Click here to download all references as Bib-File.•
| 2022-07-12
⋅
Microsoft
⋅
From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud |
| 2022-07-05
⋅
Microsoft
⋅
Hive ransomware gets upgrades in Rust Hive |
| 2022-06-08
⋅
Qianxin Threat Intelligence Center
⋅
Operation Tejas: A dying elephant curled up in the Kunlun Mountains HAZY TIGER RAZOR TIGER |
| 2022-06-02
⋅
Microsoft
⋅
Exposing POLONIUM activity and infrastructure targeting Israeli organizations POLONIUM |
| 2022-06-01
⋅
Qianxin Threat Intelligence Center
⋅
Analysis of the attack activities of the Maha grass group using the documents of relevant government agencies in Pakistan as bait BadNews QUILTED TIGER |
| 2022-05-18
⋅
⋅
Weixin
⋅
filesyncshell.dll hijacked? APT-C-24 Sidewinder Briefing on the Latest Attack Activity |
| 2022-05-09
⋅
Microsoft Security
⋅
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself Griffon BazarBackdoor BlackCat BlackMatter Blister Gozi LockBit Pandora Rook SystemBC TrickBot |
| 2022-05-09
⋅
⋅
Qianxin Threat Intelligence Center
⋅
Operation EviLoong: An electronic party of "borderless" hackers ZXShell |
| 2022-05-09
⋅
Microsoft
⋅
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself AnchorDNS BlackCat BlackMatter Conti DarkSide HelloKitty Hive LockBit REvil FAKEUPDATES Griffon ATOMSILO BazarBackdoor BlackCat BlackMatter Blister Cobalt Strike Conti DarkSide Emotet FiveHands Gozi HelloKitty Hive IcedID ISFB JSSLoader LockBit LockFile Maze NightSky Pandora Phobos Phoenix Locker PhotoLoader QakBot REvil Rook Ryuk SystemBC TrickBot WastedLocker BRONZE STARLIGHT |
| 2022-04-12
⋅
⋅
360 Threat Intelligence Center
⋅
Recent attacks by Bahamut group revealed Bahamut |
| 2022-04-11
⋅
⋅
Qianxin Threat Intelligence Center
⋅
Snow Abuse: Analysis of the Suspected Lazarus Attack Activities against South Korean Companies |
| 2022-04-02
⋅
⋅
institute for advanced threats
⋅
WAVES LURKING IN THE CALM OF THE WIND AND WAVES: A DYNAMIC ANALYSIS OF THE ATTACK ACTIVITIES OF THE APT-C-00 (SEALOTUS) ORGANIZATION |
| 2022-03-22
⋅
Microsoft
⋅
DEV-0537 (UNC3661) criminal actor targeting organizations for data exfiltration and destruction RedLine Stealer LAPSUS |
| 2022-03-22
⋅
⋅
360 Threat Intelligence Center
⋅
Quantum Attack System – NSA "APT-C-40" Hacking Organization High-end Cyber Attack Weapon Technical Analysis Report (I) |
| 2022-03-17
⋅
Sophos
⋅
The Ransomware Threat Intelligence Center ATOMSILO Avaddon AvosLocker BlackKingdom Ransomware BlackMatter Conti Cring DarkSide dearcry Dharma Egregor Entropy Epsilon Red Gandcrab Karma LockBit LockFile Mailto Maze Nefilim RagnarLocker Ragnarok REvil RobinHood Ryuk SamSam Snatch WannaCryptor WastedLocker |
| 2022-03-16
⋅
Microsoft
⋅
Uncovering Trickbot’s use of IoT devices in command-and-control infrastructure TrickBot |
| 2022-02-23
⋅
⋅
Weixin
⋅
APT-C-58 (Gorgon Group) attack warning Agent Tesla |
| 2022-02-04
⋅
Microsoft
⋅
ACTINIUM targets Ukrainian organizations Pteranodon Gamaredon Group |
| 2022-02-04
⋅
Microsoft
⋅
ACTINIUM targets Ukrainian organizations DilongTrash DinoTrain Pteranodon QuietSieve Gamaredon Group |
| 2021-12-11
⋅
Microsoft
⋅
Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability Khonsari NightSky BRONZE STARLIGHT |