Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-06-23splunkSplunk Threat Research Team
Threat Update: Industroyer2
INDUSTROYER2
2022-06-23cybleCyble Research Labs
Matanbuchus Loader Resurfaces
Cobalt Strike Matanbuchus
2022-06-23GoogleBenoit Sevens, Clement Lecigne, Google Threat Analysis Group
Spyware vendor targets users in Italy and Kazakhstan
Hermit
2022-06-23KasperskyDanila Nasonov, Natalya Shornikova, Nikita Nazarov, Vasily Davydov, Vladislav Burtsev
The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs
Conti Hive BlackByte BlackCat Clop LockBit Mespinoza Ragnarok
2022-06-23KasperskyDanila Nasonov, Natalya Shornikova, Nikita Nazarov, Vasily Davydov, Vladislav Burtsev
The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs (Download Form)
BlackByte BlackCat Clop Conti Hive LockBit Mespinoza RagnarLocker
2022-06-22Cert-UACert-UA
Cyberattacks by China-associated groups against Russian scientific and technical enterprises and government agencies (CERT-UA#4860)
QUICKMUTE
2022-06-21McAfeeLakshya Mathur
Rise of LNK (Shortcut files) Malware
BazarBackdoor Emotet IcedID QakBot
2022-06-21SonicWallSonicWall
HTML Application Files are being used to distribute Smoke Loader Malware
SmokeLoader
2022-06-21BleepingComputerSergiu Gatlan
Microsoft Exchange servers hacked by new ToddyCat APT gang
ToddyCat
2022-06-21KasperskyGiampaolo Dedola
APT ToddyCat: Unveiling an unknown APT actor attacking high-profile entities in Europe and Asia
ToddyCat
2022-06-21Lab52
MuddyWater’s “light” first-stager targetting Middle East
Unidentified VBS 004 (RAT)
2022-06-21Cisco TalosChris Neal, Flavio Costa, Guilherme Venere
Avos ransomware group expands with new attack arsenal
AvosLocker Cobalt Strike DarkComet MimiKatz
2022-06-21Malwarebytes LabsThreat Intelligence Team
Russia’s APT28 uses fear of nuclear war to spread Follina docs in Ukraine
2022-06-20Medium (Cryptax)Axelle Apvrille
Tracking Android/Joker payloads with Medusa, static analysis (and patience)
Joker
2022-06-20Cert-UACert-UA
APT28 cyberattack using CredoMap malware (CERT-UA#4843)
CredoMap
2022-06-20Cert-UACert-UA
UAC-0098 group cyberattack on critical infrastructure of Ukraine (CERT-UA#4842)
Cobalt Strike
2022-06-19OALabsSergei Frankoff
Matanbuchus Triage Notes
Matanbuchus
2022-06-18R136a1Dominik Reichel
Using dotnetfile to get a Sunburst timeline for intelligence gathering
SUNBURST
2022-06-17Github (NtQuerySystemInformation)Twitter (@kasua02)
A reverse engineer primer on Qakbot Dll Stager: From initial execution to multithreading.
QakBot
2022-06-17ZscalerKaivalya Khursale, Sudeep Singh
Resurgence of Voicemail-themed phishing attacks targeting key industry verticals in the US