Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-07-01Trend MicroWilliam Gamazo Sanchez
PurpleFox Using WPAD to Target Indonesian Users
PurpleFox
2021-06-30Sophos SecOpsTilly Travers
What to expect when you’ve been hit with REvil ransomware
REvil
2021-06-30CynetMax Malyutin
Shelob Moonlight – Spinning a Larger Web From IcedID to CONTI, a Trojan and Ransomware collaboration
Conti IcedID
2021-06-30synthesis.to blogTim Blazytko
Automation in Reverse Engineering: String Decryption
Mirai
2021-06-30BleepingComputerLawrence Abrams
Leaked Babuk Locker ransomware builder used in new attacks
Babuk
2021-06-30The RecordCatalin Cimpanu
Gozi malware gang member arrested in Colombia
Gozi ISFB
2021-06-30RiskIQJennifer Grob, Jordan Herman
Bulletproof Hosting Services: Investigating Media Land LLC
2021-06-30GuardicoreLiad Mordekoviz, Ophir Harpaz
SMB Worm “Indexsinas” Uses Lateral Movement to Infect Whole Networks
2021-06-30Group-IBOleg Skulkin
REvil Twins Deep Dive into Prolific RaaS Affiliates' TTPs
Cobalt Strike REvil
2021-06-30SophosTilly Travers
MTR in Real Time: Hand-to-hand combat with REvil ransomware chasing a $2.5 million pay day
REvil
2021-06-30Advanced IntelligenceAdvIntel Security & Development Team, Brandon Rudisel, Yelisey Boguslavskiy
Ransomware-&-CVE: Industry Insights Into Exclusive High-Value Target Adversarial Datasets
BlackKingdom Ransomware Clop dearcry Hades REvil
2021-06-29YoroiYoroi
The "WayBack” Campaign: a Large Scale Operation Hiding in Plain Sight
2021-06-29Twitter (@IntezerLabs)Intezer
Tweet on unknown elf backdoor based on an open source remote shell named "amcsh"
BioSet
2021-06-29Medium hidocohenHido Cohen
GuLoader’s Anti-Analysis Techniques
CloudEyE
2021-06-29FacebookJessica Romero
Combating E-Commerce Scams and Account Takeover Attacks
2021-06-29NetskopeGhanashyam Satpathy, Jenko Hwong
Not Laughing: Malicious Office Documents using LoLBins
2021-06-29Medium MITRE-EngenuityJon Baker, Nicholas Amon
Security Control Mappings: A Starting Point for Threat-Informed Defense
2021-06-29Twitter (@sisoma2)sisoma2
Tweet on vidar stealer using Tumblr to obtain dynamic config
Vidar
2021-06-29AccentureAccenture Security
HADES ransomware operators continue attacks
Cobalt Strike Hades MimiKatz
2021-06-29The RecordCatalin Cimpanu
Free decrypter available for Lorenz ransomware
Lorenz