Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-03-30The RecordJonathan Greig
Hive ransomware shuts down California health care organization
Hive Hive
2022-03-24CSO OnlineJon Gold
Microsoft help files repurposed to contain Vidar malware in new campaign
Vidar
2022-02-28ZDNetJonathan Greig
Microsoft finds FoxBlade malware on Ukrainian systems, removes RT from Windows app store
HermeticWiper
2022-02-18Kookmin UniversityGiyoon Kim, Jongsung Kim, Soojin Kang, Soram Kim
A Method for Decrypting Data Infected with Hive Ransomware
Hive Hive
2022-02-02ZDNetJonathan Greig
BlackCat ransomware implicated in attack on German oil companies
BlackCat BlackCat
2022-02-01Medium walmartglobaltechJason Reaves, Jonathan Mccay, Joshua Platt
Sugar Ransomware, a new RaaS
Sugar
2022-01-27Medium jonahacksJon
Malware Analysis —Manual Unpacking of Redaman
RTM
2022-01-27ANALYST1Jon DiMaggio
A History of Revil
REvil REvil
2021-12-17Trend MicroAbraham Camba, Gilbert Sison, Jay Yaneza, Jonna Santos
Staging a Quack: Reverse Analyzing a Fileless QAKBOT Stager
QakBot
2021-12-06MandiantAshraf Abdalhalim, Ben Read, Doug Bienstock, Gabriella Roncone, Jonathan Leathery, Josh Madeley, Juraj Sucik, Luis Rocha, Luke Jenkins, Manfred Erjak, Marius Fodoreanu, Microsoft Detection and Response Team (DART), Microsoft Threat Intelligence Center (MSTIC), Mitchell Clarke, Parnian Najafi, Sarah Hawley, Wojciech Ledzion
Suspected Russian Activity Targeting Government and Business Entities Around the Globe (UNC2452)
Cobalt Strike CryptBot
2021-12-01ESET ResearchAlexis Dorais-Joncas, Facundo Muñoz
Jumping the air gap: 15 years of nation‑state effort
Agent.BTZ Fanny Flame Gauss PlugX Ramsay Retro Stuxnet USBCulprit USBferry
2021-11-26Twitter (@jhencinski)Jon Hencinski
Twitter Thread on weelky MDR recap from expel.io
GootKit Squirrelwaffle
2021-09-23CloudmarkAdam McNeil, Andrew Conway, Felipe Naves, W. Stuart Jones
TangleBot: New Advanced SMS Malware Targets Mobile Users Across U.S. and Canada with COVID-19 Lures
2021-08-11ANALYST1Jon DiMaggio
Nation State Ransomware
Ryuk Stealer
2021-06-29Medium MITRE-EngenuityJon Baker, Nicholas Amon
Security Control Mappings: A Starting Point for Threat-Informed Defense
2021-06-17Norwegian Police Security Service (PST)Dafina Shala
Etterforskningen av datanettverksoperasjonen mot statsforvalterembeter henlegges
APT31
2021-06-01SpecterOpsJonathan Johnson
Evadere Classifications
2021-05-27FireEyeDan Perez, Emiel Haeghebaert, Greg Wood, Sarah Jones, Stephen Eckels
Re-Checking Your Pulse: Updates on Chinese APT Actors Compromising Pulse Secure VPN Devices
UNC2630 UNC2717
2021-05-05zimperiumJon Paterson
Flubot vs. Zimperium
FluBot
2021-04-20FireEyeDan Perez, Dimiter Andonov, Greg Wood, Jacob Thompson, Jonathan Lepore, Josh Triplett, Joshua Villanueva, Regina Elwell, Sarah Jones, Stephen Eckels, Stroz Friedberg
Check Your Pulse: Suspected APT Actors Leverage Authentication Bypass Techniques and Pulse Secure Zero-Day