Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-04-04MandiantAshley Pearson, Austin Larsen, Billy Wong, John Wolfram, Joseph Pisano, Josh Murchie, Lukasz Lamparski, Matt Lin, Ron Craft, Ryan Hall, Shawn Chew, Tyler McLellan
Cutting Edge, Part 4: Ivanti Connect Secure VPN Post-Exploitation Lateral Movement Case Studies
2024-04-04Twitter (@embee_research)Embee_research
TLS Certificate For Threat Intelligence - Identifying MatanBuchus Domains Through Hardcoded Certificate Values
Matanbuchus
2024-04-04Deep instinctSimon Kenin
DarkBeatC2: The Latest MuddyWater Attack Framework
MuddyC2Go
2024-04-04ProofpointProofpoint Threat Research Team, Team Cymru, TEAM CYMRU S2 THREAT RESEARCH
Latrodectus: This Spider Bytes Like Ice
IcedID Unidentified 111 (Latrodectus)
2024-04-03HarfangLabAlice Climent-Pommeret
Raspberry Robin and its new anti-emulation trick
Raspberry Robin
2024-04-03ResecurityResecurity
The New Version Of JsOutProx Is Attacking Financial Institutions In APAC And MENA Via GitLab Abuse
JSOutProx
2024-04-03ThreatMonKerime Gencay
XZ Utils Backdoor Research Report CVE-2024-3094
xzbot
2024-04-03Bleeping ComputerIonut Ilascu
Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack
2024-04-03WiredAndy Greenberg, Matt Burgess
The Mystery of ‘Jia Tan,’ the XZ Backdoor Mastermind
xzbot
2024-04-03Trend MicroChristopher Boyton
Unveiling the Fallout: Operation Cronos' Impact on LockBit Following Landmark Disruption
LockBit
2024-04-02DarktraceAlexandra Sentenac, Trent Kessler, Victoria Baldie
The Early Bird Catches the Worm: Darktrace’s Hunt for Raspberry Robin
Raspberry Robin
2024-04-02Trend MicroChristopher So
Earth Freybug Uses UNAPIMON for Unhooking Critical APIs
2024-04-02ForescoutForescout Vedere Labs
“All your base are belong to us” – A probe into Chinese-connected devices in US networks
2024-04-02Check Point ResearchAntonis Terefos, Raman Ladutska
Agent Tesla Targeting United States & Australia: Revealing the Attackers' Identities
Agent Tesla
2024-04-01The DFIR ReportThe DFIR Report
From OneNote to RansomNote: An Ice Cold Intrusion
Cobalt Strike IcedID Nokoyawa Ransomware PhotoLoader
2024-04-01Github (amlweems)Anthony Weems
Analysis Repo with honeypot and backdoor patch for xzbot
xzbot
2024-04-01Twitter (@embee_research)Embee_research
Passive DNS For Phishing Link Analysis - Identifying 36 Latrodectus Domains With Historical Records and 302 Redirects
Unidentified 111 (Latrodectus)
2024-04-01ThreatMonKerime Gencay
RisePro Stealer Malware Analysis Report
RisePro
2024-03-31Check Point ResearchCheck Point
Malware Spotlight: Linodas aka DinodasRAT for Linux
Linodas
2024-03-31Github (karcherm)Michael Karcher
Information about the liblzma (xz-utils) backdoor
xzbot