Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-09-10Talos IntelligenceJoey Chen
DragonRank, a Chinese-speaking SEO manipulator service provider
IISpy PlugX DragonRank
2024-08-24YouTube (Black Hat)Charles Li, Che Chang, Greg Chen
Chinese APT: A Master of Exploiting Edge Devices (Video)
SEASPY UNC4841
2024-08-07SymantecThreat Hunter Team
Cloud Cover: How Malicious Actors Are Leveraging Cloud Services
GoGra Grager MOONTAG Ondritols TONERJAM
2024-07-26SOC PrimeVeronika Telychko
UAC-0102 Phishing Attack Detection: Hackers Steal Authentication Data Impersonating the UKR.NET Web Service
UAC-0102
2024-06-04AquasecNitzan Yaakov
Muhstik Malware Targets Message Queuing Services Applications
Tsunami
2024-04-29ZscalerSantiago Vicente
Zloader Learns Old Tricks
Zloader
2024-04-24CiscoCisco Talos
ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices
ArcaneDoor Storm-1849
2024-04-24NCSC UKNCSC UK
Line Dancer - In-memory shellcode loader targeting Cisco Adaptive Security Appliance (ASA) devices.
2024-04-24NCSC UKNCSC UK
Line Runner: Persistent webshell targeting Cisco Adaptive Security Appliance (ASA) devices.
2024-04-19TEAMT5Charles Li, Che Chang, Greg Chen
Chinese APT: A Master of Exploiting Edge Devices
SEASPY UNC4841
2024-04-02ForescoutForescout Vedere Labs
“All your base are belong to us” – A probe into Chinese-connected devices in US networks
2024-03-05CIPpaloalto Networks: Unit42, State Service of Special Communication and Information Protection of Ukraine (CIP)
Semi-Annual Chronicles of UAC-0006 Operations
SmokeLoader
2024-03-04CleafyFederico Valentini, Francesco Iubatti
On-Device Fraud on the rise: exposing a recent Copybara fraud campaign
Copybara
2024-02-29SANS ISCJohn Moutos
Dissecting DarkGate: Modular Malware Delivery and Persistence as a Service
DarkGate
2024-02-27BitSightAndré Tavares
Hunting PrivateLoader: The malware behind InstallsKey PPI service
PrivateLoader RisePro
2024-02-12EuropolEuropol
International cybercrime malware service targeting thousands of unsuspecting consumers dismantled
Ave Maria
2024-02-09Department of JusticeOffice of Public Affairs
International Cybercrime Malware Service Dismantled by Federal Authorities: Key Malware Sales and Support Actors in Malta and Nigeria Charged in Federal Indictments
Ave Maria
2024-02-05@g0njxa
Tweet Highlighting the Integration of GhostSocks Service into Lumma Stealer
GhostSocks
2024-01-31ZscalerJavier Vicente
Tracking 15 Years of Qakbot Development
QakBot
2024-01-19ZscalerIsmael Garcia Perez, Santiago Vicente
Zloader: No Longer Silent in the Night
Zloader