Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-04-05velociraptorMatt Green
Automating Qakbot Decode At Scale
QakBot
2023-03-30K7 SecurityLathashree K
GoatRAT Attacks Automated Payment Systems
GoatRAT
2023-03-30CrowdStrikeCS ENGINEER
2023-03-29 // SITUATIONAL AWARENESS // CrowdStrike Tracking Active Intrusion Campaign Targeting 3CX Customers
3CX Backdoor
2023-03-29CrowdStrikeResearch & Threat Intel
CrowdStrike Falcon Platform Detects and Prevents Active Intrusion Campaign Targeting 3CXDesktopApp Customers
3CX Backdoor
2023-03-23MandiantJosh Fleischer, Rufus Brown, Ryan Tomcik
UNC961 in the Multiverse of Mandiant: Three Encounters with a Financially Motivated Threat Actor
HOLERUN LIGHTBUNNY Prophet Spider
2023-03-16MandiantAlexander Marvi, BRAD SLAYBAUGH, DAN EBREO, Muhammad Umair, TINA JOHNSON, Tufail Ahmed
Fortinet Zero-Day and Custom Malware Used by Suspected Chinese Actor in Espionage Operation
UNC3886
2023-03-16SentinelOneTom Hegel
Winter Vivern | Uncovering a Wave of Global Espionage
APERETIF Winter Vivern
2023-03-09DeepInstinctSimon Kenin
DUCKTAIL: Threat Operation Re-emerges with New LNK, PowerShell, and Other Custom Tactics to Avoid Detection
DUCKTAIL
2023-02-27ChannelLifeTom Ragnel
The increasing presence of pro-Russia hacktivists
Zarya
2023-02-020x0d4y0x0d4y
[Zero2Automated] Complete Custom Sample Challenge Analysis
CruLoader
2023-01-29Dark VortexParanoid Ninja
Hiding In PlainSight - Indirect Syscall is Dead! Long Live Custom Call Stacks
Brute Ratel C4
2023-01-24TrellixDaksh Kapur, John Fokker, Robert Venal, Tomer Shloman
Cyberattacks Targeting Ukraine Increase 20-fold at End of 2022 Fueled by Russia-linked Gamaredon Activity
Andromeda Formbook Houdini Remcos
2023-01-12Sentinel LABSAleksandar Milenkoski, Tom Hegel
NoName057(16) – The Pro-Russian Hacktivist Group Targeting NATO
Bobik Dosia NoName057(16)
2023-01-09TrendmicroFe Cureg, Hitomi Kimura, Ryan Maglaque, Trent Bessell
Gootkit Loader Actively Targets Australian Healthcare Industry
GootLoader GootKit
2023-01-01ThreatMonSeyit Sigirci (@h3xecute), ThreatMon Malware Research Team
The Anatomy of a Sidecopy Attack: From RAR Exploits to AllaKore RAT
AllaKore
2022-12-22Recorded FutureInsikt Group
RedDelta Targets European Government Organizations and Continues to Iterate Custom PlugX Variant
DOPLUGS RedDelta
2022-12-22Sentinel LABSAntonio Cocomazzi
Custom-Branded Ransomware: The Vice Society Group and the Threat of Outsourced Development
Curator PolyVice
2022-11-28MandiantGeoff Ackerman, John Wolfram, Ryan Tomcik, Tommy Dacanay
Always Another Secret: Lifting the Haze on China-nexus Espionage in Southeast Asia
BLUEHAZE DARKDEW MISTCLOAK UNC4191
2022-11-03Sentinel LABSAntonio Cocomazzi
Black Basta Ransomware | Attacks Deploy Custom EDR Evasion Tools Tied to FIN7 Threat Actor
Black Basta
2022-11-03SentinelOneSentinelLabs
Black Basta Ransomware | Attacks deploy Custom EDR Evasion Tools tied to FIN7 Threat Actor
Black Basta QakBot SocksBot