Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-10-07MandiantAdam Brunner, Genevieve Stark, Jennifer Brooks, Jeremy Kennelly, Joshua Shilko, Kimberly Goody, Zach Riddle
FIN12: The Prolific Ransomware Intrusion Threat Actor That Has Aggressively Pursued Healthcare Targets
BazarBackdoor GRIMAGENT Ryuk
2021-09-03FireEyeAdrian Sanchez Hernandez, Alex Pennino, Andrew Rector, Brendan McKeague, Govand Sinjari, Harris Ansari, John Wolfram, Joshua Goddard, Yash Gupta
PST, Want a Shell? ProxyShell Exploiting Microsoft Exchange Servers
CHINACHOPPER HTran
2021-08-30CrowdStrikeEric Loui, Josh Reynolds
CARBON SPIDER Embraces Big Game Hunting, Part 1
Bateleur Griffon Carbanak DarkSide JSSLoader PILLOWMINT REvil
2021-08-24VolexityDamien Cash, Josh Grunzweig, Steven Adair, Thomas Lancaster
North Korean BLUELIGHT Special: InkySquid Deploys RokRAT
RokRAT
2021-08-17Volatility LabsDamien Cash, Josh Grunzweig, Matthew Meltzer, Steven Adair, Thomas Lancaster
North Korean APT37 / InkySquid Infects Victims Using Browser Exploits
BLUELIGHT APT37
2021-08-11Team CymruJosh Hopkins
MoqHao Part 1.5: High-Level Trends of Recent Campaigns Targeting Japan
MoqHao
2021-08-04FireEyeDoug Bienstock, Josh Madeley
Cloudy with a Chance of APTNovel Microsoft 365 Attacks in the Wild
2021-08-03CrowdStrikeEric Loui, Josh Reynolds, Michael DeCristofaro
Squashing SPIDERS: Threat Intelligence, Threat Hunting and Rapid Response Stops SQL Injection Campaign
2021-07-28ProofpointCrista Giering, Joshua Miller, Michael Raggi
I Knew You Were Trouble: TA456 Targets Defense Contractor with Alluring Social Media Persona
Liderc SysKit
2021-07-12ProofpointCrista Giering, Joshua Miller, Threat Research Team
Operation SpoofedScholars: A Conversation with TA453
2021-07-06Medium walmartglobaltechJason Reaves, Joshua Platt
TA505 adds GoLang crypter for delivering miners and ServHelper
ServHelper
2021-07-02Team CymruJoshua Picolet
Transparent Tribe APT Infrastructure Mapping Part 2: A Deeper Dive into the Identification of CrimsonRAT Infrastructure
Crimson RAT
2021-06-18CrowdStrikeHeather Smith, Josh Dalman
Ransomware Actors Evolved Their Operations in 2020
2021-06-10Twitter (@passthehashbrwn)Josh
Hiding your syscalls
2021-06-07Medium walmartglobaltechJason Reaves, Joshua Platt
Inside the SystemBC Malware-As-A-Service
Ryuk SystemBC TrickBot
2021-06-02CrowdStrikeHeather Smith, Josh Dalman
Under Attack: Protecting Against Conti, DarkSide, REvil and Other Ransomware
DarkSide Conti DarkSide REvil
2021-06-01CiscoJosh Pyorre
Backdoors, RATs, Loaders evasion techniques
BazarNimrod GoldMax Oblique RAT
2021-05-27VolexityDamien Cash, Josh Grunzweig, Matthew Meltzer, Sean Koessel, Steven Adair, Thomas Lancaster
Suspected APT29 Operation Launches Election Fraud Themed Phishing Campaigns
Cobalt Strike
2021-05-20CrowdStrikejoshua fraser
Response When Minutes Matter: When Good Tools Are Used for (R)Evil
REvil
2021-05-19Team CymruAndy Kraus, Josh Hopkins, Nick Byers
Tracking BokBot Infrastructure Mapping a Vast and Currently Active BokBot Network
IcedID