Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-11-11splunkSplunk Threat Research Team
FIN7 Tools Resurface in the Field – Splinter or Copycat?
JSSLoader Remcos
2021-11-11MicrosoftMicrosoft 365 Defender Threat Intelligence Team
HTML smuggling surges: Highly evasive loader technique increasingly used in banking malware, targeted attacks
AsyncRAT Mekotio NjRAT
2021-11-10Malware.Newsmalware news
Playstation 5 hacked—twice!
Fail0verflow
2021-11-10AhnLabASEC Analysis Team
Analysis Report of Lazarus Group’s NukeSped Malware
DarkComet Tiger RAT
2021-11-10Group-IBGroup-IB
REDCURL: The awakening
RedCurl
2021-11-10Twitter (@ESETresearch)ESET Research
Tweet on a discovery of a trojanized IDA Pro installer, distributed by the LABYRINTH CHOLLIMA group.
2021-11-10CIRCLCIRCL
TR-64 - Exploited Exchange Servers - Mails with links to malware from known/valid senders
QakBot
2021-11-10RT on the RussianAleksey Polyakov, Alena Goinskaya, Ekaterina Suslova, Elizaveta Koroleva
"He does not get in touch": what is known about Barnaul, wanted by the FBI on charges of cybercrime
REvil REvil
2021-11-10zimperiumAazim Yaswant
PhoneSpy: The App-Based Cyberattack Snooping South Korean Citizens
PhoneSpy
2021-11-10Trend MicroTrend Micro Research
Void Balaur and the Rise of the Cybermercenary Industry
ZStealer Void Balaur
2021-11-10Trend MicroTrend Micro Research
Void Balaur and the Rise of the Cybermercenary Industry (IOCs)
2021-11-10CrowdStrikeAntonio Parata
Ploutus ATM Malware Case Study: Automated Deobfuscation of a Strongly Obfuscated .NET Binary
Ploutus ATM
2021-11-10open source dfirAlexander Jäger
Use EVTX files on VirusTotal with Timesketch and Sigma (Part 2)
2021-11-10BlackberryCodi Starks, Ryan Chapman
REvil Under the Microscope
GootKit REvil
2021-11-10MicrosoftJohn Lambert
The hunt for NOBELIUM, the most sophisticated nation-state attack in history
2021-11-10Cisco TalosAsheer Malhotra, Jungsoo An, Kendall McKay
North Korean attackers use malicious blogs to deliver malware to high-profile South Korean targets
GoldDragon
2021-11-10RandoriRandori Attack Team
Zero-Day Disclosure: Palo Alto Networks GlobalProtect VPN CVE-2021-3064
2021-11-10Twitter (@billyleonard)Billy Leonard, Google Threat Analysis Group
Tweet on Rekoobe (used by APT31), being a fork of open source tool called Tiny SHell, used by different actor since at least 2012
Rekoobe
2021-11-10AT&TJosh Gomez
Stories from the SOC - Powershell, Proxyshell, Conti TTPs OH MY!
Cobalt Strike Conti
2021-11-10McAfeeKiran Raj
The Newest Malicious Actor: “Squirrelwaffle” Malicious Doc.
Squirrelwaffle