Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-05-23Github (x-junior)Mohamed Ashraf
String Decryptor for WarmCookie
2024-05-23Github (x-junior)Mohamed Ashraf
IDA Script for WarmCookie
2024-05-23Palo Alto Networks Unit 42Daniel Frank, Lior Rochberger
Operation Diplomatic Specter: An Active Chinese Cyberespionage Campaign Leverages Rare Tool Set to Target Governmental Entities in the Middle East, Africa and Asia
Agent Racoon CHINACHOPPER Ghost RAT JuicyPotato MimiKatz Ntospy PlugX SweetSpecter TunnelSpecter
2024-05-23CheckpointCheckpoint Research
Sharp dragon expands towards africa and the caribbean
5.t Downloader Cobalt Strike
2024-05-22DARKReadingElizabeth Montalbano
Novel EDR-Killing 'GhostEngine' Malware Is Built for Stealth
2024-05-22Martin Zugec
Deep Dive Into Unfading Sea Haze: A New Threat Actor in the South China Sea
2024-05-21YoroiCarmelo Ragusa, Luigi Martire
Uncovering an undetected KeyPlug implant attacking industries in Italy
2024-05-21ElasticAndrew Pease, Salim Bitam, Samir Bousseaden, Terrance DeJesus
Invisible miners: unveiling GHOSTENGINE’s crypto mining operations
2024-05-21SekoiaAmaury G., Coline Chavane, Kilian Seznec, Sekoia TDR
Master of Puppets: Uncovering the DoppelGänger pro-Russian influence campaign
2024-05-21Twitter (@embee_research)Embee_research
Tweets on decoding a Latrodectus loader
Unidentified 111 (Latrodectus)
Tiny BackDoor Goes Undetected – Suspected Turla leveraging MSBuild to Evade detection
2024-05-16ElasticDaniel Stepanic, Samir Bousseaden
Spring Cleaning with LATRODECTUS: A Potential Replacement for ICEDID
IcedID Unidentified 111 (Latrodectus)
2024-05-16SecurityIntelligenceGolo Mühr, Melissa Frydrych
Grandoreiro banking trojan unleashed: X-Force observing emerging global campaigns
2024-05-16SymantecThreat Hunter Team
Springtail: New Linux Backdoor Added to Toolkit
Gomir Kimsuky
Malware trend: Latrodectus
Unidentified 111 (Latrodectus)
2024-05-15ESET ResearchFilip Jurčacko
To the Moon and back(doors): Lunar landing in diplomatic missions
2024-05-15StairwellThreat Research at Stairwell
Stairwell threat report: Black Basta overview and detection rules
Black Basta Black Basta
2024-05-15X (@bryceabdo)Bryce Abdo
Tweet on UNC5449 exploiting CVE-2024-30051 to deliver QAKBOT
2024-05-15Twitter (@embee_research)Embee_research
Revealing Spammer Infrastructure With Passive DNS - 226 Toll-Themed Domains Targeting Australia
2024-05-15MicrosoftMicrosoft Threat Intelligence
Threat actors misusing Quick Assist in social engineering attacks leading to ransomware
Black Basta Cobalt Strike QakBot