Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-05-260xToxin Labs@0xToxin
Kraken - The Deep Sea Lurker Part 2
KrakenKeylogger
2023-05-25MandiantCorey Hildebrandt, Daniel Kapellmann Zafra, Keith Lunden, Ken Proska, Nathan Brubaker, Rushikesh Nandedkar
COSMICENERGY: New OT Malware Possibly Related To Russian Emergency Response Exercises
LIGHTWORK PIEHOP
2023-05-24BushidoToken BlogBushidoToken
Unmasking Ransomware Using Stylometric Analysis: Shadow, 8BASE, Rancoz
8Base
2023-05-20@0xToxin
Kraken - The Deep Sea Lurker Part 1
KrakenKeylogger
2023-04-28Trend MicroDon Ovid Ladores, Earle Maui Earnshaw, Ian Kenefick
Rapture, a Ransomware Family With Similarities to Paradise
Paradise
2023-03-13TrendmicroIan Kenefick
Emotet Returns, Now Adopts Binary Padding for Evasion
Emotet
2023-03-09DeepInstinctSimon Kenin
DUCKTAIL: Threat Operation Re-emerges with New LNK, PowerShell, and Other Custom Tactics to Avoid Detection
DUCKTAIL
2023-01-05AttackIQFrancis Guibernau, Ken Towne
Emulating the Highly Sophisticated North Korean Adversary Lazarus Group
MagicRAT Tiger RAT
2022-12-23TrendmicroIan Kenefick
IcedID Botnet Distributors Abuse Google PPC to Distribute Malware
IcedID
2022-12-09Positive TechnologiesPTSecurity
APT Cloud Atlas: Unbroken Threat
2022-12-08DeepInstinctDeep Instinct Threat Lab, Simon Kenin
New MuddyWater Threat: Old Kitten; New Tricks
2022-11-26BushidoToken BlogBushidoToken
Detecting and Fingerprinting Infostealer Malware-as-a-Service platforms
CollectorGoomba Misha TitanStealer
2022-10-28cocomelonccocomelonc
APT techniques: Token theft via UpdateProcThreadAttribute. Simple C++ example.
2022-10-12Trend MicroIan Kenefick, Lucas Silva, Nicole Hernandez
Black Basta Ransomware Gang Infiltrates Networks via QAKBOT, Brute Ratel, and Cobalt Strike
Black Basta Brute Ratel C4 Cobalt Strike QakBot
2022-09-25cocomelonccocomelonc
APT techniques: Access Token manipulation. Token theft. Simple C++ example.
2022-09-06Trend MicroDon Ovid Ladores, Ian Kenefick, Ieriz Nicolle Gonzalez, Ivan Nicole Chavez, Janus Agcaoili, Lucas Silva, Paul Pajares, Scott Burden
Play Ransomware's Attack Playbook Similar to that of Hive, Nokoyawa
PLAY
2022-07-31BushidoToken BlogBushidoToken
Space Invaders: Cyber Threats That Are Out Of This World
Poison Ivy Raindrop SUNBURST TEARDROP WastedLocker
2022-07-28Kaspersky LabsIgor Kuznetsov, Leonid Bezvershenko
LofyLife: malicious npm packages steal Discord tokens and bank card data
Lofy
2022-07-28KasperskyIgor Kuznetsov, Leonid Bezvershenko
LofyLife: malicious npm packages steal Discord tokens and bank card data
2022-07-26MandiantDaniel Kapellmann Zafra, Jay Christiansen, Keith Lunden, Ken Proska, Thibault van Geluwe de Berlaere
Mandiant Red Team Emulates FIN11 Tactics To Control Operational Technology Servers
Clop Industroyer MimiKatz Triton