Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-09-29Team CymruS2 Research Team
Seychelles, Seychelles, on the C(2) Shore: An overview of a bulletproof hosting provider named ELITETEAM.
Amadey Raccoon RedLine Stealer SmokeLoader STOP
2022-09-05Team CymruS2 Research Team
Mythic Case Study: Assessing Common Offensive Security Tools
2022-07-12Team CymruTeam Cymru
An Analysis of Infrastructure linked to the Hagga Threat Actor
Hagga
2022-07-12Team CymruKyle Krejci
An Analysis of Infrastructure linked to the Hagga Threat Actor
Agent Tesla
2022-06-29Team CymruS2 Research Team
The Sliding Scale of Threat Actor Sophistication When Reacting to 0-day Vulnerabilities
2022-05-25Team CymruS2 Research Team
Bablosoft; Lowering the Barrier of Entry for Malicious Actors
BlackGuard BumbleBee RedLine Stealer
2022-04-29Team CymruJoshua Picolet
Sliver Case Study: Assessing Common Offensive Security Tools The Use of the Sliver C2 Framework for Malicious Purposes
Sliver
2022-04-07Team CymruJosh Hopkins
MoqHao Part 2: Continued European Expansion
MoqHao
2022-03-23Team CymruAndy Kraus, Brian Eckman, Josh Hopkins, Paul Welte
Raccoon Stealer – An Insight into Victim “Gates”
Raccoon
2022-03-10Twitter (@teamcymru_S2)Team Cymru
Tweet on Crimson RAT infrastructure used by APT36
Crimson RAT
2022-03-08Team CymruJames Shank
Record breaking DDoS Potential Discovered: CVE-2022-26143
2022-01-26Team CymruJosh Hopkins
Analysis of a Management IP Address linked to Molerats APT
2021-11-03Team Cymrutcblogposts
Webinject Panel Administration: A Vantage Point into Multiple Threat Actor Campaigns - A Case Study on the Value of Threat Reconnaisance
DoppelDridex IcedID QakBot Zloader
2021-08-11Team CymruJosh Hopkins
MoqHao Part 1.5: High-Level Trends of Recent Campaigns Targeting Japan
MoqHao
2021-07-08Team CymruAndy Kraus, Dan Heywood
Enriching Threat Intelligence for the Carbine Loader Crypto-jacking Campaign
2021-07-02Team CymruJoshua Picolet
Transparent Tribe APT Infrastructure Mapping Part 2: A Deeper Dive into the Identification of CrimsonRAT Infrastructure
Crimson RAT
2021-05-19Team CymruAndy Kraus, Josh Hopkins, Nick Byers
Tracking BokBot Infrastructure Mapping a Vast and Currently Active BokBot Network
IcedID
2021-04-16Team CymruJoshua Picolet
Transparent Tribe APT Infrastructure Mapping Part 1: A High-Level Study of CrimsonRAT Infrastructure October 2020 – March 2021
Crimson RAT
2021-03-15Team CymruJosh Hopkins
FIN8: BADHATCH Threat Indicator Enrichmen
BADHATCH
2021-02-05Team CymruDavid Monnier
Kobalos Malware Mapping Potentially Impacted Networks and IP Address Mapping
Kobalos