Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-02-08ESET ResearchESET Research
THREAT REPORT Q4 2020
TrickBot
2021-02-06Clairvoyance Security LabAdvanced threat research team
Mo Luoxiu (Confucius) organizes a new round of secret theft attacks on South Asian military enterprises
Ave Maria
2021-02-04HALAimad Berady, Gilles Guette, Mathieu Jaume, Valérie Viet Triem Tong
From TTP to IoC: Advanced Persistent Graphs forThreat Hunting
2021-02-03Mimecast, Nettitude
TA551/Shathak Threat Research
IcedID
2021-02-03Digital ShadowsStefano De Blasi
Emotet Disruption: what it means for the cyber threat landscape
Emotet
2021-02-03Sophos Managed Threat Response (MTR)Greg Iddon
MTR casebook: Uncovering a backdoor implant in a SolarWinds Orion server
RagnarLocker
2021-02-02ESET ResearchIgnacio Sanmillan, Marc-Etienne M.Léveillé
Kobalos – A complex Linux threat to high performance computing infrastructure
Kobalos
2021-02-01MicrosoftMicrosoft 365 Defender Threat Intelligence Team
What tracking an attacker email infrastructure tells us about persistent cybercriminal operations
Dridex Emotet Makop Ransomware SmokeLoader TrickBot
2021-01-29MalwarebytesThreat Intelligence Team
Cleaning up after Emotet: the law enforcement file
Emotet
2021-01-28MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
ZINC attacks against security researchers
ComeBacker Klackring
2021-01-26Medium cycrafttechnologyCyCraft Technology Corp
Threat Attribution — Chimera "Under the Radar"
2021-01-26360 Threat Intelligence CenterAdvanced Threat Institute
Shell Break-Lazarus (APT-C-26) organized targeted attacks against security researchers to reveal the secret
2021-01-26Anheng Threat Intelligence CenterHunting Shadow Lab
Undefeated, hackers use Visual Studio compiler features to target binary vulnerabilities security researcher
2021-01-24Medium nasbenchNasreddine Bencherchali
Common Tools & Techniques Used By Threat Actors and Malware — Part I
2021-01-22SymantecThreat Hunter Team
SolarWinds: How Sunburst Sends Data Back to the Attackers
SUNBURST
2021-01-21360 Threat Intelligence CenterAdvanced Threat Institute
Disclosure of Manling Flower Organization (APT-C-08) using Warzone RAT attack
Ave Maria
2021-01-20MicrosoftMicrosoft 365 Defender Research Team, Microsoft Cyber Defense Operations Center (CDOC), Microsoft Threat Intelligence Center (MSTIC)
Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop
Cobalt Strike SUNBURST TEARDROP
2021-01-18SymantecThreat Hunter Team
Raindrop: New Malware Discovered in SolarWinds Investigation
Cobalt Strike Raindrop SUNBURST TEARDROP
2021-01-15SymantecThreat Hunter Team
SolarWinds: Insights into Attacker Command and Control Process
SUNBURST
2021-01-14PTSecurityPT ESC Threat Intelligence
Higaisa or Winnti? APT41 backdoors, old and new
Cobalt Strike CROSSWALK FunnySwitch PlugX ShadowPad