Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-04-25ElasticDaniel Stepanic
Elastic Security Labs discovers the LOBSHOT malware
LOBSHOT
2023-04-19MicrosoftJustin Warner, Microsoft Threat Intelligence Center (MSTIC)
Exploring STRONTIUM's Abuse of Cloud Services
FusionDrive
2023-04-18Department of JusticeDepartment of Justice
U.S. Citizens and Russian Intelligence Officers Charged with Conspiring to Use U.S. Citizens as Illegal Agents of the Russian Government
2023-04-07ElasticSalim Bitam
Attack chain leads to XWORM and AGENTTESLA
Agent Tesla XWorm
2023-04-04Check Point ResearchJiří Vinopal
Rorschach – A New Sophisticated and Fast Ransomware
Rorschach Ransomware
2023-03-30ElasticDaniel Stepanic, Devon Kerr, Joe Desimone, Remco Sprooten, Samir Bousseaden
Elastic users protected from SUDDENICON’s supply chain attack
3CX Backdoor
2023-03-27ElasticRemco Sprooten
REF2924: how to maintain persistence as an (advanced?) threat
Godzilla Webshell Behinder NAPLISTENER SiestaGraph REF2924
2023-03-20ElasticRemco Sprooten
NAPLISTENER: more bad dreams from developers of SIESTAGRAPH
NAPLISTENER SiestaGraph
2023-03-17ElasticCyril François, Daniel Stepanic
Thawing the permafrost of ICEDID Summary
IcedID PhotoLoader
2023-03-14SecuiSTIC
[Threat Analysis] CHM malware targeting North Korea-related corporations
2023-03-10MrtiepoloGianluca Tiepolo
Sophisticated APT29 Campaign Abuses Notion API to Target the European Commission
BEATDROP EnvyScout GraphicalNeutrino tDiscoverer VaporRage
2023-02-02YouTube (SLEUTHCON)Christopher Glyer, Microsoft Threat Intelligence Center (MSTIC)
Lions, Tigers, and Infostealers - Oh my!
RecordBreaker RedLine Stealer Vidar
2023-02-02ElasticAndrew Pease, Cyril François, Devon Kerr, Remco Sprooten, Salim Bitam, Seth Goodwin
Update to the REF2924 intrusion set and related campaigns
DoorMe ShadowPad SiestaGraph
2023-02-02ThreatMonThreatMon
DoNot Team (APT-C-35) Analysis of Latest Campaign: Sophisticated Excel Macro Attack Targeting Pakistan
2023-01-26US Department of JusticeU.S. Attorney's Office Western District of Washington
Alleged French cybercriminal to appear in Seattle on indictment for conspiracy, computer intrusion, wire fraud and aggravated identity theft
ShinyHunters
2023-01-05AttackIQFrancis Guibernau, Ken Towne
Emulating the Highly Sophisticated North Korean Adversary Lazarus Group
MagicRAT Tiger RAT
2022-12-16ElasticAndrew Pease, Daniel Stepanic, Devon Kerr, Salim Bitam, Samir Bousseaden, Seth Goodwin
SiestaGraph: New implant uncovered in ASEAN member foreign ministry
DoorMe SiestaGraph
2022-10-31ElasticAndrew Pease, Daniel Stepanic, Derek Ditch, Seth Goodwin
ICEDIDs network infrastructure is alive and well
IcedID
2022-10-28Elastic@rsprooten, Elastic Security Intelligence & Analytics Team
EMOTET dynamic config extraction
Emotet
2022-10-25MicrosoftMicrosoft Security Threat Intelligence
DEV-0832 (Vice Society) opportunistic ransomware campaigns impacting US education sector
BlackCat Mount Locker PortStarter Zeppelin Vanilla Tempest