Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-11-10Group-IBGroup-IB
REDCURL: The awakening
RedCurl
2021-11-10Twitter (@ESETresearch)ESET Research
Tweet on a discovery of a trojanized IDA Pro installer, distributed by the LABYRINTH CHOLLIMA group.
2021-11-10CIRCLCIRCL
TR-64 - Exploited Exchange Servers - Mails with links to malware from known/valid senders
QakBot
2021-11-10RT on the RussianAleksey Polyakov, Alena Goinskaya, Ekaterina Suslova, Elizaveta Koroleva
"He does not get in touch": what is known about Barnaul, wanted by the FBI on charges of cybercrime
REvil REvil
2021-11-10zimperiumAazim Yaswant
PhoneSpy: The App-Based Cyberattack Snooping South Korean Citizens
PhoneSpy
2021-11-10Trend MicroTrend Micro Research
Void Balaur and the Rise of the Cybermercenary Industry
ZStealer Void Balaur
2021-11-10Trend MicroTrend Micro Research
Void Balaur and the Rise of the Cybermercenary Industry (IOCs)
2021-11-10CrowdStrikeAntonio Parata
Ploutus ATM Malware Case Study: Automated Deobfuscation of a Strongly Obfuscated .NET Binary
Ploutus ATM
2021-11-10open source dfirAlexander Jäger
Use EVTX files on VirusTotal with Timesketch and Sigma (Part 2)
2021-11-10BlackberryCodi Starks, Ryan Chapman
REvil Under the Microscope
GootKit REvil
2021-11-10MicrosoftJohn Lambert
The hunt for NOBELIUM, the most sophisticated nation-state attack in history
2021-11-10Cisco TalosAsheer Malhotra, Jungsoo An, Kendall McKay
North Korean attackers use malicious blogs to deliver malware to high-profile South Korean targets
GoldDragon
2021-11-10RandoriRandori Attack Team
Zero-Day Disclosure: Palo Alto Networks GlobalProtect VPN CVE-2021-3064
2021-11-10Twitter (@billyleonard)Billy Leonard, Google Threat Analysis Group
Tweet on Rekoobe (used by APT31), being a fork of open source tool called Tiny SHell, used by different actor since at least 2012
Rekoobe
2021-11-10AT&TJosh Gomez
Stories from the SOC - Powershell, Proxyshell, Conti TTPs OH MY!
Cobalt Strike Conti
2021-11-10McAfeeKiran Raj
The Newest Malicious Actor: “Squirrelwaffle” Malicious Doc.
Squirrelwaffle
2021-11-10SekoiaCyber Threat Intelligence team
Walking on APT31 infrastructure footprints
Rekoobe Unidentified ELF 004 Cobalt Strike
2021-11-10mai1zhi2
mai1zhi2 / SharpBeacon - CobaltStrike Beacon written in .Net 4
SharpBeacon
2021-11-09CybereasonAleksandar Milenkoski, Eli Salem
THREAT ANALYSIS REPORT: From Shatak Emails to the Conti Ransomware
Cobalt Strike Conti
2021-11-09CertitudeWolfgang Ettlinger
The Invisible JavaScript Backdoor