Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2024-04-19YouTube (Decipher)Dan Black, Gabby Roncone, Lindsey O’Donnell-Welch
A Decade of Sandworm: Digging into APT44’s Past and Future With Mandiant
2024-04-17MandiantAlden Wahlstrom, Anton Prokopenkov, Dan Black, Dan Perez, Gabby Roncone, John Wolfram, Lexie Aytes, Luke Jenkins, Nick Simonian, Ryan Hall, Tyler McLellan
Unearthing APT44: Russia’s Notorious Cyber Sabotage Unit Sandworm
Sandworm
2024-04-16MandiantAlden Wahlstrom, Anton Prokopenkov, Dan Black, Dan Perez, Gabby Roncone, John Wolfram, Lexie Aytes, Nick Simonian, Ryan Hall, Tyler McLellan
APT44: Unearthing Sandworm
VPNFilter BlackEnergy CaddyWiper EternalPetya HermeticWiper Industroyer INDUSTROYER2 Olympic Destroyer PartyTicket RoarBAT Sandworm
2024-04-09Israel National Cyber DirectorateIsrael National Cyber Directorate
קבוצת התקיפה האיראנית Black Shadow
2024-04-09ClarotyTeam82
Unpacking the Blackjack Group's Fuxnet Malware
BlackJack
2024-03-22MandiantDan Black, Luke Jenkins
APT29 Uses WINELOADER to Target German Political Parties
WINELOADER
2024-02-27MandiantAshley Frazer, Ashley Pearson, Austin Larsen, Jacob Thompson, Matt Lin, Robert Wallace, Ryan Gandrud
Cutting Edge, Part 3: Investigating Ivanti Connect Secure VPN Exploitation and Persistence Attempts
BUSHWALK Kubo Injector PITFUEL PITHOOK PITSOCK
2024-02-13ProofpointAxel F, Selena Larson
Bumblebee Buzzes Back in Black
BumbleBee
2024-02-07LumenBlack Lotus Labs
KV-Botnet: Don’t call it a Comeback
KV
2024-01-29SonicWallSecurity News
Blackwood APT Group Has a New DLL Loader
NSPX30 Blackwood
2024-01-12MandiantDimiter Andonov, Gabby Roncone, John Wolfram, Matt Lin, Robert Wallace, Tyler McLellan
Cutting Edge: Suspected APT Targets Ivanti Connect Secure VPN in New Zero-Day Exploitation
UTA0178
2024-01-09Trend MicroArianne Dela Cruz, Charles Steven Derion, Francisrey Joshua Castillo, Henry Salcedo, Ian Kenefick, John Carlo Marquez, John Rainier Navato, Joshua Aquino, Juhn Emmanuel Atanque, Raymart Yambot, Shinji Robert Arasawa
Black Basta-Affiliated Water Curupira’s Pikabot Spam Campaign
Pikabot Water Curupira
2023-12-13LumenBlack Lotus Labs
Routers Roasting on an Open Firewall: the KV-botnet Investigation
KV
2023-12-11Cisco TalosAsheer Malhotra, Jungsoo An, Vitor Ventura
Operation Blacksmith: Lazarus targets organizations worldwide using novel Telegram-based malware written in DLang
BottomLoader DLRAT HazyLoad NineRAT
2023-12-08Security IntelligenceClaire Zaboeva, Golo Mühr, Joe Fasulo
ITG05 operations leverage Israel-Hamas conflict lures to deliver Headlace malware
Headlace
2023-11-30BlackberryBlackBerry Research & Intelligence Team, Dmitry Bestuzhev
AeroBlade on the Hunt Targeting the U.S. Aerospace Industry
AeroBlade
2023-11-20PWCSveva Vittoria Scenarelli
King of Thieves: Black Alicanto and the Ecosystem of North Korea-Based Cyber Operations
RustBucket CageyChameleon RustBucket
2023-11-16The RegisterConnor Jones
BlackCat plays with malvertising traps to lure corporate victims
BlackCat
2023-11-16YouTube (Swiss Cyber Storm)Angelo Violetti
Resilience Rising: Countering the Threat Actors Behind Black Basta Ransomware
Black Basta
2023-11-14LumenBlack Lotus Labs
Taking The Elevator Down To Ring 0
Elevator