Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-11-10IntezerNicole Fishbein
How LNK Files Are Abused by Threat Actors
BumbleBee Emotet Mount Locker QakBot
2022-11-09Cisco TalosEdmund Brumaghin
Threat Spotlight: Cyber Criminal Adoption of IPFS for Phishing, Malware Campaigns
Agent Tesla
2022-11-03IronNetIronNet Threat Research
Robin Banks still might be robbing your bank (part 2)
Evilginx
2022-11-03Sentinel LABSAntonio Cocomazzi
Black Basta Ransomware | Attacks Deploy Custom EDR Evasion Tools Tied to FIN7 Threat Actor
Black Basta
2022-11-03SentinelOneSentinelLabs
Black Basta Ransomware | Attacks deploy Custom EDR Evasion Tools tied to FIN7 Threat Actor
Black Basta QakBot SocksBot
2022-11-02SekoiaQuentin Bourgue, sekoia, Threat & Detection Research Team
BlueFox Stealer: a newcomer designed for traffers teams
Aurora Stealer BlueFox
2022-11-02BlackberryBlackberry Research
RomCom Threat Actor Abuses KeePass and SolarWinds to Target Ukraine and Potentially the United Kingdom
ROMCOM RAT RomCom
2022-11-02NOZOMI Network LabsNozomi Networks Labs
Could Threat Actors Be Downgrading Their Malware to Evade Detection?
Bashlite
2022-10-31CynetMax Malyutin
Orion Threat Alert: Qakbot TTPs Arsenal and the Black Basta Ransomware
Black Basta Cobalt Strike QakBot
2022-10-27vmwareTakahiro Haruyama
Threat Analysis: Active C2 Discovery Using Protocol Emulation Part3 (ShadowPad)
ShadowPad
2022-10-27MicrosoftMicrosoft Threat Intelligence
Raspberry Robin worm part of larger ecosystem facilitating pre-ransomware activity
FAKEUPDATES BumbleBee Clop Fauppod Raspberry Robin Roshtyak Silence DEV-0950 Mustard Tempest
2022-10-27MicrosoftMicrosoft Security Threat Intelligence
Raspberry Robin worm part of larger ecosystem facilitating pre-ransomware activity
FAKEUPDATES BumbleBee Fauppod PhotoLoader Raspberry Robin Roshtyak
2022-10-25MicrosoftMicrosoft Security Threat Intelligence
DEV-0832 (Vice Society) opportunistic ransomware campaigns impacting US education sector
BlackCat Mount Locker PortStarter Zeppelin Vanilla Tempest
2022-10-25VMware Threat Analysis UnitTakahiro Haruyama
Tracking the entire iceberg: long-term APT malware C2 protocol emulation and scanning
ShadowPad Winnti
2022-10-24Youtube (Virus Bulletin)Google Threat Analysis Group, Luca Nagy
Uncovering a broad criminal ecosystem powered by one of the largest botnets
Glupteba
2022-10-23BlackberryThe BlackBerry Research & Intelligence Team
Unattributed RomCom Threat Actor Spoofing Popular Apps Now Hits Ukrainian Militaries
ROMCOM RAT RomCom
2022-10-22MicrosoftMicrosoft Security Threat Intelligence
DEV-0952 deploys Daixin ransomware at hospitals
2022-10-21SymantecThreat Hunter Team
Exbyte: BlackByte Ransomware Attackers Deploy New Exfiltration Tool
ExByte
2022-10-14MicrosoftMicrosoft Security Threat Intelligence
New “Prestige” ransomware impacts organizations in Ukraine and Poland
Prestige
2022-10-13MicrosoftMicrosoft Threat Hunting, MSRC Team
Hunting for Cobalt Strike: Mining and plotting for fun and profit
Cobalt Strike