Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-01-14InfobloxDavid Brunsdon
One Mikro Typo: How a simple DNS misconfiguration enables malware delivery by a Russian botnet
2025-01-07SANS ISCYee Ching Tok
PacketCrypt Classic Cryptocurrency Miner on PHP Servers
2025-01-03SANS ISCXavier Mertens
SwaetRAT Delivery Through Python
SwaetRAT
2024-12-11LookoutKyle Schmittle, Paul Shunk
Lookout Discovers Two Russian Android Spyware Families from Gamaredon APT
BoneSpy DroidWatcher PlainGnome
2024-12-11LookoutKristina Balaam
Lookout Discovers New Chinese Surveillance Tool Used by Public Security Bureaus
EagleMsgSpy
2024-11-14Cisco TalosAlex Karkins, Chetan Raghuprasad, Joey Chen
New PXA Stealer targets government and education sectors for sensitive information
PXA Stealer
2024-11-07Cisco TalosAliza Johnson, Chetan Raghuprasad, Elio Biasiotto, Michael Szeliga
Unwrapping the emerging Interlock ransomware attack
Interlock Rhysida
2024-10-31Twitter (@nextronresearch)Nextron Systems
Tweet about discovery of HellDown ransomware
HellDown
2024-10-30Palo Alto Networks Unit 42Unit 42
Jumpy Pisces Engages in Play Ransomware
Dtrack MimiKatz PLAY Sliver
2024-10-24Cisco TalosAaron Boyd
Writing a BugSleep C2 server and detecting its traffic with Snort
bugsleep
2024-10-24Hunt.ioHunt.io
Rekoobe Backdoor Discovered in Open Directory, Possibly Targeting TradingView Users
Rekoobe
2024-10-23Cisco TalosEdmund Brumaghin, Holger Unterbrink, Jordyn Dunk, Nicole Hoffman
Highlighting TA866/Asylum Ambuscade Activity Since 2021
WasabiSeed Cobalt Strike csharp-streamer RAT Resident Rhadamanthys WarmCookie
2024-10-23Cisco TalosEdmund Brumaghin, Holger Unterbrink, Jordyn Dunk, Nicole Hoffman
Threat Spotlight: WarmCookie/BadSpace
Cobalt Strike csharp-streamer RAT WarmCookie
2024-10-22Cisco TalosChetan Raghuprasad
Threat actor abuses Gophish to deliver new PowerRAT and DCRAT
PowerRAT
2024-10-17Cisco TalosAsheer Malhotra, Dmytro Korzhevin, Vanja Svajcer, Vitor Ventura
UAT-5647 targets Ukrainian and Polish entities with RomCom malware variants
MeltingClaw ROMCOM RAT RustyClaw ShadyHammock RomCom
2024-10-16ASECASEC
An Lab and the National Cyber Security Center (NCSC), joint report distribution and Microsoft browser 0-DAY discovery (CVE-2024-38178)
2024-09-26Palo Alto Networks Unit 42Daniel Frank, Lior Rochberger
Unraveling Sparkling Pisces’s Tool Set: KLogEXE and FPSpy
FPSpy KLogEXE Kimsuky
2024-09-19Palo Alto Networks Unit 42Dominik Reichel
Discovering Splinter: A First Look at a New Post-Exploitation Red Team Tool
Splinter
2024-08-28Talos IntelligenceCraig Jackson, James Nutland, Terryn Valikodath
BlackByte blends tried-and-true tradecraft with newly disclosed vulnerabilities to support ongoing attacks
BlackByte
2024-08-21Cisco TalosAsheer Malhotra, Guilherme Venere, Vitor Ventura
MoonPeak malware from North Korean actors unveils new details on attacker infrastructure
MoonPeak XenoRAT UAT-5394