Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-09-14Deep instinctMark Vaitzman, Ron Ben Yizhak, Simon Kenin
Operation Rusty Flag – A Malicious Campaign Against Azerbaijanian Targets
Unidentified 110 (RustyFlag)
2023-08-26BushidoToken BlogBushidoToken
Tracking Adversaries: Scattered Spider, the BlackCat affiliate
BlackLotus POORTRY
2023-08-10CrowdStrikeCounter Adversary Operations, Ken Balint, Marco Ortisi, Nicolas Zilio
Discovering and Blocking a Zero-Day Exploit with CrowdStrike Falcon Complete: The Case of CVE-2023-36874
2023-06-29DeepInstinctDeep Instinct Threat Lab, Simon Kenin
PhonyC2: Revealing a New Malicious Command & Control Framework by MuddyWater
PhonyC2 POWERSTATS
2023-06-02MandiantDAN NUTTING, Genevieve Stark, Greg Blaum, Jeremy Kennelly, JOE PISANO, Josh Murchie, Juraj Sucik, Justin Moore, Kimberly Goody, Matthew McWhirt, Nader Zaveri, NICHOLAS BENNETT, OLLIE STYLES, PETER UKHANOV, WILL SILVERSTONE, ZACH SCHRAMM, Zander Work
Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft
2023-05-260xToxin Labs@0xToxin
Kraken - The Deep Sea Lurker Part 2
KrakenKeylogger
2023-05-25MandiantCorey Hildebrandt, Daniel Kapellmann Zafra, Keith Lunden, Ken Proska, Nathan Brubaker, Rushikesh Nandedkar
COSMICENERGY: New OT Malware Possibly Related To Russian Emergency Response Exercises
LIGHTWORK PIEHOP
2023-05-24BushidoToken BlogBushidoToken
Unmasking Ransomware Using Stylometric Analysis: Shadow, 8BASE, Rancoz
8Base
2023-05-20@0xToxin
Kraken - The Deep Sea Lurker Part 1
KrakenKeylogger
2023-04-28Trend MicroDon Ovid Ladores, Earle Maui Earnshaw, Ian Kenefick
Rapture, a Ransomware Family With Similarities to Paradise
Paradise
2023-03-13TrendmicroIan Kenefick
Emotet Returns, Now Adopts Binary Padding for Evasion
Emotet
2023-03-09DeepInstinctSimon Kenin
DUCKTAIL: Threat Operation Re-emerges with New LNK, PowerShell, and Other Custom Tactics to Avoid Detection
DUCKTAIL
2023-01-05AttackIQFrancis Guibernau, Ken Towne
Emulating the Highly Sophisticated North Korean Adversary Lazarus Group
MagicRAT Tiger RAT
2022-12-23TrendmicroIan Kenefick
IcedID Botnet Distributors Abuse Google PPC to Distribute Malware
IcedID
2022-12-09Positive TechnologiesPTSecurity
APT Cloud Atlas: Unbroken Threat
2022-12-08DeepInstinctDeep Instinct Threat Lab, Simon Kenin
New MuddyWater Threat: Old Kitten; New Tricks
2022-11-26BushidoToken BlogBushidoToken
Detecting and Fingerprinting Infostealer Malware-as-a-Service platforms
CollectorGoomba Misha TitanStealer
2022-10-28cocomelonccocomelonc
APT techniques: Token theft via UpdateProcThreadAttribute. Simple C++ example.
2022-10-12Trend MicroIan Kenefick, Lucas Silva, Nicole Hernandez
Black Basta Ransomware Gang Infiltrates Networks via QAKBOT, Brute Ratel, and Cobalt Strike
Black Basta Brute Ratel C4 Cobalt Strike QakBot
2022-09-25cocomelonccocomelonc
APT techniques: Access Token manipulation. Token theft. Simple C++ example.