Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-11-03ZscalerSudeep Singh
APT-36 Uses New TTPs and New Tools to Target Indian Governmental Organizations
LimePad
2022-11-03paloalto Netoworks: Unit42Chris Navarrete, Durgesh Sangvikar, Matthew Tennis, Siddhart Shibiraj, Yanhui Jia, Yu Fu
Cobalt Strike Analysis and Tutorial: Identifying Beacon Team Servers in the Wild
Cobalt Strike
2022-11-03SentinelOneSentinelLabs
Black Basta Ransomware | Attacks deploy Custom EDR Evasion Tools tied to FIN7 Threat Actor
Black Basta QakBot SocksBot
2022-11-02SekoiaQuentin Bourgue, sekoia, Threat & Detection Research Team
BlueFox Stealer: a newcomer designed for traffers teams
Aurora Stealer BlueFox
2022-11-02BlackberryBlackberry Research
RomCom Threat Actor Abuses KeePass and SolarWinds to Target Ukraine and Potentially the United Kingdom
ROMCOM RAT RomCom
2022-11-02ASECASEC
Appleseed Being Distributed to Nuclear Power Plant-Related Companies
Appleseed
2022-11-02NOZOMI Network LabsNozomi Networks Labs
Could Threat Actors Be Downgrading Their Malware to Evade Detection?
Bashlite
2022-11-01BlackPointBlackPoint
Ratting Out Arechclient2
SectopRAT
2022-10-31CynetMax Malyutin
Orion Threat Alert: Qakbot TTPs Arsenal and the Black Basta Ransomware
Black Basta Cobalt Strike QakBot
2022-10-31The RecordAlexander Martin
Mondelez and Zurich reach settlement in NotPetya cyberattack insurance suit
EternalPetya
2022-10-31Security homeworkChristophe Rieunier
QakBot CCs prioritization and new record types
QakBot
2022-10-31paloalto Netoworks: Unit42Or Chechik
Banking Trojan Techniques: How Financially Motivated Malware Became Infrastructure
Dridex Kronos TrickBot Zeus
2022-10-28velociraptorMatt Green
Windows.Carving.SystemBC - SystemBC RAT configuration Purser for Velociraptor
SystemBC
2022-10-28cocomelonccocomelonc
APT techniques: Token theft via UpdateProcThreadAttribute. Simple C++ example.
2022-10-28ThreatFabricThreatFabric
Malware wars: the attack of the droppers
Brunhilda SharkBot Vultur
2022-10-27vmwareTakahiro Haruyama
Threat Analysis: Active C2 Discovery Using Protocol Emulation Part3 (ShadowPad)
ShadowPad
2022-10-27MicrosoftMicrosoft Threat Intelligence
Raspberry Robin worm part of larger ecosystem facilitating pre-ransomware activity
FAKEUPDATES BumbleBee Clop Fauppod Raspberry Robin Roshtyak Silence DEV-0950 Mustard Tempest
2022-10-27MicrosoftMicrosoft Security Threat Intelligence
Raspberry Robin worm part of larger ecosystem facilitating pre-ransomware activity
FAKEUPDATES BumbleBee Fauppod PhotoLoader Raspberry Robin Roshtyak
2022-10-27Bleeping ComputerSergiu Gatlan
Microsoft links Raspberry Robin worm to Clop ransomware attacks
Clop Raspberry Robin
2022-10-27ANY.RUNANY.RUN
STRRAT: Malware Analysis of a JAR archive
STRRAT