Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-05-04Twitter (@ESETresearch)Twitter (@ESETresearch)
Twitter thread on code similarity analysis, focussing on IsaacWiper and recent Cluster25 publication
IsaacWiper
2022-03-10TalosArnaud Zobec, Asheer Malhotra, Vitor Ventura
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
STARWHALE
2022-02-17NCC GroupMichael Mullen, Richard Footman, Simon Biggs
Detecting Karakurt – an extortion focused threat actor
2022-01-27GigamonJoe Slowik
Focusing on “Left of Boom”
WhisperGate
2021-12-07MandiantJake Nicastro, Nick Richard, Rufus Brown, Van Ta
FIN13: A Cybercriminal Threat Actor Focused on Mexico
jspRAT win.rekoobe FIN13
2021-11-19FOCUSJan-Philipp Hein
Im Rätsel um gruselige Spionage-Software führt die Spur über Wirecard in den Kreml
Subzero
2021-11-11Trend MicroAlfredo Oliveira, David Fiser
TeamTNT Upgrades Arsenal, Refines Focus on Kubernetes and GPU Environments
2021-11-03Trend MicroAlfredo Oliveira, David Fiser
TeamTNT Upgrades Arsenal, Refines Focus on Kubernetes and GPU Environments
TeamTNT
2021-10-25GigamonJoe Slowik
Bear in the Net: A Network-Focused Perspective on Berserk Bear
2021-09-26NSFOCUSJie Ji
Insights into Ransomware Spread Using Exchange 1-Day Vulnerabilities 1-2
Cobalt Strike LockFile
2021-08-05NSFOCUSNSFOCUS
LOREC53 Organizational Analysis Report - Attack Activity Part
2021-07-20Trend MicroAlfredo Oliveira, David Fiser
Tracking the Activities of TeamTNT: A Closer Look at a Cloud-Focused Malicious Actor Group
TeamTNT
2021-07-15CitizenLabBahr Abdul Razzak, Bill Marczak, John Scott-Railton, Kristin Berdan, Ron Deibert
Hooking Candiru Another Mercenary Spyware Vendor Comes into Focus
Chainshot
2021-06-18NSFOCUSFuying Laboratory
Ryuk Botnet, Simps Botnet, Gods of Destny Botnet
2021-06-11NSFOCUSFuying Laboratory
Nigerian Hacker Organization SWEED is Distributing Phishing Documents Targeting the Logistics Industry
Agent Tesla
2021-03-24ProofpointAssaf Friedman, Itir Clarke
OAuth Abuse: Think SolarWinds/Solorigate Campaign with Focus on Cloud Applications
2021-01-29NSFOCUSFuying Laboratory
认识STUMBzarus——APT组织Lazarus近期定向攻击组件深入分析
ComeBacker DRATzarus Torisma
2021-01-19Github (fireeye)FireEye
Mandiant Azure AD Investigator: Focusing on UNC2452 TTPs
SUNBURST
2021-01-14RiskIQTeam RiskIQ
New Analysis Puts Magecart Interconnectivity into Focus
grelos magecart Raccoon
2021-01-04NSFOCUSNSFOCUS
Steganography, Little Fire Dragon and AGENTVX: A Detailed Analysis of APT Organization EVILNUM's New Attack Activities
EVILNUM