Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-09-01Twitter (@Vishnyak0v)Alexey Vishnyakov
Tweet on sample discovery
Unidentified 078 (Zebrocy Nim Loader?)
2020-08-13NSANSA
NSA and FBI Expose Russian Previously Undisclosed Malware “Drovorub” in Cybersecurity Advisory
2020-08-13National Security AgencyFederal Bureau of Investigation, National Security Agency
Russian GRU 85th GTsSS Deploys Previously Undisclosed Drovorub Malware
2020-07-30FireEyeJoseph Hladik, Josh Fleischer
Obscured by Clouds: Insights into Office 365 Attacks and How Mandiant Managed Defense Investigates
2020-07-24VMWare Carbon BlackAndrew Costis
TAU Threat Discovery: Cryptocurrency Clipper Malware Evolves
Poulight Stealer
2020-07-08COLUMBIA | SIPAJennifer Keltz, John Patrick Dees, John Sakellariadis, Katherine von Ofenheim, Lan Pelekis, Matthew Armelli, Max Egar, Neal Pollard, Stuart Caudill, Vipratap Vikram Singh
Named But Hardly Shamed: What is the Impact of Information Disclosures on an APT Operations?
2020-07-08VMWare Carbon BlackBrian Baskin
TAU Threat Discovery: Conti Ransomware
Conti
2020-07-06Cisco TalosArnaud Zobec, Ben Baker, Edmund Brumaghin, JJ Cummings
WastedLocker Goes "Big-Game Hunting" in 2020
WastedLocker
2020-07-01Cisco TalosEdmund Brumaghin, Mariano Graziano, Nick Biasini
Threat Spotlight: Valak Slithers Its Way Into Manufacturing and Transportation Networks
Valak IcedID ISFB MyKings Spreader
2020-07-01LookoutApurva Kumar, Christoph Hebeisen, Kristin Del Rosso
Multiyear Surveillance Campaigns Discovered Targeting Uyghurs
2020-06-29Twitter (@dineshdina04)Dinesh Devadoss
Tweet on initial Discovery of EvilQuest
EvilQuest
2020-06-29Cisco TalosPaul Rascagnères, Vitor Ventura, Warren Mercer
PROMETHIUM extends global reach with StrongPity3 APT
StrongPity
2020-06-26SymantecCritical Attack Discovery and Intelligence Team
WastedLocker: Symantec Identifies Wave of Attacks Against U.S. Organizations
donut_injector WastedLocker
2020-06-24Twitter (@struppigel)Karsten Hahn
Tweet on DiscordTokenStealer
2020-06-23SymantecCritical Attack Discovery and Intelligence Team
Sodinokibi: Ransomware Attackers also Scanning for PoS Software, Leveraging Cobalt Strike
Cobalt Strike REvil
2020-06-18DragosJoe Slowik
EKANS Ransomware Misconceptions and Misunderstandings
Snake
2020-06-15Cisco TalosCaitlin Huey, David Liebenberg
Quarterly report: Incident Response trends in Summer 2020
Ryuk
2020-06-10MicrosoftYossi Weizman
Misconfigured Kubeflow workloads are a security risk
2020-06-09RiskIQJordan Herman
Misconfigured Amazon S3 Buckets Continue to be a Launchpad for Malicious Code
magecart
2020-06-03MalwarebytesHossein Jazi, Jérôme Segura
New LNK attack tied to Higaisa APT discovered
Higaisa