Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-09-20Trend MicroCharles Adrian Marty, Christian Alpuerto, John Paul Lim, Kyle Philippe Yu, Mark Chester De Quiroz, Mohammed Malubay
How Ransomhub Ransomware Uses EDRKillShifter to Disable EDR and Antivirus Protections
RansomHub Water Bakunawa
2024-09-19PWCJohn Southworth
COLDWASTREL of space
Callisto
2024-08-14CitizenLabJohn Scott-Railton, Ksenia Ermoshina, Rebekah Brown, Ron Deibert
Rivers of Phish: Sophisticated Phishing Targets Russia’s Perceived Enemies Around the Globe
Callisto
2024-07-24GoogleAlice Revelli, Fred Plan, JEFF JOHNSON, Michael Barnhart, Taylor Long
APT45: North Korea’s Digital Military Machine
SHATTEREDGLASS APT45
2024-04-17MandiantAlden Wahlstrom, Anton Prokopenkov, Dan Black, Dan Perez, Gabby Roncone, John Wolfram, Lexie Aytes, Luke Jenkins, Nick Simonian, Ryan Hall, Tyler McLellan
Unearthing APT44: Russia’s Notorious Cyber Sabotage Unit Sandworm
Sandworm
2024-04-16MandiantAlden Wahlstrom, Anton Prokopenkov, Dan Black, Dan Perez, Gabby Roncone, John Wolfram, Lexie Aytes, Nick Simonian, Ryan Hall, Tyler McLellan
APT44: Unearthing Sandworm
VPNFilter BlackEnergy CaddyWiper EternalPetya HermeticWiper Industroyer INDUSTROYER2 Olympic Destroyer PartyTicket RoarBAT Sandworm
2024-04-04MandiantAshley Pearson, Austin Larsen, Billy Wong, John Wolfram, Joseph Pisano, Josh Murchie, Lukasz Lamparski, Matt Lin, Ron Craft, Ryan Hall, Shawn Chew, Tyler McLellan
Cutting Edge, Part 4: Ivanti Connect Secure VPN Post-Exploitation Lateral Movement Case Studies
BRICKSTORM TONERJAM
2024-04-04MandiantAshley Pearson, Austin Larsen, Billy Wong, John Wolfram, Joseph Pisano, Josh Murchie, Lukasz Lamparski, Matt Lin, Ron Craft, Ryan Hall, Shawn Chew, Tyler McLellan
Cutting Edge, Part 4: Ivanti Connect Secure VPN Post-Exploitation Lateral Movement Case Studies
BRICKSTORM TONERJAM UNC3569 UNC5266 UNC5291 UNC5330 UNC5337 UTA0178
2024-04-04InfoSec Handlers Diary BlogJohn Moutos
Slicing up DoNex with Binary Ninja
Donex
2024-02-29SANS ISCJohn Moutos
Dissecting DarkGate: Modular Malware Delivery and Persistence as a Service
DarkGate
2024-02-05YouTube (John Hammond)John Hammond, Ryan Chapman
PikaBot Malware Analysis: Debugging in Visual Studio
Pikabot
2024-01-12MandiantDimiter Andonov, Gabby Roncone, John Wolfram, Matt Lin, Robert Wallace, Tyler McLellan
Cutting Edge: Suspected APT Targets Ivanti Connect Secure VPN in New Zero-Day Exploitation
UTA0178
2024-01-09Trend MicroArianne Dela Cruz, Charles Steven Derion, Francisrey Joshua Castillo, Henry Salcedo, Ian Kenefick, John Carlo Marquez, John Rainier Navato, Joshua Aquino, Juhn Emmanuel Atanque, Raymart Yambot, Shinji Robert Arasawa
Black Basta-Affiliated Water Curupira’s Pikabot Spam Campaign
Pikabot Water Curupira
2023-12-14ImpervaDaniel Johnston
Imperva Detects Undocumented 8220 Gang Activities
Water Sigbin
2023-12-13FortinetAmey Gat, Angelo Cris Deveraturda, Hongkei Chan, Jared Betts, Jayesh Zala, John Simmons, Ken Evans, Mark Robson
TeamCity Intrusion Saga: APT29 Suspected Among the Attackers Exploiting CVE-2023-42793
GraphDrop
2023-11-15FortinetAmey Gat, Andrew Nicchi, John Simmons, Mark Robson
Investigating the New Rhysida Ransomware
Rhysida
2023-11-09MandiantChris Sistrunk, Daniel Kapellmann Zafra, Jared Wilson, John Wolfram, Keith Lunden, Ken Proska, Nathan Brubaker, Tyler McLellan
Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology
CaddyWiper
2023-10-23SarlackLabJohn Faria
Advice For Catching a RedLine Stealer
RedLine Stealer
2023-10-10MandiantAdrian Hernandez, Austin Larsen, JEFF JOHNSON, Michael Barnhart, Michelle Cantos, Taylor Long
Assessed Cyber Structure and Alignments of North Korea in 2023
TraderTraitor UNC1069
2023-09-28Ransomware.orgJohn E. Dunn
The Scattered Spider Ransomware Group’s Secret Weapons? Social Engineering and Fluent English