Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-11-04BlackberryBlackBerry Research & Intelligence Team
Threat Thursday: Karma Ransomware
Karma
2021-11-04splunkSplunk Threat Research Team
Detecting IcedID... Could It Be A Trickbot Copycat?
IcedID
2021-11-03Group-IBAndrey Zhdanov
The Darker Things BlackMatter and their victims
BlackMatter DarkSide BlackMatter DarkSide
2021-11-03Didier StevensDidier Stevens
New Tool: cs-extract-key.py
Cobalt Strike
2021-11-03open source dfirAlexander Jäger
Use EVTX files on VirusTotal with Timesketch and Sigma (Part1)
2021-11-03Twitter (@Corvid_Cyber)CORVID
Tweet on a unique Qbot debugger dropped by an actor after compromise
QakBot
2021-11-03US Department of DefenseUS Department of Defense
Military and Security Developments Involving the People’s Republic of China
2021-11-03MITREMITRE
Threat-Informed Defense Adoption Handbook: September 2021 Edition, Volume 1
2021-11-03AvastMartin Chlumecký
DirtyMoe: Deployment
DirtyMoe
2021-11-03Bleeping ComputerLawrence Abrams
BlackMatter ransomware moves victims to LockBit after shutdown
BlackMatter BlackMatter LockBit
2021-11-03TelsyTelsy Research Team
Dissecting new AppleSeed backdoor of Kimsuky threat actor
Appleseed
2021-11-03RiskIQKelsey Clapp
Vagabon PhishKit - An Example of Shared Code Modularity
2021-11-03nvisoDidier Stevens
Cobalt Strike: Using Process Memory To Decrypt Traffic – Part 3
Cobalt Strike
2021-11-03MicrosoftCristin Goodwin
Understanding Nation State Threats
2021-11-03Team Cymrutcblogposts
Webinject Panel Administration: A Vantage Point into Multiple Threat Actor Campaigns - A Case Study on the Value of Threat Reconnaisance
DoppelDridex IcedID QakBot Zloader
2021-11-03MalwarebytesJérôme Segura
Credit card skimmer evades Virtual Machines
magecart
2021-11-03Trend MicroAlfredo Oliveira, David Fiser
TeamTNT Upgrades Arsenal, Refines Focus on Kubernetes and GPU Environments
TeamTNT
2021-11-03CERT-FRANSSI
Identification of a new cybercriminal group: Lockean
DoppelPaymer Egregor Maze PwndLocker REvil
2021-11-03Check Point ResearchAbedalla Hadra, Arie Olshtein
Mekotio Banker Returns with Improved Stealth and Ancient Encryption
Mekotio
2021-11-03Cisco TalosCaitlin Huey, Chetan Raghuprasad, Vanja Svajcer
Microsoft Exchange vulnerabilities exploited once again for ransomware, this time with Babuk
Babuk CHINACHOPPER