Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-06-01MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
New sophisticated email-based attack from NOBELIUM
Cobalt Strike
2021-06-01Rising Threat Intelligence CenterRising Threat Intelligence Center
Rising warning: APT organizes Lazarus Group to launch an attack on China
2021-06-01BitdefenderAlin Mihai Barbatei, Oana Asoltanei, Silviu Stahie
Threat Actors Use Mockups of Popular Apps to Spread Teabot and Flubot Malware on Android
Anatsa FluBot
2021-05-28MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
Breaking down NOBELIUM’s latest early-stage toolset
BOOMBOX Cobalt Strike
2021-05-28Twitter (@MBThreatIntel)Malwarebytes Threat Intelligence
Tweet on web skimmer hiding JavaScript inside images for exfiltration
2021-05-26FacebookFacebook
Threat Report: The State of Influence Operations 2017-2020
2021-05-24Anchored Narratives on Threat Intelligence and GeopoliticsRJM
Tracking StrongPity with Yara
StrongPity
2021-05-20SubexSecureHussain Kathawala
CyberGate Threat Report
CyberGate
2021-05-20MicrosoftMicrosoft 365 Defender Threat Intelligence Team
Phorpiex morphs: How a longstanding botnet persists and thrives in the current threat environment
Phorpiex
2021-05-20Github (microsoft)Microsoft
Microsoft 365 Defender Hunting Queries for hunting multiple threat actors' TTPs and malwares
STRRAT OceanLotus BabyShark Elise Revenge RAT WastedLocker Zebrocy
2021-05-19Medium Mehmet ErgeneMehmet Ergene
Enterprise Scale Threat Hunting: Network Beacon Detection with Unsupervised ML and KQL — Part 2
Cobalt Strike
2021-05-18BlackberryBlackBerry Threat Research and Intelligence Team
Strong ARMing with MacOS: Adventures in Cross-Platform Emulation
2021-05-17splunkSplunk Threat Research Team
DarkSide Ransomware: Splunk Threat Update and Detections
DarkSide
2021-05-13SecureworksCounter Threat Unit ResearchTeam
Ransomware Groups Use Tor-Based Backdoor for Persistent Access
DarkSide Snatch GOLD WATERFALL
2021-05-13BlackberryBlackBerry Threat Research and Intelligence Team
Threat Thursday: SombRAT — Always Leave Yourself a Backdoor
SombRAT
2021-05-13AnomaliGage Mele, Tara Gould
Threat Actors Use MSBuild to Deliver RATs Filelessly
Remcos
2021-05-13DomainToolsJohn “Turbo” Conwell, Tim Helming
Domain Blooms: Identifying Domain Name Themes Targeted By Threat Actors
2021-05-12Medium Mehmet ErgeneMehmet Ergene
Enterprise Scale Threat Hunting: Network Beacon Detection with Unsupervised ML and KQL — Part 1
Cobalt Strike
2021-05-11VMRayMateusz Lukaszewski, VMRay Labs Team
Threat Bulletin: Exploring the Differences and Similarities of Agent Tesla v2 & v3
Agent Tesla
2021-05-11QianxinQi'anxin Threat Intelligence
Analysis of a series of attacks by the suspected Lazarus organization using Daewoo Shipyard as relevant bait