Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-08-03CybereasonAssaf Dahan, Daniel Frank, Lior Rochberger, Tom Fakterman
DeadRinger: Exposing Chinese Threat Actors Targeting Major Telcos
CHINACHOPPER Cobalt Strike MimiKatz Nebulae
2021-08-03Twitter (@ValthekOn)Valthek
Tweet on blacklisted extensions & names of BlackMatter ransomware making the check against custom hashes values
DarkSide
2021-07-26vmwarePavankumar Chaudhari, Quentin Fois
Hunting IcedID and unpacking automation with Qiling
IcedID
2021-07-21TEAMT5Jason3e7, Peter, Tom
"Le" is not tired of this, IE is really naughty
Magniber
2021-07-19Ministry of Foreign Affairs of JapanMinistry of Foreign Affairs of Japan
Cases of cyberattacks including those by a group known as APT40 which the Chinese government is behind (Statement by Press Secretary YOSHIDA Tomoyuki)
APT40
2021-07-15MicrosoftMicrosoft Threat Intelligence
Protecting customers from a private-sector offensive actor using 0-day exploits and DevilsTongue malware
DevilsTongue Caramel Tsunami
2021-07-15MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
Protecting customers from a private-sector offensive actor using 0-day exploits and DevilsTongue malware
2021-07-15ISATom Winston
What is Cyber Threat Intelligence?
2021-07-12Cipher Tech SolutionsClaire Zaboeva, Dan Dash, Melissa Frydrych
RoboSki and Global Recovery: Automation to Combat Evolving Obfuscation
404 Keylogger Agent Tesla AsyncRAT Ave Maria Azorult BitRAT Formbook HawkEye Keylogger Loki Password Stealer (PWS) Nanocore RAT NetWire RC NjRAT Quasar RAT RedLine Stealer Remcos
2021-07-12IBMClaire Zaboeva, Dan Dash, Melissa Frydrych
RoboSki and Global Recovery: Automation to Combat Evolving Obfuscation
404 Keylogger Agent Tesla AsyncRAT Ave Maria Azorult BitRAT Formbook HawkEye Keylogger Loki Password Stealer (PWS) Nanocore RAT NetWire RC NjRAT Quasar RAT RedLine Stealer Remcos
2021-07-12JPCERT/CCShusei Tomonaga, Yuma Masubuchi
Attack Exploiting XSS Vulnerability in E-commerce Websites
Unidentified JS 005 (Stealer)
2021-07-06CybereasonTom Fakterman
Cybereason vs. REvil Ransomware: The Kaseya Chronicles
REvil
2021-07-04CISAUS-CERT
CISA-FBI Guidance for MSPs and their Customers Affected by the Kaseya VSA Supply-Chain Ransomware Attack
REvil REvil
2021-07-01ThreatpostTom Spring
Linux Variant of REvil Ransomware Targets VMware’s ESXi, NAS Devices
REvil
2021-06-30synthesis.to blogTim Blazytko
Automation in Reverse Engineering: String Decryption
Mirai
2021-06-23IBMItzik Chimino
Ursnif Leverages Cerberus to Automate Fraudulent Bank Transfers in Italy
ISFB
2021-06-21laceworkTom Hegel
Threat Hunting SSH Keys – Bash Script Feature Pivoting
2021-06-21sonatypeAx Sharma
Sonatype Catches New PyPI Cryptomining Malware
2021-06-21Medium elis531989Eli Salem
Dissecting and automating Hancitor’s config extraction
Hancitor
2021-06-18Chosun BizSon Deok-ho, 손덕호 기자
The Atomic Energy Research Institute has been breached by a North Korean hacker organization Kimsuky