Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-05-12TEAMT5Leon Chang, Silvia Yeh
The Next Gen PlugX/ShadowPad? A Dive into the Emerging China-Nexus Modular Trojan, Pangolin8RAT (slides)
KEYPLUG Cobalt Strike CROSSWALK FunnySwitch PlugX ShadowPad Winnti SLIME29 TianWu
2022-05-12BlackberryThe BlackBerry Research & Intelligence Team
Threat Thursday: Malware Rebooted - How Industroyer2 Takes Aim at Ukraine Infrastructure
INDUSTROYER2
2022-05-12SecureworksCounter Threat Unit ResearchTeam
COBALT MIRAGE Conducts Ransomware Operations in U.S.
CobaltMirage FRP APT35
2022-05-11TEAMT5Charles Li, Che Chang
To loot or Not to Loot? That Is Not a Question - When State-Nexus APT Targets Online Entertainment Industry
APT27 BRONZE STARLIGHT SLIME29 TianWu
2022-05-11Sandfly SecurityThe Sandfly Security Team
BPFDoor - An Evasive Linux Backdoor Technical Analysis
BPFDoor
2022-05-11CrowdStrikeAdrian Justice, CrowdStrike Overwatch Team
IceApple: A Novel Internet Information Services (IIS) Post-Exploitation Framework
2022-05-10Malwarebytes LabsThreat Intelligence Team
APT34 targets Jordan Government using new Saitama backdoor
Saitama Backdoor
2022-05-09Microsoft SecurityMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself
Griffon BazarBackdoor BlackCat BlackMatter Blister Gozi LockBit Pandora Rook SystemBC TrickBot
2022-05-09Qianxin Threat Intelligence CenterRed Raindrops Team
Operation EviLoong: An electronic party of "borderless" hackers
ZXShell
2022-05-09BlackberryThe BlackBerry Research & Intelligence Team
Dirty Deeds Done Dirt Cheap: Russian RAT Offers Backdoor Bargains
DCRat NjRAT
2022-05-09MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself
AnchorDNS BlackCat BlackMatter Conti DarkSide HelloKitty Hive LockBit REvil FAKEUPDATES Griffon ATOMSILO BazarBackdoor BlackCat BlackMatter Blister Cobalt Strike Conti DarkSide Emotet FiveHands Gozi HelloKitty Hive IcedID ISFB JSSLoader LockBit LockFile Maze NightSky Pandora Phobos Phoenix Locker PhotoLoader QakBot REvil Rook Ryuk SystemBC TrickBot WastedLocker BRONZE STARLIGHT
2022-05-09SecureworksCounter Threat Unit ResearchTeam
REvil Development Adds Confidence About GOLD SOUTHFIELD Reemergence
REvil
2022-05-09TEAMT5TeamT5
Hiding in Plain Sight: Obscuring C2s by Abusing CDN Services
Cobalt Strike
2022-05-05Malwarebytes LabsThreat Intelligence Team
Nigerian Tesla: 419 scammer gone malware distributor unmasked
Agent Tesla
2022-05-05BlackberryThe BlackBerry Research & Intelligence Team
Threat Thursday: ZingoStealer – The Cost of “Free”
ZingoStealer
2022-04-29Team CymruJoshua Picolet
Sliver Case Study: Assessing Common Offensive Security Tools The Use of the Sliver C2 Framework for Malicious Purposes
Sliver
2022-04-28BlackberryThe BlackBerry Research & Intelligence Team
Threat Thursday: BoratRAT
Borat RAT
2022-04-27SecureworksCounter Threat Unit ResearchTeam
BRONZE PRESIDENT Targets Russian Speakers with Updated PlugX
DOPLUGS
2022-04-27SymantecThreat Hunter Team
Stonefly: North Korea-linked Spying Operation Continues to Hit High-value Targets
Dtrack VSingle
2022-04-26AhnLabASEC Analysis Team
New Malware of Lazarus Threat Actor Group Exploiting INITECH Process
Racket Downloader wAgentTea