Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-05-19splunkSplunk Threat Research Team
Threat Update: AcidRain Wiper
AcidRain
2022-05-19BlackberryThe BlackBerry Research & Intelligence Team
.NET Stubs: Sowing the Seeds of Discord
Agent Tesla Quasar RAT WhisperGate
2022-05-19MicrosoftMicrosoft 365 Defender Research Team
Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices
XOR DDoS
2022-05-17SekoiaQuentin Bourgue, Threat & Detection Research Team
EternityTeam: a new prominent threat group on underground forums
Eternity Stealer
2022-05-16Malwarebytes LabsThreat Intelligence Team
Custom PowerShell RAT targets Germans seeking information about the Ukraine crisis
Unidentified PS 003 (RAT)
2022-05-12TEAMT5Leon Chang, Silvia Yeh
The Next Gen PlugX/ShadowPad? A Dive into the Emerging China-Nexus Modular Trojan, Pangolin8RAT (slides)
KEYPLUG Cobalt Strike CROSSWALK FunnySwitch PlugX ShadowPad Winnti SLIME29 TianWu
2022-05-12BlackberryThe BlackBerry Research & Intelligence Team
Threat Thursday: Malware Rebooted - How Industroyer2 Takes Aim at Ukraine Infrastructure
INDUSTROYER2
2022-05-12SecureworksCounter Threat Unit ResearchTeam
COBALT MIRAGE Conducts Ransomware Operations in U.S.
CobaltMirage FRP APT35
2022-05-11TEAMT5Charles Li, Che Chang
To loot or Not to Loot? That Is Not a Question - When State-Nexus APT Targets Online Entertainment Industry
APT27 BRONZE STARLIGHT SLIME29 TianWu
2022-05-11Sandfly SecurityThe Sandfly Security Team
BPFDoor - An Evasive Linux Backdoor Technical Analysis
BPFDoor
2022-05-11CrowdStrikeAdrian Justice, CrowdStrike Overwatch Team
IceApple: A Novel Internet Information Services (IIS) Post-Exploitation Framework
2022-05-10Malwarebytes LabsThreat Intelligence Team
APT34 targets Jordan Government using new Saitama backdoor
Saitama Backdoor
2022-05-09Microsoft SecurityMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself
Griffon BazarBackdoor BlackCat BlackMatter Blister Gozi LockBit Pandora Rook SystemBC TrickBot
2022-05-09Qianxin Threat Intelligence CenterRed Raindrops Team
Operation EviLoong: An electronic party of "borderless" hackers
ZXShell
2022-05-09BlackberryThe BlackBerry Research & Intelligence Team
Dirty Deeds Done Dirt Cheap: Russian RAT Offers Backdoor Bargains
DCRat NjRAT
2022-05-09MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself
AnchorDNS BlackCat BlackMatter Conti DarkSide HelloKitty Hive LockBit REvil FAKEUPDATES Griffon ATOMSILO BazarBackdoor BlackCat BlackMatter Blister Cobalt Strike Conti DarkSide Emotet FiveHands Gozi HelloKitty Hive IcedID ISFB JSSLoader LockBit LockFile Maze NightSky Pandora Phobos Phoenix Locker PhotoLoader QakBot REvil Rook Ryuk SystemBC TrickBot WastedLocker BRONZE STARLIGHT
2022-05-09SecureworksCounter Threat Unit ResearchTeam
REvil Development Adds Confidence About GOLD SOUTHFIELD Reemergence
REvil
2022-05-09TEAMT5TeamT5
Hiding in Plain Sight: Obscuring C2s by Abusing CDN Services
Cobalt Strike
2022-05-05Malwarebytes LabsThreat Intelligence Team
Nigerian Tesla: 419 scammer gone malware distributor unmasked
Agent Tesla
2022-05-05BlackberryThe BlackBerry Research & Intelligence Team
Threat Thursday: ZingoStealer – The Cost of “Free”
ZingoStealer