Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-06-23RushterArtem Golubin
Threat Hunting Introduction: Cobalt Strike
Cobalt Strike
2025-06-23DarkatlasDarkatlas Squad
Bluenoroff (APT38) Live Infrastructure Hunting
2025-06-19Hunt.ioHunt.io
Cobalt Strike Operators Leverage PowerShell Loaders Across Chinese, Russian, and Global Infrastructure
Cobalt Strike
2025-06-18Huntress LabsAlden Schmidt, Jonathan Semon, Stuart Ashenbrenner
Feeling Blue(Noroff): Inside a Sophisticated DPRK Web3 Intrusion
2025-06-12SymantecCarbon Black, Threat Hunter Team
Fog Ransomware: Unusual Toolset Used in Recent Attack
Fog
2025-06-05Hunt.ioHunt.io
Abusing Paste.ee to Deploy XWorm and AsyncRAT Across Global C2 Infrastructure
AsyncRAT XWorm
2025-05-09LumenChris Formosa, Ryan English
Classic Rock: Hunting a Botnet that preys on the Old
2025-05-09LumenBlack Lotus Labs
Classic Rock: Hunting a Botnet that preys on the Old
2025-05-05Hunt.ioHunt.io
APT36-Style ClickFix Attack Spoofs Indian Ministry to Target Windows & Linux
2025-04-29Recorded FutureInsikt Group
Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting
FAKEUPDATES MintsLoader GhostWeaver Stealc TAG-124
2025-04-16TrendmicroCj Arsley Mateo, Ieriz Nicolle Gonzalez, Jacob Santos, Maristel Policarpio, Sarah Pearl Camiling
CrazyHunter Campaign Targets Taiwanese Critical Sectors
CrazyHunter
2025-04-15Beazley Security LabsBeazley Security Labs
Hunting Mice In Tunnels II - Fake CAPTCHAs and Ransomware
Interlock Supper
2025-04-10SymantecThreat Hunter Team
Shuckworm Targets Foreign Military Mission Based in Ukraine
2025-04-08Hunt.ioHunt.io
State-Sponsored Tactics: How Gamaredon and ShadowPad Operate and Rotate Their Infrastructure
ShadowPad
2025-04-01Hunt.ioHunt.io
Same Russian-Speaking Threat Actor, New Tactics: Abuse of Cloudflare Services for Phishing and Telegram to Filter Victim IPs
Pyramid
2025-03-31WithSecureJeremy Ong
CrazyHunter: The Rising Threat of Open-Source Ransomware
CrazyHunter
2025-03-25SpyCloudJames
On the Hunt for Ghost(Socks)
GhostSocks
2025-03-11Hunt.ioHunt.io
JSPSpy and ‘filebroser’: A Custom File Management Tool in Webshell Infrastructure
2025-03-04Hunt.ioHunt.io
Exposing Russian EFF Impersonators: The Inside Story on Stealc & Pyramid C2
Pyramid Stealc
2025-02-27Hunt.ioHunt.io
Uncovering Joker’s C2 Network: How Hunt’s SSL History Exposed Its Infrastructure
Joker