Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-12-07MicrosoftMicrosoft Threat Intelligence
Star Blizzard increases sophistication and evasion in ongoing attacks
Callisto
2023-12-06splunkSplunk Threat Research Team
Unmasking the Enigma: A Historical Dive into the World of PlugX Malware
PlugX
2023-12-05PWCPwC Threat Intelligence
The Tortoise and The Malwahare
SnappyTCP
2023-12-05ProofpointCrista Giering, Greg Lesnewich, Proofpoint Threat Research Team
TA422’s Dedicated Exploitation Loop—the Same Week After Week
2023-12-02openhunting.ioopenhunting.io
Threat Hunting Malware Infrastructure
VBREVSHELL AsyncRAT
2023-12-01Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet about Storm-1044 and Storm-0216, Danabot leading to Cactus ransomware
Cactus DanaBot TA2101
2023-12-01Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet on Danabot leading to cactus ransomware
Cactus DanaBot Storm-1044
2023-11-30Twitter (@embee_research)Embee_research
Advanced Threat Intel Queries - Catching 83 Qakbot Servers with Regex, Censys and TLS Certificates
QakBot
2023-11-27Twitter (@embee_research)Embee_research
Building Threat Intel Queries Utilising Regex and TLS Certificates - (BianLian)
BianLian
2023-11-22MicrosoftMicrosoft Threat Intelligence
Diamond Sleet supply chain compromise distributes a modified CyberLink installer
LambLoad
2023-11-21Palo Alto Networks Unit 42Unit 42
Hacking Employers and Seeking Employment: Two Job-Related Campaigns Bear Hallmarks of North Korean Threat Actors
BeaverTail InvisibleFerret WageMole
2023-11-21adluminadlumin
PlayCrypt Ransomware-as-a-Service Expands Threat from Script Kiddies and Sophisticated Attackers
PLAY
2023-11-16YouTube (Swiss Cyber Storm)Angelo Violetti
Resilience Rising: Countering the Threat Actors Behind Black Basta Ransomware
Black Basta
2023-11-09MicrosoftMicrosoft Threat Intelligence
Microsoft shares threat intelligence at CYBERWARCON 2023
Blue Tsunami
2023-11-08Deep instinctDeep Instinct Threat Lab, Simon Kenin
MuddyC2Go – Latest C2 Framework Used by Iranian APT MuddyWater Spotted in Israel
PhonyC2 MuddyC2Go
2023-11-03UptycsShilpesh Trivedi, Uptycs Threat Research
GhostSec: From Fighting ISIS to Possibly Targeting Israel with RaaS
GhostLocker GhostSec
2023-11-02eSentireeSentire Threat Response Unit (TRU)
From DarkGate to DanaBot
DanaBot DarkGate
2023-11-02DataBreaches.netDissent
Jeffco Public Schools hit by the same threat actors that hit Clark County School District — and via the same way
SingularityMD
2023-11-01Deep instinctDeep Instinct Threat Lab, Simon Kenin
MuddyWater eN-Able spear-phishing with new TTPs
PhonyC2
2023-10-31InfobloxInfoblox Threat Intelligence Group
Prolific Puma: Shadowy Link Shortening Service Enables Cybercrime
Prolific Puma