Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-11-17Cisco TalosGuilherme Venere
Understanding the Phobos affiliate structure and activity
Phobos
2023-10-23ProofpointJared Peck
From Copacabana to Barcelona: The Cross-Continental Threat of Brazilian Banking Malware
Grandoreiro TA2725
2023-10-15Cert-UACert-UA
Peculiarities of destructive cyber attacks against Ukrainian providers (CERT-UA#7627)
Poseidon UAC-0006
2023-10-05TalosGuilherme Venere
Qakbot-affiliated actors distribute Ransom Knight malware despite infrastructure takedown
QakBot
2023-10-03Luca Mella
Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more)
LockBit LockBit Conti LockBit
2023-09-19CheckpointAlexey Bukhteyev, Arie Olshtein
Unveiling the Shadows: The Dark Alliance between GuLoader and Remcos
CloudEyE Remcos
2023-09-06BitdefenderGraham Clueley
Pizza Hut Australia leaks one million customers' details, claims ShinyHunters hacking group
ShinyHunters
2023-08-26BushidoToken BlogBushidoToken
Tracking Adversaries: Scattered Spider, the BlackCat affiliate
BlackLotus POORTRY
2023-08-23Department of JusticeUnited States District Court for the Central District of California
Application and Affidavit for a Seizure Warrant by Telephone or other Reliable Electronic Means
QakBot
2023-08-21Department of JusticeUnited States District Court for the Central District of California
Application for a Warrant by Telephone or other reliable Electronic Means
QakBot
2023-08-18TEAMT5Still Hsu, Zih-Cing Liao
Unmasking CamoFei: An In-depth Analysis of an Emerging APT Group Focused on Healthcare Sectors in East Asia
CatB Cobalt Strike DoorMe GIMMICK
2023-07-24MandiantAustin Larsen, Dan Kelly, Joseph Pisano, Mark Golembiewski, Matt Williams, Paige Godvin
North Korea Leverages SaaS Provider in a Targeted Supply Chain Attack
FULLHOUSE STRATOFEAR TraderTraitor
2023-07-19Palo Alto Networks Unit 42Nathaniel Quist, Nelson William Gamazo Sanchez, Unit 42
P2PInfect: The Rusty Peer-to-Peer Self-Replicating Worm
P2Pinfect
2023-06-22ReliaquestCaroline Fenstermacher
Goot to Loot - How a Gootloader Infection Led to Credential Access
GootLoader SystemBC
2023-06-20SOCRadarSOCRadar
Cyber Shadows Pact: Darknet Parliament (KillNet, Anonymous Sudan, REvil)
UserSec
2023-06-14CISAANSSI, Australian Cyber Security Centre (ACSC), Bundesamt für Sicherheit in der Informationstechnik (BSI), Canadian Centre for Cyber Security (CCCS), CERT NZ, FBI, MS-ISAC, NCSC UK, New Zealand National Cyber Security Centre (NZ NCSC)
Understanding Ransomware Threat Actors: Lockbit
LockBit
2023-05-22Cert-UACert-UA
Espionage activity of UAC-0063 against Ukraine, Kazakhstan, Kyrgyzstan, Mongolia, Israel, India (CERT-UA#6549)
CHERRYSPY UAC-0063
2023-05-22SekoiaCharles M., Jamila B., Kilian Seznec
Bluenoroff’s RustBucket campaign
RustBucket WebbyTea
2023-05-17Medium (@DCSO_CyTec)Axel Wauer, Emilia Neuber, Jiro Minier, Johann Aydinbas, Kritika Roy
Andariel’s “Jupiter” malware and the case of the curious C2
Jupiter
2023-05-13SekoiaJeremy Scion, Livia Tibirna, Pierre Le Bourhis, Sekoia TDR
Mallox affiliate leverages PureCrypter in MS-SQL exploitation campaigns
PureCrypter TargetCompany