Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-04-06McAfeeAlexandre Mundo, Thibault Seret, Thomas Roccia
Technical Analysis of Cuba Ransomware
Cuba
2021-03-10ESET ResearchMathieu Tartare, Matthieu Faou, Thomas Dupuy
Exchange servers under siege from at least 10 APT groups
Microcin MimiKatz PlugX Winnti APT27 APT41 Calypso Tick ToddyCat Tonto Team Vicious Panda
2021-03-02VolexityJosh Grunzweig, Matthew Meltzer, Sean Koessel, Steven Adair, Thomas Lancaster
Operation Exchange Marauder: Active Exploitation of Multiple Zero-Day Microsoft Exchange Vulnerabilities
CHINACHOPPER HAFNIUM
2021-02-24McAfeeAlexandre Mundo, John Fokker, Thibault Seret, Thomas Roccia
Technical Analysis of Babuk Ransomware
Babuk
2021-01-280xC0DECAFEThomas Barabosch
Learn how to fix PE magic numbers with Malduck
2021-01-080xC0DECAFEThomas Barabosch
The malware analyst’s guide to aPLib decompression
ISFB Rovnix
2020-12-280xC0DECAFEThomas Barabosch
Never upload ransomware samples to the Internet
Ryuk
2020-12-230xC0DECAFEThomas Barabosch
Detect RC4 in (malicious) binaries
SmokeLoader Zloader
2020-12-17TelekomThomas Barabosch
Smokeloader is still alive and kickin’ – A new way to encrypt CC server URLs
SmokeLoader
2020-12-14VolexityDamien Cash, Matthew Meltzer, Sean Koessel, Steven Adair, Thomas Lancaster, Volexity Threat Research
Dark Halo Leverages SolarWinds Compromise to Breach Organizations
SUNBURST
2020-12-04Stratosphere LaboratoryLisandro Ubiedo, María José Erquiaga, Sebastian García, Thomas O'Hara, Veronica Valeros
Current State of IPv6 Security in IoT
2020-11-06VolexitySteven Adair, Thomas Lancaster, Volexity Threat Research
OceanLotus: Extending Cyber Espionage Operations Through Fake Websites
Cobalt Strike KerrDown APT32
2020-10-19SPAM AuditorThomas
The Many Faces of Emotet
Emotet
2020-10-06TelekomThomas Barabosch
Eager Beaver: A Short Overview of the Restless Threat Actor TA505
Clop Get2 SDBbot TA505
2020-07-24Medium tom_rockThomas Roccia
Fifty Shades of Malware Strings
2020-06-16TelekomThomas Barabosch
TA505 returns with a new bag of tricks
Clop Get2 SDBbot TA505
2020-05-14TelekomThomas Barabosch
LOLSnif – Tracking Another Ursnif-Based Targeted Campaign
LOLSnif
2020-05-06MalwarebytesHossein Jazi, Jérôme Segura, Thomas Reed
New Mac variant of Lazarus Dacls RAT distributed via Trojanized 2FA app
Dacls
2020-04-21VolexityAndrew Case, Dave Lassalle, Matthew Meltzer, Sean Koessel, Steven Adair, Thomas Lancaster
Evil Eye Threat Actor Resurfaces with iOS Exploit and Updated Implant
2020-03-26TelekomThomas Barabosch
TA505's Box of Chocolate - On Hidden Gems packed with the TA505 Packer
Amadey Azorult Clop FlawedGrace Get2 SDBbot Silence TinyMet TA505