Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-03-21Kaspersky LabsGeorgy Kucherin, Igor Kuznetsov, Leonid Bezvershenko
Bad magic: new APT found in the area of Russo-Ukrainian conflict
PowerMagic CommonMagic
2023-01-13Metabase QDiana Tadeo, Leonardo Beltran
Grandoreiro banking malware: deciphering the DGA
Grandoreiro
2022-12-30InterlabOvi Liber
Cyber Threat Report: RambleOn Android Malware - Detailed analysis report of cyber threat targeting journalist in South Korea through APT phishing campaign with malicious APK
RambleOn
2022-08-16KasperskyIgor Kuznetsov, Leonid Bezvershenko
Two more malicious Python packages in the PyPI
W4SP Stealer
2022-07-28Kaspersky LabsIgor Kuznetsov, Leonid Bezvershenko
LofyLife: malicious npm packages steal Discord tokens and bank card data
Lofy
2022-07-28KasperskyIgor Kuznetsov, Leonid Bezvershenko
LofyLife: malicious npm packages steal Discord tokens and bank card data
2022-07-19GoogleBilly Leonard
Continued cyber activity in Eastern Europe observed by TAG
CyberAzov APT28 Callisto Ghostwriter Sandworm Turla
2022-07-19GoogleBilly Leonard
Continued cyber activity in Eastern Europe observed by TAG
CyberAzov
2022-07-08Twitter (@billyleonard)Billy Leonard
Twiiter thread about some recent Turla activity spoofing the Azov Regiment ... but targeting Android users.
2022-05-12TEAMT5Leon Chang, Silvia Yeh
The Next Gen PlugX/ShadowPad? A Dive into the Emerging China-Nexus Modular Trojan, Pangolin8RAT (slides)
KEYPLUG Cobalt Strike CROSSWALK FunnySwitch PlugX ShadowPad Winnti SLIME29 TianWu
2022-05-03GoogleBilly Leonard
Update on cyber activity in Eastern Europe
Callisto
2022-05-03GoogleBilly Leonard, Google Threat Analysis Group
Update on cyber activity in Eastern Europe
Curious Gorge
2022-04-25MandiantChris Sistrunk, Corey Hildebrandt, Daniel Kapellmann Zafra, Keith Lunden, Ken Proska, Nathan Brubaker, Raymond Leong
INDUSTROYER.V2: Old Malware Learns New Tricks
INDUSTROYER2
2022-03-30GoogleBilly Leonard
Tracking cyber activity in Eastern Europe
Callisto Curious Gorge
2022-03-30GoogleBilly Leonard, Google Threat Analysis Group
Tracking cyber activity in Eastern Europe
2022-03-16TrustwaveHomer Pacag
The Attack of the Chameleon Phishing Page
2022-03-09BreachQuestBernard Silvestrini, Marco Figueroa, Napoleon Bing
The Conti Leaks | Insight into a Ransomware Unicorn
Cobalt Strike MimiKatz TrickBot
2022-01-14Twitter (@billyleonard)Billy Leonard, Google Threat Analysis Group
Tweet on APT28 credential phishing campaigns targeting Ukraine
2021-11-10Twitter (@billyleonard)Billy Leonard, Google Threat Analysis Group
Tweet on Rekoobe (used by APT31), being a fork of open source tool called Tiny SHell, used by different actor since at least 2012
Rekoobe
2021-10-07Twitter (@billyleonard)Billy Leonard, Google Threat Analysis Group
Tweet on IOCs related to APT28