Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-09-12SymantecThreat Hunter Team
Redfly: Espionage Actors Continue to Target Critical Infrastructure
ShadowPad Redfly
2023-09-11SymantecSymantec Threat Intelligence
Tweet about Symantec discovering a new variant of SiestaGraph
SiestaGraph
2023-09-01TrellixAdithya Chandra, Joao Marques, Raghav Kapoor
ICYMI: Emotet Reappeared Early This Year, Unfortunately
Emotet
2023-08-22SymantecThreat Hunter Team
Carderbee: APT Group use Legit Software in Supply Chain Attack Targeting Orgs in Hong Kong
PlugX Carderbee
2023-08-07Team CymruS2 Research Team
Visualizing Qakbot Infrastructure Part II: Uncharted Territory
QakBot
2023-08-02Medium (@morimolymoly)morimolymoly
HUI Loader — Malware Analysis Note
HUI Loader
2023-07-28Team CymruS2 Research Team
Inside the IcedID BackConnect Protocol (Part 2)
IcedID
2023-07-18SymantecThreat Hunter Team
FIN8 Uses Revamped Sardonic Backdoor to Deliver Noberus Ransomware
BlackCat Unidentified 103 (FIN8)
2023-06-30K7 SecurityDhanush
Cobalt Strike’s Deployment with Hardware Breakpoint for AMSI Bypass
Cobalt Strike
2023-06-30Github (itaymigdal)Itay Migdal
Formbook unpacking
Formbook
2023-06-21SymantecThreat Hunter Team
Graphican: Flea Uses New Backdoor in Attacks Targeting Foreign Ministries
Graphican
2023-06-20SOCRadarSOCRadar
Cyber Shadows Pact: Darknet Parliament (KillNet, Anonymous Sudan, REvil)
UserSec
2023-06-15Team CymruS2 Research Team
Darth Vidar: The Aesir Strike Back
Vidar
2023-06-15SymantecThreat Hunter Team
Shuckworm: Inside Russia’s Relentless Cyber Campaign Against Ukraine
Pteranodon
2023-06-10The DFIR ReportThe DFIR Report
IcedID Brings ScreenConnect and CSharp Streamer to ALPHV Ransomware Deployment
BlackCat Cobalt Strike IcedID
2023-05-17Team CymruTeam Cymru
Visualizing QakBot Infrastructure
QakBot
2023-05-15SymantecThreat Hunter Team
Lancefly: Group Uses Custom Backdoor to Target Orgs in Government, Aviation, Other Sectors
Merdoor PlugX ShadowPad ZXShell Lancefly
2023-05-08BlackberryBlackBerry Research & Intelligence Team
SideWinder Uses Server-side Polymorphism to Attack Pakistan Government Officials — and Is Now Targeting Turkey
2023-04-21SymantecThreat Hunter Team
X_Trader Supply Chain Attack Affects Critical Infrastructure Organizations in U.S. and Europe
VEILEDSIGNAL
2023-04-20SymantecThreat Hunter Team
Daggerfly: APT Actor Targets Telecoms Company in Africa
MgBot