Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-10-31ElasticAndrew Pease, Colson Wilhoit, Ricardo Ungureanu, Seth Goodwin
Elastic catches DPRK passing out KANDYKORN
HLOADER KANDYKORN SUGARLOADER
2023-10-27ElasticJoe Desimone, Salim Bitam
GHOSTPULSE haunts victims using defense evasion bag o' tricks
HijackLoader Lumma Stealer NetSupportManager RAT Rhadamanthys SectopRAT Vidar
2023-10-13Medium BI.ZONEBI.ZONE
Sticky Werewolf spies attack state organizations of Russia and Belarus
Darktrack RAT
2023-10-13ElasticCyril François
Disclosing the BLOODALCHEMY backdoor
BloodAlchemy REF5961
2023-10-03ElasticAndrew Pease, Cyril François, Daniel Stepanic, Salim Bitam, Seth Goodwin
Introducing the REF5961 intrusion set (RUDEBIRD, DOWNTOWN, and EAGERBEE)
EagerBee SManager REF2924 REF5961
2023-09-07MicrosoftMicrosoft Threat Analysis Center (MTAC)
Sophistication, scope, and scale: Digital threats from East Asia increase in breadth and effectiveness
MUSTANG PANDA Raspberry Typhoon
2023-09-07Department of JusticeOffice of Public Affairs
Multiple Foreign Nationals Charged in Connection with Trickbot Malware and Conti Ransomware Conspiracies
Conti Conti TrickBot
2023-09-05MorphisecArnold Osipov, Hido Cohen
Chae$ 4: New Chaes Malware Variant Targeting Financial and Logistics Customers
Chaes
2023-08-29US Department of JusticeDepartment of Justice
Documents and Resources related to the Disruption of the QakBot Malware and Botnet
QakBot
2023-08-29US Department of JusticeUS Department of Justice
Qakbot Malware Disrupted in International Cyber Takedown
QakBot
2023-08-24ElasticDaniel Stepanic, Salim Bitam
Revisting BLISTER: New development of the BLISTER loader
Blister
2023-08-24ElasticDaniel Stepanic, Salim Bitam
Revisting BLISTER: New development of the BLISTER loader
Blister
2023-08-23Department of JusticeUnited States District Court for the Central District of California
Application and Affidavit for a Seizure Warrant by Telephone or other Reliable Electronic Means
QakBot
2023-08-23Twitter (@cyberwar_15)cyberwar_15
Tweet about VT upload of "Cloud agnostic IAM permissions enumerator" from North Korea
2023-08-21Department of JusticeUnited States District Court for the Central District of California
Application for a Warrant by Telephone or other reliable Electronic Means
QakBot
2023-07-31ProofpointKelsey Merriman, Pim Trouerbach
Out of the Sandbox: WikiLoader Digs Sophisticated Evasion
ISFB WikiLoader
2023-07-16Perception PointIgal Lytzki
Manipulated Caiman: The Sophisticated Snare of Mexico’s Banking Predators
Mispadu
2023-06-29ElasticAndrew Pease, Colson Wilhoit, Ricardo Ungureanu, Salim Bitam, Seth Goodwin
The DPRK strikes using a new variant of RUSTBUCKET
RustBucket
2023-06-23PhylumPhylum Research Team
Phylum Discovers Sophisticated Ongoing Attack on NPM
2023-06-21ElasticAndrew Pease, Colson Wilhoit, Ricardo Ungureanu, Salim Bitam, Seth Goodwin
Initial research exposing JOKERSPY
JokerSpy