Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-03-04vmwareGiovanni Vigna, Oleg Boyarchuk, Stefano Ortolani, Threat Analysis Unit
Hermetic Malware: Multi-component Threat Targeting Ukraine Organizations
HermeticWiper
2022-02-25vmwareSudhir Devkar, Threat Analysis Unit
AvosLocker – Modern Linux Ransomware Threats
Avoslocker
2022-02-17SentinelOneAmitai Ben, Shushan Ehrlich
Log4j2 In The Wild | Iranian-Aligned Threat Actor “TunnelVision” Actively Exploiting VMware Horizon
APT35
2022-02-09vmwareVMWare
Exposing Malware in Linux-Based Multi-Cloud Environments
ACBackdoor BlackMatter DarkSide Erebus HelloKitty Kinsing PLEAD QNAPCrypt RansomEXX REvil Sysrv-hello TeamTNT Vermilion Strike Cobalt Strike
2022-02-07vmwareJason Zhang, Threat Analysis Unit
Emotet Is Not Dead (Yet) – Part 2
Emotet
2022-01-27vmwareVMWare
BlackSun Ransomware – The Dark Side of PowerShell
BlackSun
2022-01-24Trend MicroJunestherry Dela Cruz
Analysis and Impact of LockBit Ransomware’s First Linux and VMware ESXi Variant
LockBit LockBit
2022-01-21vmwareJason Zhang, Threat Analysis Unit
Emotet Is Not Dead (Yet)
Emotet
2022-01-20MorphisecMichael Gorelik
Log4j Exploit Hits Again: Vulnerable VMWare Horizon Servers at Risk
Cobalt Strike
2022-01-17CybleincCyble
AvosLocker Ransomware Linux Version Targets VMware ESXi Servers
Avoslocker AvosLocker
2022-01-15Huntress LabsTeam Huntress
Threat Advisory: VMware Horizon Servers Actively Being Hit With Cobalt Strike (by DEV-0401)
Cobalt Strike
2022-01-11Twitter (@cglyer)Christopher Glyer
Thread on DEV-0401, a china based ransomware operator exploiting VMware Horizon with log4shell and deploying NightSky ransomware
Cobalt Strike NightSky
2021-12-23vmwareThreat Analysis Unit
Introducing DARTH: Distributed Analysis for Research and Threat Hunting
2021-12-03vmwareVMWare
TigerRAT – Advanced Adversaries on the Prowl
Tiger RAT
2021-11-16vmwareTakahiro Haruyama
Monitoring Winnti 4.0 C2 Servers for Two Years
Winnti
2021-11-11vmwareGiovanni Vigna, Jason Zhang, Stefano Ortolani, Threat Analysis Unit
Research Recap: How To Automate Malware Campaign Detection With Telemetry Peak Analyzer
Phorpiex QakBot
2021-09-21vmwareBob Plankers
VMSA-2021-0020: What You Need to Know (CVE-2021-22005)
2021-08-05Bleeping ComputerLawrence Abrams
Linux version of BlackMatter ransomware targets VMware ESXi servers
BlackMatter
2021-07-26vmwarePavankumar Chaudhari, Quentin Fois
Hunting IcedID and unpacking automation with Qiling
IcedID
2021-07-15Bleeping ComputerLawrence Abrams
Linux version of HelloKitty ransomware targets VMware ESXi servers
HelloKitty