Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-10-04CiscoTiago Pereira
Threat hunting in large datasets by clustering security events
BazarBackdoor TrickBot
2021-09-30CiscoArnaud Zobec, Vitor Ventura
A wolf in sheep's clothing: Actors spread malware by leveraging trust in Amnesty International and fear of Pegasus
2021-09-16CiscoTiago Pereira, Vitor Ventura
Operation Layover: How we tracked an attack on the aviation industry to five years of compromise
AsyncRAT Houdini NjRAT
2021-08-31Cisco TalosEdmund Brumaghin, Vitor Ventura
Attracting flies with Honey(gain): Adversarial abuse of proxyware
2021-08-12Cisco TalosVanja Svajcer
Signed MSI files, Raccoon and Amadey are used for installing ServHelper RAT
Amadey Raccoon ServHelper
2021-07-02CiscoAsheer Malhotra, Justin Thattil
InSideCopy: How this APT continues to evolve its arsenal
AllaKore CetaRAT Lilith NjRAT ReverseRAT
2021-06-22CiscoNick Biasini
Attackers in Executive Clothing - BEC continues to separate orgs from their money
2021-06-01CiscoJosh Pyorre
Backdoors, RATs, Loaders evasion techniques
BazarNimrod GoldMax Oblique RAT
2021-05-26Cisco TalosVitor Ventura, Warren Mercer
Elizabethan England has nothing on modern-day Russia
2021-05-07Cisco TalosAndrew Windsor, Caitlin Huey, Edmund Brumaghin
Lemon Duck spreads its wings: Actors target Microsoft Exchange servers, incorporate new TTPs
CHINACHOPPER Cobalt Strike Lemon Duck
2021-04-06Github (FrenchCisco)FrenchCisco
Github Repository: RATel
RATel
2021-03-24CiscoCaitlin Huey, David Liebenberg
Quarterly Report: Incident Response trends from Winter 2020-21
Egregor REvil WastedLocker
2021-03-09Cisco TalosCisco Talos
Hafnium Update: Continued Microsoft Exchange Server Exploitation
2021-03-02Cisco TalosAsheer Malhotra
ObliqueRAT returns with new campaign using hijacked websites
Oblique RAT
2021-02-17Cisco TalosVanja Svajcer
Masslogger campaigns exfiltrates user credentials
MASS Logger
2021-01-04Cisco TalosAzim Khodjibaev, Dmytro Korzhevin, Kendall McKay
Interview with a LockBit ransomware operator
LockBit
2020-12-21Cisco TalosJON MUNSHAW
2020: The year in malware
WolfRAT Prometei Poet RAT Agent Tesla Astaroth Ave Maria CRAT Emotet Gozi IndigoDrop JhoneRAT Nanocore RAT NjRAT Oblique RAT SmokeLoader StrongPity WastedLocker Zloader
2020-12-21US Court of Appeals for the Ninth CourtCisco, Github, Google, Internet Association, LinkedIn, Microsoft, VMWare, WhatsApp
Case: 20-16408: WhatsApp et al. vs NSO Group
2020-12-14Cisco TalosNick Biasini
Threat Advisory: SolarWinds supply chain attack
SUNBURST TEARDROP
2020-12-09CiscoCaitlin Huey, David Liebenberg
Quarterly Report: Incident Response trends from Fall 2020
Cobalt Strike IcedID Maze RansomEXX Ryuk