Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-01-31StairwellAlex Hegyi, Chris St. Myers, Evelyne Diaz Araque, Matt Richard, Silas Cutler, Vincent Zell
Technical analysis: The silent torrent of VileRAT
VileRAT EVILNUM
2024-01-12MandiantDimiter Andonov, Gabby Roncone, John Wolfram, Matt Lin, Robert Wallace, Tyler McLellan
Cutting Edge: Suspected APT Targets Ivanti Connect Secure VPN in New Zero-Day Exploitation
UTA0178
2024-01-10VolexityMatthew Meltzer, Robert Jan Mora, Sean Koessel, Steven Adair, Thomas Lancaster
Active Exploitation of Two Zero-Day Vulnerabilities in Ivanti Connect Secure VPN
UTA0178
2023-12-20Sophos X-OpsMark Loman, Matt Wixey
CryptoGuard: An asymmetric approach to the ransomware battle
Akira LockBit Storm-1567
2023-12-04Cado SecurityMatt Muir
P2Pinfect - New Variant Targets MIPS Devices
P2Pinfect
2023-11-21CheckpointMarc Salinas Fernandez
The Platform Matters: A Comparative Study on Linux and Windows Ransomware Attacks
Gwisin
2023-10-25ESET ResearchMatthieu Faou
Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers
Unidentified JS 006 (Winter Wyvern) Winter Vivern
2023-10-18Cado SecurityMatt Muir, Nate Bill
Qubitstrike - An Emerging Malware Campaign Targeting Jupyter Notebooks
2023-09-20Cado SecurityMatt Muir
Cado Security Labs Researchers Witness a 600X Increase in P2Pinfect Traffic
P2Pinfect
2023-08-10ESET ResearchMatthieu Faou
MoustachedBouncer AitM-powered surveillance via Belarus ISPs
NightClub
2023-08-10ESET ResearchMatthieu Faou
MoustachedBouncer: Espionage against foreign diplomats in Belarus
NightClub MoustachedBouncer
2023-07-31Cado SecurityMatt Muir, Nate Bill
Cado Security Labs Encounter Novel Malware, Redis P2Pinfect
P2Pinfect
2023-07-24MandiantAustin Larsen, Dan Kelly, Joseph Pisano, Mark Golembiewski, Matt Williams, Paige Godvin
North Korea Leverages SaaS Provider in a Targeted Supply Chain Attack
FULLHOUSE STRATOFEAR TraderTraitor
2023-07-10MandiantJennifer Guzzetta, Matthew McWhirt, Phil Pearce, Thirumalai Natarajan Muthiah
Defend Against the Latest Active Directory Certificate Services Threats
2023-06-15GoogleAlyssa Glickman, Austin Larsen, Fernando Tomlinson, Jakub Jozwiak, John Palmisano, John Wolfram, Josh Villanueva, Mathew Potaczek, Matthew McWhirt
Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China
SALTWATER SEASPY WHIRLPOOL UNC4841
2023-06-15MandiantAustin Larsen, John Palmisano, John Wolfram, Mathew Potaczek, Matthew McWhirt
Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China
SALTWATER SEASPY UNC4841
2023-06-02MandiantDAN NUTTING, Genevieve Stark, Greg Blaum, Jeremy Kennelly, JOE PISANO, Josh Murchie, Juraj Sucik, Justin Moore, Kimberly Goody, Matthew McWhirt, Nader Zaveri, NICHOLAS BENNETT, OLLIE STYLES, PETER UKHANOV, WILL SILVERSTONE, ZACH SCHRAMM, Zander Work
Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft
2023-05-09Huntress LabsMatthew Brennan
Advanced Cyberchef Tips - AsyncRAT Loader
AsyncRAT
2023-05-07Twitter (@embee_research)Matthew
AgentTesla - Full Loader Analysis - Resolving API Hashes Using Conditional Breakpoints
Agent Tesla
2023-04-18Rapid7 LabsMatt Green
Automating Qakbot Detection at Scale With Velociraptor
QakBot