Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-30CrowdStrikeFalcon OverWatch Team
Hunting for the Confluence Exploitation: When Falcon OverWatch Becomes the First Line of Defense
Cobalt Strike
2021-09-29TelsyTelsy Research Team
Google Drive abused in document exfiltration operation against Afghanistan
2021-09-27MicrosoftDetection and Response Team (DART)
A guide to combatting human-operated ransomware: Part 2
2021-09-26Medium BlueteamOpsBlueteamOps
Supercharging Bulk DFIR triage with Node-RED, Google’s Log2timeline & Google’s Timesketch
2021-09-23BlackberryThe BlackBerry Research & Intelligence Team
Threat Thursday: BlackMatter RaaS - Darker Than DarkSide?
BlackMatter DarkSide BlackMatter DarkSide
2021-09-22Red CanaryThe Red Canary Team
Intelligence Insights: September 2021
2021-09-22SecureworksCounter Threat Unit ResearchTeam
REvil Ransomware Reemerges After Shutdown; Universal Decryptor Released
REvil REvil
2021-09-21skyblue.team blogskyblue team
Scanning VirusTotal's firehose
Cobalt Strike
2021-09-21MicrosoftMicrosoft 365 Defender Threat Intelligence Team
Catching the big fish: Analyzing a large-scale phishing-as-a-service operation
2021-09-20ChainanalysisChainalysis Team
Chainalysis in Action: OFAC Sanctions Russian Cryptocurrency OTC Suex that Received Over $160 million from Ransomware Attackers, Scammers, Darknet Markets, and Seized Exchange BTC-e
2021-09-20MicrosoftDetection and Response Team (DART)
A guide to combatting human-operated ransomware: Part 1
2021-09-17CrowdStrikeFalcon OverWatch Team
Falcon OverWatch Hunts Down Adversaries Where They Hide
BazarBackdoor Cobalt Strike
2021-09-16BlackberryThe BlackBerry Research & Intelligence Team
Threat Thursday: NetWire RAT is Coming Down the Line
NetWire RC
2021-09-15MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability
EXOTIC LILY
2021-09-15CrowdStrikeFalcon OverWatch Team
Shining a Light on DarkOxide
2021-09-15MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability
Cobalt Strike
2021-09-14Cado SecurityCado Security
TeamTNT Script Employed to Grab AWS Credentials
TeamTNT Tsunami
2021-09-14CrowdStrikeCrowdStrike Intelligence Team
Big Game Hunting TTPs Continue to Shift After DarkSide Pipeline Attack
BlackMatter DarkSide REvil Avaddon BlackMatter Clop Conti CryptoLocker DarkSide DoppelPaymer Hades REvil
2021-09-14ZecOpsZecOps Research Team
The Recent iOS 0-Click, CVE-2021-30860, Sounds Familiar. An Unreleased Write-up: One Year Later
Chrysaor
2021-09-09BlackberryThe BlackBerry Research & Intelligence Team
Threat Thursday: Get Your Paws Off My Data, Raccoon Infostealer
Raccoon