Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-04-25Twitter (@teamcymru_S2)TEAM CYMRU S2 THREAT RESEARCH
Tweet on North Korean Cyber Ops Leveraging Russian Infrastructure
2025-04-23Cisco TalosAsheer Malhotra, Ashley Shen, Brandon White, Joey Chen, Vitor Ventura
Introducing ToyMaker, an initial access broker working in cahoots with double extortion gangs
HOLERUN
2025-04-10SymantecThreat Hunter Team
Shuckworm Targets Foreign Military Mission Based in Ukraine
2025-04-08Team CymruS2 Research Team
Inside DanaBot’s Infrastructure: In Support of Operation Endgame II
DanaBot
2025-04-08TrustwaveNikita Kazymirskyi, Serhii Melnyk
A deep Dive into the Leaked Black Basta Chat Logs
Black Basta Black Basta
2025-02-21cyjaxCymon
How’s that for a malicious Linkc, new group launches DLS
LinkC Pub
2025-02-20Trend MicroDaniel Lunghi
Updated Shadowpad Malware Leads to Ransomware Deployment
EvilExtractor PlugX ShadowPad Teleboyi
2025-02-20Trend MicroDaniel Lunghi
Updated Shadowpad Malware Leads to Ransomware Deployment
EvilExtractor NailaoLocker PlugX ShadowPad
2025-02-13SymantecThreat Hunter Team
China-linked Espionage Tools Used in Ransomware Attacks
PlugX
2025-02-04Team CymruS2 Research Team
Tracing the Path From SmartApeSG to NetSupport RAT
SmartApeSG NetSupportManager RAT Quasar RAT
2024-12-20Team CymruLewis Henderson
Jingle Shells: How Virtual Offices Enable a Facade of Legitimacy
2024-12-16GdataBanu Ramakrishnan
New I2PRAT communicates via anonymous peer-to-peer network
Unidentified 118
2024-11-11KasperskyAshley Muñoz, Cristian Souza, Eduardo Ovalle
Ymir: new stealthy ransomware in the wild
Ymir
2024-10-14cybleCyble
Hidden in Plain Sight: ErrorFather’s Deadly Deployment of Cerberus
ErrorFather
2024-09-27Virus BulletinLena Yu
CrackedCantil: A Malware Symphony Delivered By Cracked Software; Performed By Loaders, Infostealers, Ransomware, Et Al.
CrackedCantil
2024-09-17MandiantMandiant
An Offer You Can Refuse: UNC2970 Backdoor Deployment Using Trojanized PDF Reader
BURNBOOK MISTPEN
2024-09-09Github (itaymigdal)Itay Migdal
Poshito - New Telegram C2
2024-09-09SC MagazineSC Staff
Significant ransom payment by major Iranian IT firm underway
IRLeaks
2024-08-20SymantecSymantec Threat Hunter Team
New Backdoor Targeting Taiwan Employs Stealthy Communications
Msupedge
2024-08-07SymantecThreat Hunter Team
Cloud Cover: How Malicious Actors Are Leveraging Cloud Services
GoGra Grager MOONTAG Ondritols TONERJAM