Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-07-02Team CymruJoshua Picolet
Transparent Tribe APT Infrastructure Mapping Part 2: A Deeper Dive into the Identification of CrimsonRAT Infrastructure
Crimson RAT
2021-06-23SymantecThreat Hunter Team
Ransomware: Growing Number of Attackers Using Virtual Machines
Mount Locker
2021-06-22CrowdStrikerich seymour
Preventing Exploitation of the ZIP File Format
2021-06-16Avast DecodedMartin Chlumecký
DirtyMoe: Introduction and General Overview of Modularized Malware
DirtyMoe
2021-05-19Team CymruAndy Kraus, Josh Hopkins, Nick Byers
Tracking BokBot Infrastructure Mapping a Vast and Currently Active BokBot Network
IcedID
2021-05-19Nozomi NetworksAlexey Kleymenov
Colonial Pipeline Ransomware Attack: Revealing How DarkSide Works
DarkSide
2021-05-11The RecordCatalin Cimpanu
15% of 2020 ransomware payments carried a sanctions violations risk
2021-05-05SymantecThreat Hunter Team
Multi-Factor Authentication: Headache for Cyber Actors Inspires New Attack Techniques
CHINACHOPPER
2021-04-29FireEyeJustin Moore, Raymond Leong, Tyler McLellan
UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat
Cobalt Strike FiveHands HelloKitty
2021-04-18Bleeping ComputerLawrence Abrams
Discord Nitro gift codes now demanded as ransomware payments
Nitro
2021-04-16Team CymruJoshua Picolet
Transparent Tribe APT Infrastructure Mapping Part 1: A High-Level Study of CrimsonRAT Infrastructure October 2020 – March 2021
Crimson RAT
2021-04-07Medium walmartglobaltechJason Reaves
Not your same old adware anymore, PBOT updates
2021-03-26Bleeping ComputerLawrence Abrams
Ransomware gang urges victims’ customers to demand a ransom payment
Clop
2021-03-15Modern War InstituteChristopher Marsh, Mark Grzegorzewski
Incorporating the Cyberspace Domain: How Russia and China Exploit Asymmetric Advantages in Great Power Competition
2021-03-15Team CymruJosh Hopkins
FIN8: BADHATCH Threat Indicator Enrichmen
BADHATCH
2021-03-10PICUS SecuritySüleyman Özarslan
Tactics, Techniques, and Procedures (TTPs) Used by HAFNIUM to Target Microsoft Exchange Servers
CHINACHOPPER
2021-03-08SymantecThreat Hunter Team
How Symantec Stops Microsoft Exchange Server Attacks
CHINACHOPPER MimiKatz
2021-03-08SecureworksCounter Threat Unit ResearchTeam
SUPERNOVA Web Shell Deployment Linked to SPIRAL Threat Group
SUPERNOVA BRONZE SPIRAL
2021-02-18SymantecThreat Hunter Team
Lazarus: Three North Koreans Charged for Financially Motivated Attacks
AppleJeus POOLRAT Unidentified macOS 001 (UnionCryptoTrader) AppleJeus Unidentified 077 (Lazarus Downloader)
2021-02-05Team CymruDavid Monnier
Kobalos Malware Mapping Potentially Impacted Networks and IP Address Mapping
Kobalos