Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-08-06Group-IBSergey Kokurin
Bold ad campaign
2021-08-06The RecordCatalin Cimpanu
Australian cybersecurity agency warns of spike in LockBit ransomware attacks
LockBit
2021-08-06ESET ResearchZuzana Hromcová
IIStealer: A server‑side threat to e‑commerce transactions
2021-08-06ESET ResearchAnton Cherepanov, Zuzana Hromcová
Anatomy of native IIS malware
IISniff RGDoor
2021-08-06Group-IBAndrey Zhdanov
It's alive! The story behind the BlackMatter ransomware strain
BlackMatter DarkSide BlackMatter DarkSide
2021-08-06SonicWallSonicWall
Redosdru.v Malware that hides in encrypted DLL Files to avoid Detection by Firewalls
Redosdru
2021-08-06abuse.chabuse.ch
zgRAT malware samples
zgRAT
2021-08-05KrebsOnSecurityBrian Krebs
Ransomware Gangs and the Name Game Distraction
DarkSide RansomEXX Babuk Cerber Conti DarkSide DoppelPaymer Egregor FriedEx Gandcrab Hermes Maze RansomEXX REvil Ryuk Sekhmet
2021-08-05Red CanaryBrian Donohue, Dan Cotton, Tony Lambert
When Dridex and Cobalt Strike give you Grief
Cobalt Strike DoppelDridex DoppelPaymer
2021-08-05TesorionGijs Rijnders
Analysis of the BlackMatter ransomware
BlackMatter
2021-08-05Bleeping ComputerLawrence Abrams
Linux version of BlackMatter ransomware targets VMware ESXi servers
BlackMatter
2021-08-05InQuestInQuest Labs
The Trystero Project
2021-08-05Twitter (@VK_intel)Vitali Kremez
Tweet on Linux variant of BlackMatter
BlackMatter
2021-08-05Twitter (@AltShiftPrtScn)Peter Mackenzie
Tweet on Conti ransomware affiliates using AnyDesk, Atera, Splashtop, Remote Utilities and ScreenConnect to maintain network access
Conti
2021-08-05The RecordCatalin Cimpanu
Meet Prometheus, the secret TDS behind some of today’s malware campaigns
Buer campoloader IcedID QakBot
2021-08-05The RecordCatalin Cimpanu
Disgruntled ransomware affiliate leaks the Conti gang’s technical manuals
Conti
2021-08-05Seguranca InformaticaPedro Tavares
The clandestine Horus Eyes RAT: From the underground to criminals’ arsenal
Horus Eyes RAT
2021-08-05Twitter (@AltShiftPrtScn)Peter Mackenzie
Tweet on Lorenz ransomware tricking user into allowing OAuth permissions to "Thunderbird with ExQuilla" for O365
Lorenz
2021-08-05Bleeping ComputerLawrence Abrams
Angry Conti ransomware affiliate leaks gang's attack playbook
Conti
2021-08-05UptycsSiddharth Sharma
Cryptominer ELFs Using MSR to Boost Mining Process