Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-09-20Cado SecurityMatt Muir
Cado Security Labs Researchers Witness a 600X Increase in P2Pinfect Traffic
P2Pinfect
2023-08-10ESET ResearchMatthieu Faou
MoustachedBouncer AitM-powered surveillance via Belarus ISPs
NightClub
2023-08-10ESET ResearchMatthieu Faou
MoustachedBouncer: Espionage against foreign diplomats in Belarus
NightClub MoustachedBouncer
2023-07-31Cado SecurityMatt Muir, Nate Bill
Cado Security Labs Encounter Novel Malware, Redis P2Pinfect
P2Pinfect
2023-07-24MandiantAustin Larsen, Dan Kelly, Joseph Pisano, Mark Golembiewski, Matt Williams, Paige Godvin
North Korea Leverages SaaS Provider in a Targeted Supply Chain Attack
FULLHOUSE STRATOFEAR TraderTraitor
2023-07-10MandiantJennifer Guzzetta, Matthew McWhirt, Phil Pearce, Thirumalai Natarajan Muthiah
Defend Against the Latest Active Directory Certificate Services Threats
2023-06-15GoogleAlyssa Glickman, Austin Larsen, Fernando Tomlinson, Jakub Jozwiak, John Palmisano, John Wolfram, Josh Villanueva, Mathew Potaczek, Matthew McWhirt
Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China
SALTWATER SEASPY WHIRLPOOL UNC4841
2023-06-15MandiantAustin Larsen, John Palmisano, John Wolfram, Mathew Potaczek, Matthew McWhirt
Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China
SALTWATER SEASPY UNC4841
2023-06-02MandiantDAN NUTTING, Genevieve Stark, Greg Blaum, Jeremy Kennelly, JOE PISANO, Josh Murchie, Juraj Sucik, Justin Moore, Kimberly Goody, Matthew McWhirt, Nader Zaveri, NICHOLAS BENNETT, OLLIE STYLES, PETER UKHANOV, WILL SILVERSTONE, ZACH SCHRAMM, Zander Work
Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft
2023-05-09Huntress LabsMatthew Brennan
Advanced Cyberchef Tips - AsyncRAT Loader
AsyncRAT
2023-05-07Twitter (@embee_research)Matthew
AgentTesla - Full Loader Analysis - Resolving API Hashes Using Conditional Breakpoints
Agent Tesla
2023-04-23ESET ResearchAlexandre Côté Cyr, Matthieu Faou
TA410: APT10’s distant cousin
FlowCloud Lookback PlugX Quasar RAT Tendyron Witchetty
2023-04-18Rapid7 LabsMatt Green
Automating Qakbot Detection at Scale With Velociraptor
QakBot
2023-04-18Cisco TalosMatthew Olney
State-sponsored campaigns target global network infrastructure
2023-04-10Twitter (@embee_research)Matthew
Redline Stealer - Static Analysis and C2 Extraction
Amadey RedLine Stealer
2023-04-05velociraptorMatt Green
Automating Qakbot Decode At Scale
QakBot
2023-04-03MandiantEduardo Mattos, JASON DEYALSINGH, Nick Richard, NICK SMITH, Tyler McLellan
ALPHV Ransomware Affiliate Targets Vulnerable Backup Installations to Gain Initial Access
LaZagne BlackCat MimiKatz
2023-02-23Jamf BlogFerdous Saljooki, Jaron Bradley, Matt Benyo
Evasive cryptojacking malware targeting macOS found lurking in pirated applications
2023-02-08Huntress LabsJoe Slowik, Matt Anderson
Investigating Intrusions From Intriguing Exploits
Silence
2023-01-05MandiantEduardo Mattos, Gabby Roncone, John Wolfram, Sarah Hawley, Tyler McLellan
Turla: A Galaxy of Opportunity
KopiLuwak Andromeda QUIETCANARY