Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-08-05KrebsOnSecurityBrian Krebs
Ransomware Gangs and the Name Game Distraction
DarkSide RansomEXX Babuk Cerber Conti DarkSide DoppelPaymer Egregor FriedEx Gandcrab Hermes Maze RansomEXX REvil Ryuk Sekhmet
2021-08-05Red CanaryBrian Donohue, Dan Cotton, Tony Lambert
When Dridex and Cobalt Strike give you Grief
Cobalt Strike DoppelDridex DoppelPaymer
2021-08-05TesorionGijs Rijnders
Analysis of the BlackMatter ransomware
BlackMatter
2021-08-05Bleeping ComputerLawrence Abrams
Linux version of BlackMatter ransomware targets VMware ESXi servers
BlackMatter
2021-08-05InQuestInQuest Labs
The Trystero Project
2021-08-05Twitter (@VK_intel)Vitali Kremez
Tweet on Linux variant of BlackMatter
BlackMatter
2021-08-05Twitter (@AltShiftPrtScn)Peter Mackenzie
Tweet on Conti ransomware affiliates using AnyDesk, Atera, Splashtop, Remote Utilities and ScreenConnect to maintain network access
Conti
2021-08-05The RecordCatalin Cimpanu
Meet Prometheus, the secret TDS behind some of today’s malware campaigns
Buer campoloader IcedID QakBot
2021-08-05The RecordCatalin Cimpanu
Disgruntled ransomware affiliate leaks the Conti gang’s technical manuals
Conti
2021-08-05Seguranca InformaticaPedro Tavares
The clandestine Horus Eyes RAT: From the underground to criminals’ arsenal
Horus Eyes RAT
2021-08-05Twitter (@AltShiftPrtScn)Peter Mackenzie
Tweet on Lorenz ransomware tricking user into allowing OAuth permissions to "Thunderbird with ExQuilla" for O365
Lorenz
2021-08-05Bleeping ComputerLawrence Abrams
Angry Conti ransomware affiliate leaks gang's attack playbook
Conti
2021-08-05UptycsSiddharth Sharma
Cryptominer ELFs Using MSR to Boost Mining Process
2021-08-05cybleCyble
BlackMatter Under the Lens: An Emerging Ransomware Group Looking for Affiliates
DarkSide
2021-08-05SecureworksCounter Threat Unit ResearchTeam
Detecting Cobalt Strike: Government-Sponsored Threat Groups (APT32)
Cobalt Strike
2021-08-05NSFOCUSNSFOCUS
LOREC53 Organizational Analysis Report - Attack Activity Part
2021-08-05Twitter (@BaoshengbinCumt)2ero
Attacks on NCGSA, MOITT, MOD, NSCP and SCO in Pakistan
NetWire RC
2021-08-05SymantecThreat Hunter Team
Attacks Against Critical Infrastructure: A Global Concern
BlackEnergy DarkSide DistTrack Stuxnet
2021-08-05Group-IBNikita Rostovcev, Viktor Okorokov
Prometheus TDS The key to success for Campo Loader, Hancitor, IcedID, and QBot
Prometheus Backdoor Buer campoloader Hancitor IcedID QakBot
2021-08-04ASECASEC
S/W Download Camouflage, Spreading Various Kinds of Malware
Raccoon RedLine Stealer Remcos Vidar