Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-03IBMAndrew Gorecki, Camille Singleton, John Dwyer
Dissecting Sodinokibi Ransomware Attacks: Bringing Incident Response and Intelligence Together in the Fight
Valak QakBot REvil
2021-09-03McAfeeChanung Pak
Phishing Android Malware Targets Taxpayers in India
Elibomi
2021-09-03FireEyeAdrian Sanchez Hernandez, Alex Pennino, Andrew Rector, Brendan McKeague, Govand Sinjari, Harris Ansari, John Wolfram, Joshua Goddard, Yash Gupta
PST, Want a Shell? ProxyShell Exploiting Microsoft Exchange Servers
CHINACHOPPER HTran
2021-09-03SophosAnand Ajjan, Andrew Ludgate, Gabor Szappanos, Peter Mackenzie, Sean Gallagher, Sergio Bestulic, Syed Zaidi
Conti affiliates use ProxyShell Exchange exploit in ransomware attacks
Cobalt Strike Conti
2021-09-02MandiantMandiant
Advanced Persistent Threats (APTs)
APT9
2021-09-02AhnLabASEC Analysis Team
Attacks using metasploit meterpreter
Appleseed Meterpreter
2021-09-02MalwareBookReportsmuzi
Cross-Platform Java Dropper: Snake and XLoader (Mac Version)
Xloader 404 Keylogger
2021-09-02LIFARSVlad Pasca
Vjw0rm Worm/RAT
Vjw0rm
2021-09-02US Department of Health and Human ServicesHealth Sector Cybersecurity Coordination Center (HC3)
Demystifying BlackMatter
BlackMatter BlackMatter DarkSide
2021-09-02BloombergJordan Robertson
Juniper Breach Mystery Starts to Clear With New Details on Hackers and U.S. Role (APT5)
2021-09-02Medium michaelkoczwaraMichael Koczwara
Cobalt Strike PowerShell Payload Analysis
Cobalt Strike
2021-09-02KrCertKrCERT
TTPs#6 Targeted Watering Hole Attack Strategy Analysis (SILENT CHOLLIMA)
Tiger RAT
2021-09-02AnomaliGage Mele, Rory Gould, Sean Townsend, Tara Gould
Cybercrime Group FIN7 Using Windows 11 Alpha-Themed Docs to Drop Javascript Backdoor
2021-09-02nvisoMaxime Thiebaut
Anatomy and Disruption of Metasploit Shellcode
2021-09-02Twitter (@th3_protoCOL)Colin, GaborSzappanos
Tweet on Confluence Server exploitation (CVE-2021-26084) in the wild and cobaltsrike activity (mentioned in replies by GaborSzappanos)
Cobalt Strike
2021-09-02MicrosoftMicrosoft Offensive Research & Security Engineering team
A deep-dive into the SolarWinds Serv-U SSH vulnerability (DEV-0322)
2021-09-02JuniperAlex Burt, Asher Langton
Attacks Continue Against Realtek Vulnerabilities
Dark
2021-09-02Bleeping ComputerSergiu Gatlan
Autodesk reveals it was targeted by Russian SolarWinds hackers
SUNBURST
2021-09-02KasperskyAnton Kuzmenko, Haim Zigel, Oleg Kupreev
QakBot Technical Analysis
QakBot
2021-09-02TalosAzim Khodjibaev, Caitlin Huey, David Liebenberg, Dmytro Korzhevin
Translated: Talos' insights from the recently leaked Conti ransomware playbook
Conti