Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-03-07TrellixAlejandro Houspanossian, John Fokker, Mathanraj Thangaraju, Pham Duy Phuc, Raghav Kapoor
Qakbot Evolves to OneNote Malware Distribution
QakBot
2023-01-24TrellixDaksh Kapur, John Fokker, Robert Venal, Tomer Shloman
Cyberattacks Targeting Ukraine Increase 20-fold at End of 2022 Fueled by Russia-linked Gamaredon Activity
Andromeda Formbook Houdini Remcos
2023-01-05MandiantEduardo Mattos, Gabby Roncone, John Wolfram, Sarah Hawley, Tyler McLellan
Turla: A Galaxy of Opportunity
KopiLuwak Andromeda QUIETCANARY
2022-12-16AonJohn Ailes, Julia Paluch
SCL -1: The Dangerous Side Of Safe Senders
2022-11-28MandiantGeoff Ackerman, John Wolfram, Ryan Tomcik, Tommy Dacanay
Always Another Secret: Lifting the Haze on China-nexus Espionage in Southeast Asia
BLUEHAZE DARKDEW MISTCLOAK UNC4191
2022-10-09DataBreaches.netDissent
Johnson Fitness and Wellness hit by DESORDEN Group
Desorden Group
2022-10-06AonAndre Maccarone, Chapin Bryce, John Ailes
Amazon Web Services: Exploring The Cost Of Exfil
2022-10-04YouTube (John Hammond)John Hammond
HAVOC C2 - Demon Bypasses Windows 11 Defender
Havoc
2022-08-30Medium the_abjuri5tJohn F
NanoCore RAT Hunting Guide
Nanocore RAT
2022-06-30Trend MicroEmmanuel Panopio, James Panlilio, John Kenneth Reyes, Kenneth Adrian Apostol, Melvin Singwa, Mirah Manlapig, Paolo Ronniel Labrador
Black Basta Ransomware Operators Expand Their Attack Arsenal With QakBot Trojan and PrintNightmare Exploit
Black Basta Cobalt Strike QakBot
2022-06-08TrustwaveJohn Anderson
Not all "Internet Connections" are Equal
2022-04-29MandiantAnders Vejlby, John Wolfram, Nick Simonian, Sarah Hawley, Tyler McLellan
Trello From the Other Side: Tracking APT29 Phishing Campaigns
BEATDROP VaporRage
2022-04-28MandiantAnders Vejlby, John Wolfram, Nick Simonian, Sarah Hawley, Tyler McLellan
Trello From the Other Side: Tracking APT29 Phishing Campaigns
Cobalt Strike
2022-04-18CitizenLabBahr Abdul Razzak, Bill Marczak, Elies Campo, Gözde Böcü, John Scott-Railton, Ron Deibert, Salvatore Solimano, Siena Anstis
CatalanGate Extensive Mercenary Spyware Operation against Catalans Using Pegasus and Candiru
Chrysaor Caramel Tsunami
2022-04-12SophosAndrew Brandt, Angela Gunn, Ferenc László Nagy, Johnathan Fern, Linda Smith, Matthew Everts, Mauricio Valdivieso, Melissa Kelly, Peter Mackenzie, Sergio Bestulic
Attackers linger on government agency computers before deploying Lockbit ransomware
LockBit
2022-04-05Medium jsecurity101Jonathan Johnson
Bypassing Access Mask Auditing Strategies
2022-03-31TrellixJambul Tologonov, John Fokker
Conti Leaks: Examining the Panama Papers of Ransomware
LockBit Amadey Buer Conti IcedID LockBit Mailto Maze PhotoLoader Ryuk TrickBot
2022-03-28MandiantBrandon Wilbur, Dallin Warne, Geoff Ackerman, James Maclachlan, John Wolfram, Tufail Ahmed
Forged in Fire: A Survey of MobileIron Log4Shell Exploitation
KEYPLUG
2022-03-23MandiantDan Scott, Elias fox, Gary Freas, Jeffery Johnson, Michael Barnhart, Michelle Cantos
Not So Lazarus: Mapping DPRK Cyber Threat Groups to Government Organizations
2022-03-21IEEEAndreas Amann, John Fokker, Pierce Ryan, Sorcha Healy
Dynamics of Targeted Ransomware Negotiation