Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2019-10-03Kim Zetter
Researchers Say They Uncovered Uzbekistan Hacking Operations Due to Spectacularly Bad OPSEC
Chainshot
2019-10-02tcontre
DCRAT malware Evades SandBox that use Fake Internet by using the Google public DNS IP address
DCRat
2019-10-02Virus BulletinDaniel Lunghi, Jaromír Hořejší
Abusing third-party cloud services in targeted attacks
BadNews SLUB
2019-10-02CertegoMarco Bompani, Matteo Lodi
Malware Tales: FTCODE
FTCODE
2019-10-02McAfeeMcAfee Labs
McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service – What The Code Tells Us
Gandcrab REvil
2019-10-01SophosMichael Wood, Rajesh Nataraj, Vikas Singh
Lemon_Duck PowerShell malware cryptojacks enterprise networks
Lemon Duck
2019-10-01CrowdStrikeKarl Scheuerman, Piotr Wojtyla
Don't miss the forest for the trees gleaning hunting value from too much intrusion data
Winnti
2019-10-01ESET ResearchZuzana Hromcová
AT COMMANDS, TOR-BASED COMMUNICATIONS: MEET ATTOR, A FANTASY CREATURE AND ALSO A SPY PLATFORM
Attor
2019-09-30vmwareScott Knight
CB Threat Analysis Unit: Technical Analysis of “Crosswalk”
CROSSWALK
2019-09-30LastlineJason Zhang, Stefano Ortolani
HELO Winnti: Attack or Scan?
Winnti
2019-09-26JuniperPaul Kimayong
Masad Stealer: Exfiltrating using Telegram
Masad Stealer
2019-09-26MicrosoftMicrosoft Defender ATP Research Team
Bring your own LOLBin: Multi-stage, fileless Nodersok campaign delivers rare Node.js-based malware
Divergent
2019-09-26ProofpointBryan Campbell, Jeremy Hedges, Proofpoint Threat Insight Team
New WhiteShadow downloader uses Microsoft SQL to retrieve malware
WhiteShadow Agent Tesla Azorult Crimson RAT Formbook Nanocore RAT NetWire RC NjRAT Remcos
2019-09-25CylanceCylance Research and Intelligence Team
PcShare Backdoor Attacks Targeting Windows Users with FakeNarrator Malware
PcShare
2019-09-25GovCERT.chGovCERT.ch
Trickbot - An analysis of data collected from the botnet
TrickBot
2019-09-24YoroiAntonio Farina, Luca Mella
APT or not APT? What's Behind the Aggah Campaign
Azorult
2019-09-24The Citizen LabAdam Hulcoop, and Ron Deibert, Bahr Abdul Razzak, Bill Marczak, Etienne Maynier, John Scott-Railton, Masashi Crete-Nishihata
Missing Link Tibetan Groups Targeted with 1-Click Mobile Exploits
PoisonCarp POISON CARP
2019-09-24Cisco TalosJungsoo An, Paul Rascagnères, Warren Mercer
How Tortoiseshell created a fake veteran hiring website to host malware
Liderc SysKit
2019-09-24ESET ResearchESET Research
No summer vacations for Zebrocy
Zebrocy
2019-09-23MITREMITRE ATT&CK
APT41
Derusbi MESSAGETAP Winnti ASPXSpy BLACKCOFFEE CHINACHOPPER Cobalt Strike Derusbi Empire Downloader Ghost RAT MimiKatz NjRAT PlugX ShadowPad Winnti ZXShell APT41