Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-12-23Sentinel LABSJames Haughom, Jim Walter, Marco Figueroa
SolarWinds | Understanding & Detecting the SUPERNOVA Webshell Trojan
SUPERNOVA BRONZE SPIRAL
2020-12-23Sentinel LABSJames Haughom, Jim Walter, Marco Figueroa
SolarWinds | Understanding & Detecting the SUPERNOVA Webshell Trojan
SUPERNOVA
2020-12-20CitizenLabBill Marczak, John Scott-Railton, Noura Al-Jizawi, Ron Deibert, Siena Anstis
The Great iPwn Journalists Hacked with Suspected NSO Group iMessage ‘Zero-Click’ Exploit
Chrysaor
2020-12-13FireEyeAlex Berry, Alex Pennino, Alyssa Rahman, Andrew Archer, Andrew Rector, Andrew Thompson, Barry Vengerik, Ben Read, Ben Withnell, Chris DiGiamo, Christopher Glyer, Dan Perez, Dileep Jallepalli, Doug Bienstock, Eric Scales, Evan Reese, Fred House, Glenn Edwards, Ian Ahl, Isif Ibrahima, Jay Smith, John Gorman, John Hultquist, Jon Leathery, Lennard Galang, Marcin Siedlarz, Matt Dunwoody, Matthew McWhirt, Michael Sikorski, Microsoft, Mike Burns, Nalani Fraiser, Nick Bennett, Nick Carr, Nick Hornick, Nick Richard, Nicole Oppenheim, Omer Baig, Ramin Nafisi, Sarah Jones, Scott Runnels, Stephen Eckels, Steve Miller, Steve Stone, William Ballenthin
Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor
SUNBURST SUPERNOVA TEARDROP UNC2452
2020-12-11Trend MicroMarc Lanzendorfer
Investigating the Gootkit Loader
GootKit
2020-12-07GoogleBernhard Grill, Borbala Benko, Cecilia M. Procopiuc, David Tao, Elie Bursztein, Fabian Kaczmarczyck, Jennifer Pullman, Luca Invernizzi
Spotlight: Malware Lead Generation at Scale
2020-12-01CitizenLabBill Marczak, John Scott-Railton, Ron Deibert, Siddharth Prakash Rao, Siena Anstis
Running in Circles Uncovering the Clients of Cyberespionage Firm Circles
2020-11-27Marco Ramilli's BlogMarco Ramilli
Threat Actor: Unkown
Unidentified JS 004
2020-10-28Malwarebyteshasherezade, Hossein Jazi, Jérôme Segura, Marcelo Rivero
Fake COVID-19 survey hides ransomware in Canadian university attack
Vaggen
2020-10-22Sentinel LABSMarco Figueroa
An Inside Look at How Ryuk Evolved Its Encryption and Evasion Techniques
Ryuk
2020-09-25Github (sisoma2)Marc
Turla Carbon System
Cobra Carbon System
2020-07-16ESET ResearchMarc-Etienne M.Léveillé
Mac cryptocurrency trading application rebranded, bundled with malware
Gmera
2020-06-24Marco Ramilli's BlogMarco Ramilli
Is upatre downloader coming back ?
Upatre
2020-06-22m.alvar.esMarcos Alvares
Comparative analysis between Bindiff and Diaphora - Patched Smokeloader Study Case
SmokeLoader
2020-06-10m.alvar.esMarcos Alvares
Unpacking Smokeloader and Reconstructing PE Programatically using LIEF
SmokeLoader
2020-06-09CitizenLabAdam Hulcoop, Bahr Abdul Razzak, Bill Marczak, John Scott-Railton, Ron Deibert, Siena Anstis
Dark Basin Uncovering a Massive Hack-For-Hire Operation
Dark Basin
2020-04-02McAfeeAlexandre Mundo, Marc Rivero López
Nemty Ransomware – Learning by Doing
Nemty
2020-03-20BitdefenderLiviu Arsene
5 Times More Coronavirus-themed Malware Reports during March
ostap HawkEye Keylogger Koadic Loki Password Stealer (PWS) Nanocore RAT Remcos
2020-03-19YoroiMarco Ramilli
Is APT 27 Abusing COVID-19 To Attack People ?!
2020-02-19YoroiMarco Ramilli
Uncovering New Magecart Implant Attacking eCommerce
magecart