Click here to download all references as Bib-File.•
| 2021-05-07
⋅
NCSC UK
⋅
Further TTPs associated with SVR cyber actors Sliver |
| 2021-05-07
⋅
Cisco Talos
⋅
Lemon Duck spreads its wings: Actors target Microsoft Exchange servers, incorporate new TTPs CHINACHOPPER Cobalt Strike Lemon Duck |
| 2021-05-07
⋅
SophosLabs Uncut
⋅
New Lemon Duck variants exploiting Microsoft Exchange Server CHINACHOPPER Cobalt Strike Lemon Duck |
| 2021-05-07
⋅
Microsoft
⋅
Human operated ransomware |
| 2021-05-07
⋅
MuddyWater: Binder Project (Part 2) |
| 2021-05-07
⋅
Morphisec
⋅
Revealing the ‘Snip3’ Crypter, a Highly Evasive RAT Loader Agent Tesla AsyncRAT NetWire RC Revenge RAT |
| 2021-05-07
⋅
SolarWinds
⋅
An Investigative Update of the Cyberattack SUNBURST |
| 2021-05-07
⋅
GCHQ
⋅
Further TTPs associated with SVR cyber actors: Use of multiple publicly available exploits and Sliver framework to target organisations globally |
| 2021-05-07
⋅
Medium svch0st
⋅
Stats from Hunting Cobalt Strike Beacons Cobalt Strike |
| 2021-05-07
⋅
Bleeping Computer
⋅
Data leak marketplaces aim to take over the extortion economy Babuk Maze |
| 2021-05-07
⋅
Group-IB
⋅
Connecting the Bots Hancitor fuels Cuba Ransomware Operations Cuba Hancitor |
| 2021-05-06
⋅
Black Hat
⋅
Threat Hunting in Active Directory Environment |
| 2021-05-06
⋅
Tencent
⋅
Domain Borrowing: Catch My C2 Traffic if You Can |
| 2021-05-06
⋅
Tencent
⋅
Domain Borrowing: Catch My C2 Traffic if You Can |
| 2021-05-06
⋅
Black Hat
⋅
How Did the Adversaries Abusing Bitcoin Blockchain Evade Our Takeover Cerber Pony |
| 2021-05-06
⋅
Group-IB
⋅
GrelosGTM group abuses Google Tag Manager to attack e-commerce websites |
| 2021-05-06
⋅
Sophos Labs
⋅
MTR in Real Time: Pirates pave way for Ryuk ransomware Ryuk |
| 2021-05-06
⋅
Facebook
⋅
April 2021 Coordinated Inauthentic Behavior Report |
| 2021-05-06
⋅
Blackberry
⋅
Threat Thursday: Dr. REvil Ransomware Strikes Again, Employs Double Extortion Tactics REvil |
| 2021-05-06
⋅
xorl %eax, %eax
⋅
Iran Cyber Operations Groups Cleaver |