Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-06-29Team CymruS2 Research Team
The Sliding Scale of Threat Actor Sophistication When Reacting to 0-day Vulnerabilities
2022-05-25Team CymruS2 Research Team
Bablosoft; Lowering the Barrier of Entry for Malicious Actors
BlackGuard BumbleBee RedLine Stealer
2022-04-29Team CymruJoshua Picolet
Sliver Case Study: Assessing Common Offensive Security Tools The Use of the Sliver C2 Framework for Malicious Purposes
Sliver
2022-04-07Team CymruJosh Hopkins
MoqHao Part 2: Continued European Expansion
MoqHao
2022-03-23Team CymruAndy Kraus, Brian Eckman, Josh Hopkins, Paul Welte
Raccoon Stealer – An Insight into Victim “Gates”
Raccoon
2022-03-10Twitter (@teamcymru_S2)Team Cymru
Tweet on Crimson RAT infrastructure used by APT36
Crimson RAT
2022-03-08Team CymruJames Shank
Record breaking DDoS Potential Discovered: CVE-2022-26143
2022-01-26Team CymruJosh Hopkins
Analysis of a Management IP Address linked to Molerats APT
2021-11-03Team Cymrutcblogposts
Webinject Panel Administration: A Vantage Point into Multiple Threat Actor Campaigns - A Case Study on the Value of Threat Reconnaisance
DoppelDridex IcedID QakBot Zloader
2021-08-11Team CymruJosh Hopkins
MoqHao Part 1.5: High-Level Trends of Recent Campaigns Targeting Japan
MoqHao
2021-07-08Team CymruAndy Kraus, Dan Heywood
Enriching Threat Intelligence for the Carbine Loader Crypto-jacking Campaign
2021-07-02Team CymruJoshua Picolet
Transparent Tribe APT Infrastructure Mapping Part 2: A Deeper Dive into the Identification of CrimsonRAT Infrastructure
Crimson RAT
2021-05-19Team CymruAndy Kraus, Josh Hopkins, Nick Byers
Tracking BokBot Infrastructure Mapping a Vast and Currently Active BokBot Network
IcedID
2021-04-16Team CymruJoshua Picolet
Transparent Tribe APT Infrastructure Mapping Part 1: A High-Level Study of CrimsonRAT Infrastructure October 2020 – March 2021
Crimson RAT
2021-03-15Team CymruJosh Hopkins
FIN8: BADHATCH Threat Indicator Enrichmen
BADHATCH
2021-02-05Team CymruDavid Monnier
Kobalos Malware Mapping Potentially Impacted Networks and IP Address Mapping
Kobalos
2021-01-27Team CymruJames Shank
Taking Down Emotet How Team Cymru Leveraged Visibility and Relationships to Coordinate Community Efforts
Emotet
2021-01-26Team CymruCERT-BR, Josh Hopkins, Manabu Niseki
GhostDNSbusters (Part 3) Illuminating GhostDNS Infrastructure
2021-01-20Team CymruAndy Kraus
MoqHao Part 1: Identifying Phishing Infrastructure
MoqHao
2021-01-18Twitter (@teamcymru)Team Cymru
Tweet on APT36 CrimsonRAT C2
Crimson RAT
2020-10-07Team CymruBrian Eckman
GhostDNSbusters (Part 2)
2020-09-30Team CymruJacomo Piccolini, James Shank
Pandamic: Emissary Pandas in the Middle East
HyperBro HyperSSL
2020-09-08Team CymruCERT-BR, Manabu Niseki, Nick Byers
GhostDNSbusters: Illuminating GhostDNS Infrastructure
2020-06-22Team CymruDave Munson
Quick Wins with Network Flow Analysis
2020-03-25Team CymruTeam Cymru
How the Iranian Cyber Security Agency Detects Emissary Panda Malware
HyperBro
2020-02-19Team CymruTeam Cymru
Azorult – what we see using our own tools
Azorult
2019-07-25Team CymruTeam Cymru
Unmasking AVE_MARIA
Ave Maria