Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-17Group-IBEvgeny Egorov, Yakov Kravtsov
Scamdemic outbreak Scammers attack users in Middle Eastern countries
2021-09-16Department Of Health And Social Services (DHSS)Department Of Health And Social Services (DHSS)
Department of Health and Social Services 2021 Cyberattack: Frequently Asked Questions Updated Sept. 16, 2021
2021-09-16LumenBlack Lotus Labs
No Longer Just Theory: Black Lotus Labs Uncovers Linux Executables Deployed as Stealth Windows Loaders
PrivetSanya Meterpreter
2021-09-16Twitter (@GossiTheDog)Kevin Beaumont
Tweet on some unknown threat actor dropping Mgbot, custom IIS modular backdoor and cobalstrike using exploiting ProxyShell
Cobalt Strike MgBot
2021-09-16AkamaiLarry Cashdollar
Capoae Malware Ramps Up: Uses Multiple Vulnerabilities and Tactics to Spread
Capoae
2021-09-16CiscoTiago Pereira, Vitor Ventura
Operation Layover: How we tracked an attack on the aviation industry to five years of compromise
AsyncRAT Houdini NjRAT
2021-09-16CISAUS-CERT
APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus
2021-09-16BlackberryThe BlackBerry Research & Intelligence Team
Threat Thursday: NetWire RAT is Coming Down the Line
NetWire RC
2021-09-15MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability
EXOTIC LILY
2021-09-15MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability
Cobalt Strike
2021-09-14NK NewsEthan Jewell, Jeongmin Kim
North Korea-linked account poses as KBS scriptwriter to dupe DPRK watchers
2021-09-14CrowdStrikeCrowdStrike Intelligence Team
Big Game Hunting TTPs Continue to Shift After DarkSide Pipeline Attack
BlackMatter DarkSide REvil Avaddon BlackMatter Clop Conti CryptoLocker DarkSide DoppelPaymer Hades REvil
2021-09-14FortinetJohn Simmons
More ProxyShell? Web Shells Lead to ZeroLogon and Application Impersonation Attacks
2021-09-13MalwarebytesJérôme Segura
The many tentacles of Magecart Group 8
magecart
2021-09-13ImpervaDaniel Kerman
Attackers exploit CVE-2021-26084 for XMRig crypto mining on affected Confluence servers
2021-09-10S2W LAB Inc.S2W TALON
Groove x RAMP : The relation between Groove, Babuk, Payload.bin, RAMP, and BlackMatter
Babuk BlackMatter Babuk BlackMatter
2021-09-10NetskopeGustavo Palazolo
Hive Ransomware: Actively Targeting Hospitals
Hive
2021-09-10The RecordCatalin Cimpanu
Indonesian intelligence agency compromised in suspected Chinese hack
PlugX
2021-09-09BlackberryThe BlackBerry Research & Intelligence Team
Threat Thursday: Get Your Paws Off My Data, Raccoon Infostealer
Raccoon
2021-09-09Medium s2wlabS2W TALON
Case Analysis of Suncrypt Ransomware Negotiation and Bitcoin Transaction
SunCrypt