Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-10-28cocomelonccocomelonc
APT techniques: Token theft via UpdateProcThreadAttribute. Simple C++ example.
2022-10-12Trend MicroIan Kenefick, Lucas Silva, Nicole Hernandez
Black Basta Ransomware Gang Infiltrates Networks via QAKBOT, Brute Ratel, and Cobalt Strike
Black Basta Brute Ratel C4 Cobalt Strike QakBot
2022-09-25cocomelonccocomelonc
APT techniques: Access Token manipulation. Token theft. Simple C++ example.
2022-09-06Trend MicroDon Ovid Ladores, Ian Kenefick, Ieriz Nicolle Gonzalez, Ivan Nicole Chavez, Janus Agcaoili, Lucas Silva, Paul Pajares, Scott Burden
Play Ransomware's Attack Playbook Similar to that of Hive, Nokoyawa
PLAY
2022-07-31BushidoToken BlogBushidoToken
Space Invaders: Cyber Threats That Are Out Of This World
Poison Ivy Raindrop SUNBURST TEARDROP WastedLocker
2022-07-28Kaspersky LabsIgor Kuznetsov, Leonid Bezvershenko
LofyLife: malicious npm packages steal Discord tokens and bank card data
Lofy
2022-07-28KasperskyIgor Kuznetsov, Leonid Bezvershenko
LofyLife: malicious npm packages steal Discord tokens and bank card data
2022-07-26MandiantDaniel Kapellmann Zafra, Jay Christiansen, Keith Lunden, Ken Proska, Thibault van Geluwe de Berlaere
Mandiant Red Team Emulates FIN11 Tactics To Control Operational Technology Servers
Clop Industroyer MimiKatz Triton
2022-07-14SophosAndrew Brandt, Andy French, Bill Kearney, Elida Leite, Harinder Bhathal, Lee Kirkpatrick, Peter Mackenzie, Robert Weiland, Sergio Bestulic
BlackCat ransomware attacks not merely a byproduct of bad luck
BlackCat BlackCat
2022-06-30Trend MicroEmmanuel Panopio, James Panlilio, John Kenneth Reyes, Kenneth Adrian Apostol, Melvin Singwa, Mirah Manlapig, Paolo Ronniel Labrador
Black Basta Ransomware Operators Expand Their Attack Arsenal With QakBot Trojan and PrintNightmare Exploit
Black Basta Cobalt Strike QakBot
2022-06-29IntezerJoakim Kennedy
YTStealer Malware: “YouTube Cookies! Om Nom Nom Nom”
YTStealer
2022-06-26BushidoToken
Overview of Russian GRU and SVR Cyberespionage Campaigns 1H 2022
Cobalt Strike CredoMap EnvyScout
2022-06-21Enum0x539
Qvoid-Token-Grabber
QvoidStealer
2022-06-09BlackberryJoakim Kennedy, The BlackBerry Research & Intelligence Team
Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat
Symbiote
2022-06-01Deep instinctSimon Kenin
Iranian Threat Actor Continues to Develop Mass Exploitation Tools
CobaltMirage FRP
2022-06-01cybleCyble Research Labs
Hazard Token Grabber: Upgraded Version Of Stealer Targeting Discord Users
2022-05-19Trend MicroAdolph Christian Silverio, Jeric Miguel Abordo, Khristian Joseph Morales, Maria Emreen Viray
Bruised but Not Broken: The Resurgence of the Emotet Botnet Malware
Emotet QakBot
2022-05-05Cisco TalosAliza Berk, Asheer Malhotra, Jung soo An, Justin Thattil, Kendall McKay
Mustang Panda deploys a new wave of malware targeting Europe
Cobalt Strike Meterpreter PlugX PUBLOAD
2022-05-03CiscoJAIME FILSON, Kendall McKay, Paul Eubanks.
Conti and Hive ransomware operations: Leveraging victim chats for insights
Conti Hive
2022-05-02Cisco TalosJAIME FILSON, Kendall McKay, Paul Eubanks
Conti and Hive ransomware operations: Leveraging victim chats for insights
Cobalt Strike Conti Hive