Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-06-22FindingBad BlogspotJack Crook
Dynamic Correlation, ML and Hunting
2020-06-19ACSCAustralian Cyber Security Centre (ACSC)
Copy-paste compromises
Copy-Paste
2020-06-19Australian Signals DirectorateAustralian Cyber Security Centre (ACSC)
Advisory 2020-008: Copy-paste compromises - tactics, techniques and procedures used to target multiple Australian networks
Copy-Paste
2020-06-19Youtube (Raphael Mudge)Raphael Mudge
Beacon Object Files - Luser Demo
Cobalt Strike
2020-06-19ZscalerAtinderpal Singh, Nirmal Singh, Sahil Antil
Targeted Attack Leverages India-China Border Dispute to Lure Victims
Cobalt Strike
2020-06-19Positive TechnologiesAlexey Vishnyakov
The eagle eye is back: old and new backdoors from APT30
backspace NETEAGLE RCtrl RHttpCtrl APT30
2020-06-18MicrosoftMicrosoft Threat Protection Intelligence Team
Inside Microsoft Threat Protection: Mapping attack chains from cloud to endpoint (APT33/HOLMIUM)
POWERTON
2020-06-18Australian Cyber Security CentreAustralian Cyber Security Centre (ACSC)
Advisory 2020-008: Copy-Paste Compromises –tactics, techniques and procedures used to target multiple Australian networks
TwoFace Cobalt Strike Empire Downloader
2020-06-17MalwarebytesHossein Jazi, Jérôme Segura
Multi-stage APT attack drops Cobalt Strike using Malleable C2 feature
Cobalt Strike
2020-06-17SentinelOneMichael Myngerbayev
A Click from the Backyard | Analysis of CVE-2020-9332, a Vulnerable USB Redirection Software
2020-06-17Kaspersky LabsKaspersky Lab ICS CERT
Targeted attacks on industrial companies using Snake ransomware
Snake
2020-06-17CognizantCognizant
Notice of Data Breach
Maze
2020-06-17Twitter (@MsftSecIntel)Microsoft Security Intelligence
A tweet thread on TA505 using CAPTCHA to avoid detection and infecting victims with FlawedGrace
FlawedGrace
2020-06-17Github (f0wl)Marius Genheimer
deICEr: A Go tool for extracting config from IcedID second stage Loaders
IcedID
2020-06-17paloalto Networks Unit 42Dominik Reichel, Esmid Idrizovic
AcidBox: Rare Malware Repurposing Turla Group Exploit Targeted Russian Organizations
AcidBox
2020-06-17ESET ResearchDominik Breitenbacher, Kaspars Osis
Operation In(ter)ception: Targeted Attacks against European Aerospace and Military Companies
Interception
2020-06-16New Zealand CERTNew Zealand CERT
Active ransomware campaign leveraging remote access technologies
Nefilim
2020-06-16BleepingComputerSergiu Gatlan
Chipmaker MaxLinear reports data breach after Maze Ransomware attack
Maze
2020-06-16PTSecurityPT ESC Threat Intelligence
Cobalt: tactics and tools update
CobInt
2020-06-16MorphisecMichael Gorelik
CrystalBit / Apple Double DLL Hijack -- From fraudulent software bundle downloads to an evasive miner raging campaign