Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-12-16Red CanaryThe Red Canary Team
Intelligence Insights: December 2021
Cobalt Strike QakBot Squirrelwaffle
2021-12-16BlackberryThe BlackBerry Research & Intelligence Team
Threat Thursday: Warzone RAT Breeds a Litter of ScriptKiddies
Ave Maria
2021-12-14SymantecThreat Hunter Team
Espionage Campaign Targets Telecoms Organizations across Middle East and Asia
MimiKatz
2021-12-12NCC GroupRIFT: Research and Intelligence Fusion Team
Log4Shell: Reconnaissance and post exploitation network detection
2021-12-11MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability
Khonsari NightSky BRONZE STARLIGHT
2021-12-11SymantecThreat Hunter Team
Apache Log4j Zero-Day Being Exploited in the Wild
Kaiten
2021-12-10CrowdStrikeCrowdStrike Intelligence Team
Log4j2 Vulnerability “Log4Shell” (CVE-2021-44228)
2021-12-09MicrosoftMicrosoft 365 Defender Threat Intelligence Team
A closer look at Qakbot’s latest building blocks (and how to knock them down)
QakBot
2021-12-07TelsyTelsy Research Team
NOBELIUM again or eCrime operation?
Sliver
2021-12-07Malcatmalcat team
Exploit, steganography and Delphi: unpacking DBatLoader
DBatLoader
2021-12-07sysdigAlberto Pellitteri
Threat news: TeamTNT stealing credentials using EC2 Instance Metadata
TeamTNT
2021-12-06MandiantAshraf Abdalhalim, Ben Read, Doug Bienstock, Gabriella Roncone, Jonathan Leathery, Josh Madeley, Juraj Sucik, Luis Rocha, Luke Jenkins, Manfred Erjak, Marius Fodoreanu, Microsoft Detection and Response Team (DART), Microsoft Threat Intelligence Center (MSTIC), Mitchell Clarke, Parnian Najafi, Sarah Hawley, Wojciech Ledzion
Suspected Russian Activity Targeting Government and Business Entities Around the Globe (UNC2452)
Cobalt Strike CryptBot
2021-12-02AhnLabASEC Analysis Team
Spreading AgentTesla through more sophisticated malicious PPT
Agent Tesla
2021-12-02MalwarebytesHossein Jazi, Threat Intelligence Team
SideCopy APT: Connecting lures to victims, payloads to infrastructure
SideCopy
2021-12-01SymantecSymantec Threat Hunter Team
The Threat Landscape in 2021
2021-12-01Trend MicroTrend Micro Research
Analyzing How TeamTNT Used Compromised Docker Hub Accounts
TeamTNT
2021-11-30SymantecSymantec Threat Hunter Team
Yanluowang: Further Insights on New Ransomware Threat
BazarBackdoor Cobalt Strike FiveHands
2021-11-30QianxinRed Raindrop Team
Cyberspace's Magic Eye: PROMETHIUM Fakes attack activity analysis of NotePads and installation packages
StrongPity
2021-11-29Qianxin Threat Intelligence CenterRed Raindrop Team
APT-Q-12: An intelligence espionage campaign targeting the trade industry
Unidentified 100 (APT-Q-12) APT-C-60
2021-11-29CrowdStrikeFalcon OverWatch Team
Nowhere to Hide: Detecting SILENT CHOLLIMA’s Custom Tooling