Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-09-26MicrosoftMicrosoft Threat Intelligence
Storm-0501: Ransomware attacks expanding to hybrid cloud environments
Storm-0501
2024-08-30MicrosoftMicrosoft Threat Intelligence
North Korean threat actor Citrine Sleet exploiting Chromium zero-day
FudModule
2024-08-18Anchored Narratives on Threat Intelligence and GeopoliticsRJM
Reversing DISGOMOJI with Malcat like a BOSS
DISGOMOJI
2024-07-05Weixin360 Threat Intelligence Center
APT-C-26 (Lazarus) uses PyPI to attack Windows, Linux, and macOS platforms
SimpleTea SimpleTea
2024-06-17CheckpointCheckpoint
17th June – Threat Intelligence Report
Sp1d3r UNC5537
2024-06-05SymantecSymantec Threat Intelligence
RansomHub: New Ransomware has Origins in Older Knight
Knight RansomHub RansomHub
2024-05-28MicrosoftMicrosoft Threat Intelligence
Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks
splitloader
2024-05-15MicrosoftMicrosoft Threat Intelligence
Threat actors misusing Quick Assist in social engineering attacks leading to ransomware
Black Basta Cobalt Strike QakBot SystemBC
2024-05-15MicrosoftMicrosoft Threat Intelligence
Threat actors misusing Quick Assist in social engineering attacks leading to ransomware
Black Basta Cobalt Strike QakBot UNC4393
2024-05-10Qianxin Threat Intelligence CenterThreat Intelligence Center
Recruitment trap for blockchain practitioners: Analysis of suspected Lazarus (APT-Q-1) stealing operations
BeaverTail
2024-04-22MicrosoftMicrosoft Threat Intelligence
Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials
GooseEgg
2024-04-04Twitter (@embee_research)Embee_research
TLS Certificate For Threat Intelligence - Identifying MatanBuchus Domains Through Hardcoded Certificate Values
Matanbuchus
2024-02-07MicrosoftMicrosoft Threat Intelligence
Iran surges cyber-enabled influence operations in support of Hamas
2024-02-06Group-IBThreat Intelligence
Dead-end job: ResumeLooters gang infects websites with XSS scripts and SQL injections to vacuum up job seekers' personal data and CVs
ResumeLooters
2024-01-25JSAC 2024Masafumi Takeda, Tomoya Furukawa
Threat Intelligence of Abused Public Post-Exploitation Frameworks
AsyncRAT DCRat Empire Downloader GRUNT Havoc Koadic Merlin PoshC2 Quasar RAT Sliver
2024-01-25MicrosoftMicrosoft Threat Intelligence
Midnight Blizzard: Guidance for responders on nation-state attack
UNC2452
2024-01-17MicrosoftMicrosoft Threat Intelligence
New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs
MediaPI
2023-12-12MicrosoftMicrosoft Threat Intelligence
Threat actors misuse OAuth applications to automate financially driven attacks
Storm-1283 Storm-1286
2023-12-07MicrosoftMicrosoft Threat Intelligence
Star Blizzard increases sophistication and evasion in ongoing attacks
Callisto
2023-12-05PWCPwC Threat Intelligence
The Tortoise and The Malwahare
SnappyTCP