams
Discord Nitro gift codes now demanded as ransomware payments
Nitro
2021-04-16Team CymruJoshua Picolet
Transparent Tribe APT Infrastructure Mapping Part 1: A High-Level Study of CrimsonRAT Infrastructure October 2020 – March 2021
Crimson RAT
2021-04-07Medium walmartglobaltechJason Reaves
Not your same old adware anymore, PBOT updates
2021-03-26Bleeping ComputerLawrence Abrams
Ransomware gang urges victims’ customers to demand a ransom payment
Clop
2021-03-15Modern War InstituteChristopher Marsh, Mark Grzegorzewski
Incorporating the Cyberspace Domain: How Russia and China Exploit Asymmetric Advantages in Great Power Competition
2021-03-15Team CymruJosh Hopkins
FIN8: BADHATCH Threat Indicator Enrichmen
BADHATCH
2021-03-10PICUS SecuritySüleyman Özarslan
Tactics, Techniques, and Procedures (TTPs) Used by HAFNIUM to Target Microsoft Exchange Servers
CHINACHOPPER
2021-03-08SymantecThreat Hunter Team
How Symantec Stops Microsoft Exchange Server Attacks
CHINACHOPPER MimiKatz
2021-03-08SecureworksCounter Threat Unit ResearchTeam
SUPERNOVA Web Shell Deployment Linked to SPIRAL Threat Group
SUPERNOVA BRONZE SPIRAL
2021-02-18SymantecThreat Hunter Team
Lazarus: Three North Koreans Charged for Financially Motivated Attacks
AppleJeus POOLRAT Unidentified macOS 001 (UnionCryptoTrader) AppleJeus Unidentified 077 (Lazarus Downloader)
2021-02-05Team CymruDavid Monnier
Kobalos Malware Mapping Potentially Impacted Networks and IP Address Mapping
Kobalos
2021-01-27Team CymruJames Shank
Taking Down Emotet How Team Cymru Leveraged Visibility and Relationships to Coordinate Community Efforts
Emotet
2021-01-26Team CymruCERT-BR, Josh Hopkins, Manabu Niseki
GhostDNSbusters (Part 3) Illuminating GhostDNS Infrastructure
2021-01-22SymantecThreat Hunter Team
SolarWinds: How Sunburst Sends Data Back to the Attackers
SUNBURST
2021-01-20Team CymruAndy Kraus
MoqHao Part 1: Identifying Phishing Infrastructure
MoqHao
2021-01-18SymantecThreat Hunter Team
Raindrop: New Malware Discovered in SolarWinds Investigation
Cobalt Strike Raindrop SUNBURST TEARDROP