Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-08-03Twitter (@ValthekOn)Valthek
Tweet on blacklisted extensions & names of BlackMatter ransomware making the check against custom hashes values
DarkSide
2021-08-02Youtube (Forschungsinstitut Cyber Defense)Alexander Rausch, Konstantin Klinger
The CODE 2021: Workshop presentation and demonstration about CobaltStrike
Cobalt Strike
2021-07-19ProofpointJoe Wise, Konstantin Klinger, Proofpoint Threat Research Team, Selena Larson
New Threat Actor Uses Spanish Language Lures to Distribute Seldom Observed Bandook Malware
Bandook Caliente Bandits
2021-06-22DarktraceOakley Cox
Crypto-mining on a DNS server
2021-06-17IntezerRyan Robinson
Klingon RAT Holding on for Dear Life
KlingonRAT
2021-06-17ProofpointDennis Schwarz, Konstantin Klinger, Selena Larson
New TA402 Molerats Malware Targets Governments in the Middle East
Molerat Loader
2021-05-27cyberpunkleighcyberpunkleigh
Apostle Ransomware Analysis
Apostle
2021-05-19Nozomi NetworksAlexey Kleymenov
Colonial Pipeline Ransomware Attack: Revealing How DarkSide Works
DarkSide
2021-04-16Trend MicroAriel Neimond Lazaro, Dechao Zhao, Luis Magisa, Steven Du
XCSSET Quickly Adapts to macOS 11 and M1-based Macs
XCSSET
2021-03-09360 netlabJiaYu
Threat Alert: z0Miner Is Spreading quickly by Exploiting ElasticSearch and Jenkins Vulnerabilities
2021-02-22AdvIntelBeatriz Pimenta Klein
Economic Growth, Digital Inclusion, & Specialized Crime: Financial Cyber Fraud in LATAM
BRATA Mekotio Metamorfo Ploutus ATM VictoryGate
2021-02-08Medium kurtikleitonkleiton0x7e
Evade EDR with Shellcode Injection and gain persistence using Registry Run Keys
2021-01-26FireEyeBernard Sapaden, Mohammed Mohsin Dalla, Rahul Mohandas, Sachin Shukla, Srini Seethapathy, Sujnani Ravindra
Phishing Campaign Leverages WOFF Obfuscation and Telegram Channels for Communication
2021-01-24malwareandstuff blogAndreas Klopsch
Catching Debuggers with Section Hashing
2021-01-24evotecPrzemyslaw Klys
The only command you will ever need to understand and fix your Group Policies (GPO)
2021-01-19MalwarebytesMarcin Kleczynski
Malwarebytes targeted by Nation State Actor implicated in SolarWinds breach. Evidence suggests abuse of privileged access to Microsoft Office 365 and Azure environments
2021-01-14ImpervaShiran Bareli
Python Cryptominer Botnet Quickly Adopts Latest Vulnerabilities
2021-01-01SecureworksSecureWorks
Threat Profile: GOLD FRANKLIN
Grateful POS Meterpreter MimiKatz RemCom FIN6
2020-12-16LookoutApurva Kumar, Diane Wee, Justin Albrecht, Robert Nickle
Lookout Discovers New Spyware Used by Sextortionists to Blackmail iOS and Android Users
goontact
2020-12-05CitizenLabCooper Quintin, John Scott-Railton, Rebekah Brown
Something to Remember Us By: Device Confiscated by Russian Authorities Returned with Monokle-Type Spyware Installed
Monokle