Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-03-20Cisco TalosAsheer Malhotra, Brandon White, Jungsoo An, Vitor Ventura
UAT-5918 targets critical infrastructure entities in Taiwan
ShortLeash LaZagne JuicyPotato Meterpreter MimiKatz ShortLeash UAT-5918
2025-03-12LookoutLookout
Lookout Discovers New Spyware by North Korean APT37
KoSpy
2025-02-28GreynoiseNoah Stone
New DDoS Botnet Discovered: Over 30,000 Hacked Devices, Majority of Observed Activity Traced to Iran
Mirai
2025-02-20Cisco TalosCisco Talos
Weathering the storm: In the midst of a Typhoon
2025-02-13Recorded FutureInsikt Group
RedMike (Salt Typhoon) Exploits Vulnerable Cisco Devices of Global Telecommunications Providers
GhostEmperor
2025-02-12cybleCyble
BTMOB RAT: Newly Discovered Android Malware Spreading via Phishing Sites
BTMOB RAT
2025-02-06MicrosoftMicrosoft Threat Intelligence
Code injection attacks using publicly disclosed ASP.NET machine keys
2025-01-14InfobloxDavid Brunsdon
One Mikro Typo: How a simple DNS misconfiguration enables malware delivery by a Russian botnet
2025-01-07SANS ISCYee Ching Tok
PacketCrypt Classic Cryptocurrency Miner on PHP Servers
2025-01-03SANS ISCXavier Mertens
SwaetRAT Delivery Through Python
SwaetRAT
2024-12-11LookoutKyle Schmittle, Paul Shunk
Lookout Discovers Two Russian Android Spyware Families from Gamaredon APT
BoneSpy DroidWatcher PlainGnome
2024-12-11LookoutKristina Balaam
Lookout Discovers New Chinese Surveillance Tool Used by Public Security Bureaus
EagleMsgSpy
2024-11-14Cisco TalosAlex Karkins, Chetan Raghuprasad, Joey Chen
New PXA Stealer targets government and education sectors for sensitive information
PXA Stealer
2024-11-07Cisco TalosAliza Johnson, Chetan Raghuprasad, Elio Biasiotto, Michael Szeliga
Unwrapping the emerging Interlock ransomware attack
Interlock Rhysida
2024-10-31Twitter (@nextronresearch)Nextron Systems
Tweet about discovery of HellDown ransomware
HellDown
2024-10-30Palo Alto Networks Unit 42Unit 42
Jumpy Pisces Engages in Play Ransomware
Dtrack MimiKatz PLAY Sliver
2024-10-24Cisco TalosAaron Boyd
Writing a BugSleep C2 server and detecting its traffic with Snort
bugsleep
2024-10-24Hunt.ioHunt.io
Rekoobe Backdoor Discovered in Open Directory, Possibly Targeting TradingView Users
Rekoobe
2024-10-23Cisco TalosEdmund Brumaghin, Holger Unterbrink, Jordyn Dunk, Nicole Hoffman
Highlighting TA866/Asylum Ambuscade Activity Since 2021
WasabiSeed Cobalt Strike csharp-streamer RAT Resident Rhadamanthys WarmCookie
2024-10-23Cisco TalosEdmund Brumaghin, Holger Unterbrink, Jordyn Dunk, Nicole Hoffman
Threat Spotlight: WarmCookie/BadSpace
Cobalt Strike csharp-streamer RAT WarmCookie