Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-09-20Trend MicroCharles Adrian Marty, Christian Alpuerto, John Paul Lim, Kyle Philippe Yu, Mark Chester De Quiroz, Mohammed Malubay
How Ransomhub Ransomware Uses EDRKillShifter to Disable EDR and Antivirus Protections
RansomHub Water Bakunawa
2024-09-05CISACISA
AA24-249A: Russian Military Cyber Actors Target US and Global Critical Infrastructure
WhisperGate
2024-07-30SpamhausSpamhaus Team
Too big to care? - Our disappointment with Cloudflare’s anti-abuse posture
2024-07-29MandiantAshley Pearson, Jake Nicastro, Joseph Pisano, Josh Murchie, Joshua Shilko, Raymond Leong
UNC4393 Goes Gently into the SILENTNIGHT
Black Basta QakBot sRDI SystemBC Zloader UNC3973 UNC4393
2024-07-26DarktraceDarkTrace
Disarming the WarmCookie Backdoor: Darktrace’s Oven-Ready Solution
WarmCookie
2024-07-16JPCERT/CCShusei Tomonaga
MirrorFace Attack against Japanese Organisations
LODEINFO NOOPDOOR
2024-05-10CISACISA
AA24-131A: #StopRansomware: Black Basta
Black Basta Black Basta
2024-04-100ffset BlogDaniel Bunce
Resolving Stack Strings with Capstone Disassembler & Unicorn in Python
Conti
2024-04-04MandiantAshley Pearson, Austin Larsen, Billy Wong, John Wolfram, Joseph Pisano, Josh Murchie, Lukasz Lamparski, Matt Lin, Ron Craft, Ryan Hall, Shawn Chew, Tyler McLellan
Cutting Edge, Part 4: Ivanti Connect Secure VPN Post-Exploitation Lateral Movement Case Studies
UNC3569 UNC5266 UNC5291 UNC5330 UNC5337 UTA0178
2024-04-04MandiantAshley Pearson, Austin Larsen, Billy Wong, John Wolfram, Joseph Pisano, Josh Murchie, Lukasz Lamparski, Matt Lin, Ron Craft, Ryan Hall, Shawn Chew, Tyler McLellan
Cutting Edge, Part 4: Ivanti Connect Secure VPN Post-Exploitation Lateral Movement Case Studies
TONERJAM
2024-03-29CISACISA
Reported Supply Chain Compromise Affecting XZ Utils Data Compression Library, CVE-2024-3094
xzbot
2024-03-20CISACyber Safety Review Board
Review of the Summer 2023 Microsoft Exchange Online Intrusion
Storm-0558
2024-02-07CISACISA
PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure
ScanLine
2024-02-07CISACISA
MAR-10448362-1.v1 Volt Typhoon
ScanLine
2024-01-15Russian Panda Research BlogRussianPanda
From Russia With Code: Disarming Atomic Stealer
AMOS
2023-12-30Rewterz Information SecurityRewterz Information Security
Rewterz Threat Alert – Widely Abused MSIX App Installer Disabled by Microsoft – Active IOCs
EugenLoader POWERTRASH BATLOADER DarkGate FlawedGrace NetSupportManager RAT SectopRAT Storm-0506
2023-12-30Rewterz Information SecurityRewterz Information Security
Rewterz Threat Alert – Widely Abused MSIX App Installer Disabled by Microsoft – Active IOCs
HijackLoader Storm-1674
2023-12-15GatewatcherGatewatcher
Utilisation de faux profils Steam : Vidar Stealer prend les commandes
Vidar
2023-12-13CISACISA
Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally
GraphDrop
2023-11-16CISACISA
Scattered Spider
Ave Maria BlackCat Raccoon Vidar