Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-16Group-IBIvan Lebedev, Reza Rafati
RUNLIR - phishing campaign targeting Netherlands
2021-09-16Twitter (@GossiTheDog)Kevin Beaumont
Tweet on some unknown threat actor dropping Mgbot, custom IIS modular backdoor and cobalstrike using exploiting ProxyShell
Cobalt Strike MgBot
2021-09-16KasperskyAMR
Exploitation of the CVE-2021-40444 vulnerability in MSHTML
2021-09-16CiscoTiago Pereira, Vitor Ventura
Operation Layover: How we tracked an attack on the aviation industry to five years of compromise
AsyncRAT Houdini NjRAT
2021-09-16BlackberryThe BlackBerry Research & Intelligence Team
Threat Thursday: NetWire RAT is Coming Down the Line
NetWire RC
2021-09-15MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability
EXOTIC LILY
2021-09-15CrowdStrikeFalcon OverWatch Team
Shining a Light on DarkOxide
2021-09-15MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability
Cobalt Strike
2021-09-14Twitter (@siri_urz)S!Ri
Tweet on ATOMSILO ransomware
ATOMSILO
2021-09-14NK NewsEthan Jewell, Jeongmin Kim
North Korea-linked account poses as KBS scriptwriter to dupe DPRK watchers
2021-09-14CrowdStrikeCrowdStrike Intelligence Team
Big Game Hunting TTPs Continue to Shift After DarkSide Pipeline Attack
BlackMatter DarkSide REvil Avaddon BlackMatter Clop Conti CryptoLocker DarkSide DoppelPaymer Hades REvil
2021-09-14FortinetJohn Simmons
More ProxyShell? Web Shells Lead to ZeroLogon and Application Impersonation Attacks
2021-09-14ZecOpsZecOps Research Team
The Recent iOS 0-Click, CVE-2021-30860, Sounds Familiar. An Unreleased Write-up: One Year Later
Chrysaor
2021-09-14McAfeeChristiaan Beek
Operation ‘Harvest’: A Deep Dive into a Long-term Campaign
MimiKatz PlugX Winnti
2021-09-14Objective-SeePatrick Wardle
OSX.ZuRu: trojanized apps spread malware, via sponsored search results
ZuRu
2021-09-13Trend MicroDaniel Lunghi, Jaromír Hořejší
APT-C-36 Updates Its Spam Campaign Against South American Entities With Commodity RATs
APT-C-36
2021-09-13K7 SecurityLathashree K
Beware of this Lock Screen App
2021-09-13IntezerAvigayil Mechtinger, Joakim Kennedy, Ryan Robinson
Vermilion Strike: Linux and Windows Re-implementation of Cobalt Strike
Vermilion Strike Vermilion Strike
2021-09-13Trend MicroDaniel Lunghi, Jaromír Hořejší
APT-C-36 Updates Its Spam Campaign Against South American Entities With Commodity RATs (IOCs)
AsyncRAT Ave Maria BitRAT Imminent Monitor RAT LimeRAT NjRAT Remcos
2021-09-13Trend MicroDaniel Lunghi, Jaromír Hořejší
APT-C-36 Updates Its Spam Campaign Against South American Entities With Commodity RATs
AsyncRAT Ave Maria BitRAT Imminent Monitor RAT LimeRAT NjRAT Remcos