Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-12-18BridewellJoshua Penny
Analysing a Widespread Microsoft 365 Credential Harvesting Campaign
Storm-1575
2023-11-14Medium joshuapenny88Joshua Penny
HostingHunter Series: CHANG WAY TECHNOLOGIES CO. LIMITED
Hook Hydra Cobalt Strike SectopRAT
2023-11-14ProofpointJoshua Miller
TA402 Uses Complex IronWind Infection Chains to Target Middle East-Based Government Entities
IronWind TA402
2023-10-20Medium walmartglobaltechJason Reaves, Joshua Platt
IcedID gets Loaded
Latrodectus
2023-09-22MandiantDan Black, Josh Atkins, Luke Jenkins
Backchannel Diplomacy: APT29’s Rapidly Evolving Diplomatic Phishing Operations
Brute Ratel C4 Cobalt Strike EnvyScout GraphDrop QUARTERRIG sRDI Unidentified 107 (APT29)
2023-09-11NCC GroupAlberto Segura, Joshua Kamp
From ERMAC to Hook: Investigating the technical differences between two Android malware variants
ERMAC Hook
2023-08-14Trend MicroJoshua Paul Ignacio, Nathaniel Morales
Monti Ransomware Unleashes a New Encryptor for Linux
Monti
2023-07-29Medium walmartglobaltechJason Reaves, Joshua Platt
Unknown powershell backdoor with ties to new Zloader
Zloader
2023-07-21MandiantDoug Bienstock, Foti Castelan, James Nugent, Josh Murchie, Justin Moore
Exploitation of Citrix Zero-Day by Possible Espionage Actors (CVE-2023-3519)
2023-07-18Medium walmartglobaltechJason Reaves, Jonathan Mccay, Joshua Platt
NemesisProject
Nemesis
2023-06-15GoogleAlyssa Glickman, Austin Larsen, Fernando Tomlinson, Jakub Jozwiak, John Palmisano, John Wolfram, Josh Villanueva, Mathew Potaczek, Matthew McWhirt
Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China
SALTWATER SEASPY WHIRLPOOL UNC4841
2023-06-06Security IntelligenceAgnes Ramos-Beauchamp, Claire Zaboeva, Joshua Chung, Melissa Frydrych
ITG10 Likely Targeting South Korean Entities of Interest to the Democratic People’s Republic of Korea (DPRK)
RokRAT
2023-06-02MandiantDAN NUTTING, Genevieve Stark, Greg Blaum, Jeremy Kennelly, JOE PISANO, Josh Murchie, Juraj Sucik, Justin Moore, Kimberly Goody, Matthew McWhirt, Nader Zaveri, NICHOLAS BENNETT, OLLIE STYLES, PETER UKHANOV, WILL SILVERSTONE, ZACH SCHRAMM, Zander Work
Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft
2023-05-17Group-IBJoshua Penny, Nikita Rostovtsev, Yashraj Solanki
The distinctive rattle of APT SideWinder
SideWinder
2023-05-09Medium walmartglobaltechJason Reaves, Jonathan Mccay, Joshua Platt
MetaStealer string decryption and DGA overview
MetaStealer
2023-03-23MandiantJosh Fleischer, Rufus Brown, Ryan Tomcik
UNC961 in the Multiverse of Mandiant: Three Encounters with a Financially Motivated Threat Actor
HOLERUN LIGHTBUNNY Prophet Spider
2023-03-16IntegoJoshua Long
FBI shuts down 11-year-old NetWire RAT malware
NetWire
2023-03-10Medium walmartglobaltechJason Reaves, Joshua Platt
From Royal With Love
Cobalt Strike Conti PLAY Royal Ransom Somnia
2023-02-24Medium walmartglobaltechJason Reaves, Jonathan Mccay, Joshua Platt, Kirk Sayre
Qbot testing malvertising campaigns?
QakBot
2023-02-04Youtube (Dr Josh Stroschein)Josh Stroschein
Investigating NullMixer Network Traffic: Utilizing Suricata and Evebox (Part 3)
Nullmixer