Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-03-26LumenChris Formosa, Danny Adamitis, Ryan English, Steve Rudd
The Darkside Of TheMoon
TheMoon
2024-01-31StairwellAlex Hegyi, Chris St. Myers, Evelyne Diaz Araque, Matt Richard, Silas Cutler, Vincent Zell
Technical analysis: The silent torrent of VileRAT
VileRAT EVILNUM
2024-01-23Arctic WolfChristopher Prest, Hady Azzam, Steven Campbell
CherryLoader: A New Go-based Loader Discovered in Recent Intrusions
CherryLoader
2024-01-23Trend MicroChristian Alpuerto, Christian Jason Geollegue, Don Ovid Ladores, Emmanuel Panopio, Emmanuel Roll, Francesca Villasanta, Gerald Fernandez, Julius Keith Estrellado, Raighen Sanchez, Raymart Yambot, Rhio Manaog, Shawn Austin Santos, Sophia Nilette Robles
Kasseika Ransomware Deploys BYOVD Attacks, Abuses PsExec and Exploits Martini Driver
Kasseika
2024-01-23Trend MicroChristian Alpuerto, Christian Jason Geollegue, Don Ovid Ladores, Emmanuel Panopio, Emmanuel Roll, Francesca Villasanta, Gerald Fernandez, Julius Keith Estrellado, Raighen Sanchez, Raymart Yambot, Rhio Manaog, Shawn Austin Santos, Sophia Nilette Robles
Kasseika Ransomware Deploys BYOVD Attacks, Abuses PsExec and Exploits Martini Driver
Kasseika
2023-11-09MandiantChris Sistrunk, Daniel Kapellmann Zafra, Jared Wilson, John Wolfram, Keith Lunden, Ken Proska, Nathan Brubaker, Tyler McLellan
Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology
CaddyWiper
2023-07-26SPURRiley Kilmer
Christmas in July: A finely wrapped Malware Proxy Service
AVrecon
2023-02-02YouTube (SLEUTHCON)Christopher Glyer, Microsoft Threat Intelligence Center (MSTIC)
Lions, Tigers, and Infostealers - Oh my!
RecordBreaker RedLine Stealer Vidar
2022-12-20Trend MicroChristopher Daniel So
Raspberry Robin Malware Targets Telecom, Governments
Raspberry Robin Roshtyak
2022-12-14Chris Partridge
50 Domains Worth Blocking: The Evolution of ViperSoftX's Underreported DGA
ViperSoftX
2022-11-17Cisco TalosChris Neal
Get a Loda This: LodaRAT meets new friends
Loda Kasablanka
2022-11-03paloalto Netoworks: Unit42Chris Navarrete, Durgesh Sangvikar, Matthew Tennis, Siddhart Shibiraj, Yanhui Jia, Yu Fu
Cobalt Strike Analysis and Tutorial: Identifying Beacon Team Servers in the Wild
Cobalt Strike
2022-10-31Security homeworkChristophe Rieunier
QakBot CCs prioritization and new record types
QakBot
2022-07-26MandiantDaniel Kapellmann Zafra, Jay Christiansen, Keith Lunden, Ken Proska, Thibault van Geluwe de Berlaere
Mandiant Red Team Emulates FIN11 Tactics To Control Operational Technology Servers
Clop Industroyer MimiKatz Triton
2022-07-13Palo Alto Networks Unit 42Chris Navarrete, Durgesh Sangvikar, Siddhart Shibiraj, Yanhui Jia, Yu Fu
Cobalt Strike Analysis and Tutorial: CS Metadata Encryption and Decryption
Cobalt Strike
2022-07-11Twitter (@cglyer)Christopher Glyer
Tweet on LAPSUS$/DEV-0537
2022-07-01Malwarebytes LabsChristopher Boyd
AstraLocker 2.0 ransomware isn’t going to give you your files back
AstraLocker
2022-06-23TrellixChristiaan Beek
The Sound of Malware
Conti VHD Ransomware
2022-06-21Cisco TalosChris Neal, Flavio Costa, Guilherme Venere
Avos ransomware group expands with new attack arsenal
AvosLocker Cobalt Strike DarkComet MimiKatz
2022-06-07Lacework LabsChris Hall
Kinsing & Dark.IoT botnet among threats targeting CVE-2022-26134
Dark Kinsing