Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-11-02NOZOMI Network LabsNozomi Networks Labs
Could Threat Actors Be Downgrading Their Malware to Evade Detection?
Bashlite
2022-11-01BlackPointBlackPoint
Ratting Out Arechclient2
SectopRAT
2022-11-01NCSC UKNCSC UK
NCSC Annual Review 2022
2022-10-31Kaspersky LabsSuguru Ishimaru
APT10: Tracking down LODEINFO 2022, part II
LODEINFO
2022-10-31Kaspersky LabsSuguru Ishimaru
APT10: Tracking down LODEINFO 2022, part I
LODEINFO
2022-10-31Twitter (@CryptoInsane)CryptoInsane
Tweet about Yanluowang Leaks
Yanluowang
2022-10-31CynetMax Malyutin
Orion Threat Alert: Qakbot TTPs Arsenal and the Black Basta Ransomware
Black Basta Cobalt Strike QakBot
2022-10-31The RecordAlexander Martin
Mondelez and Zurich reach settlement in NotPetya cyberattack insurance suit
EternalPetya
2022-10-31ElasticAndrew Pease, Daniel Stepanic, Derek Ditch, Seth Goodwin
ICEDIDs network infrastructure is alive and well
IcedID
2022-10-31Cyber GeeksVlad Pasca
A Technical Analysis of Pegasus for Android - Part 3
Chrysaor
2022-10-31Security homeworkChristophe Rieunier
QakBot CCs prioritization and new record types
QakBot
2022-10-31paloalto Netoworks: Unit42Or Chechik
Banking Trojan Techniques: How Financially Motivated Malware Became Infrastructure
Dridex Kronos TrickBot Zeus
2022-10-28velociraptorMatt Green
Windows.Carving.SystemBC - SystemBC RAT configuration Purser for Velociraptor
SystemBC
2022-10-28cocomelonccocomelonc
APT techniques: Token theft via UpdateProcThreadAttribute. Simple C++ example.
2022-10-28ThreatFabricThreatFabric
Malware wars: the attack of the droppers
Brunhilda SharkBot Vultur
2022-10-28Elastic@rsprooten, Elastic Security Intelligence & Analytics Team
EMOTET dynamic config extraction
Emotet
2022-10-27vmwareTakahiro Haruyama
Threat Analysis: Active C2 Discovery Using Protocol Emulation Part3 (ShadowPad)
ShadowPad
2022-10-27MicrosoftMicrosoft Threat Intelligence
Raspberry Robin worm part of larger ecosystem facilitating pre-ransomware activity
FAKEUPDATES BumbleBee Clop Fauppod Raspberry Robin Roshtyak Silence DEV-0950 Mustard Tempest
2022-10-27MicrosoftMicrosoft Security Threat Intelligence
Raspberry Robin worm part of larger ecosystem facilitating pre-ransomware activity
FAKEUPDATES BumbleBee Fauppod PhotoLoader Raspberry Robin Roshtyak
2022-10-27Bleeping ComputerSergiu Gatlan
Microsoft links Raspberry Robin worm to Clop ransomware attacks
Clop Raspberry Robin