Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-05-25AhnLabAhnLab ASEC Analysis Team
Hangul malware distributed in real estate investment related emails (using EPS)
2020-05-24or10nlabsoR10n
Reverse Engineering the Mustang Panda PlugX Loader
PlugX
2020-05-24Palo Alto Networks Unit 42Ajaya Neupane, Stefan Achleitner
Using AI to Detect Malicious C2 Traffic
Emotet Sality
2020-05-24Positive TechnologiesPT ESC Threat Intelligence
Operation TA505: network infrastructure. Part 3.
AndroMut Buhtrap SmokeLoader
2020-05-24Nullteilerfrei BlogLars Wallenborn
Zloader String Obfuscation
Zloader
2020-05-24Malware and StuffAndreas Klopsch
Examining Smokeloader’s Anti Hooking technique
SmokeLoader
2020-05-23InfoSec Handlers Diary BlogXavier Mertens
AgentTesla Delivered via a Malicious PowerPoint Add-In
Agent Tesla
2020-05-23360 netlabJinye
New activity of DoubleGuns Group, control hundreds of thousands of bots via public cloud service
2020-05-23Australian Cyber Security CentreAustralian Cyber Security Centre (ACSC)
Summary of Tradecraft Trends for 2019-20: Tactics, Techniques and Procedures Used to Target Australian Networks
2020-05-22YoroiAntonio Pirozzi, Giacomo d'Onofrio, Luca Mella, Luigi Martire
Cyber-Criminal espionage Operation insists on Italian Manufacturing
Agent Tesla
2020-05-22Positive TechnologiesPT ESC Threat Intelligence
Operation TA505: investigating the ServHelper backdoor with NetSupport RAT. Part 2.
NetSupportManager RAT ServHelper
2020-05-22ESET ResearchLukáš Štefanko
Insidious Android malware gives up all malicious features but one to gain stealth
DEFENSOR ID
2020-05-22ThreatConnectThreatConnect Research Team
ThreatConnect Research Roundup: Possible APT33 Infrastructure
2020-05-22Antiy CERTAntiy CERT
Analysis of Ramsay components of Darkhotel's infiltration and isolation network
Ramsay DarkHotel
2020-05-21SophosSophosLabs Uncut
Asnarök attackers twice modified attack midstream
NOTROBIN Ragnarok
2020-05-21Intel 471Intel 471
A brief history of TA505
AndroMut Bart Dridex FlawedAmmyy FlawedGrace Gandcrab Get2 GlobeImposter Jaff Kegotip Locky Necurs Philadephia Ransom Pony QuantLoader Rockloader SDBbot ServHelper Shifu Snatch TrickBot
2020-05-21BrightTALK (FireEye)Jeremy Kennelly, Kimberly Goody
Navigating MAZE: Analysis of a Rising Ransomware Threat
Maze
2020-05-21PICUS SecuritySüleyman Özarslan
T1055 Process Injection
BlackEnergy Cardinal RAT Downdelph Emotet Kazuar RokRAT SOUNDBITE
2020-05-21MalwarebytesMalwarebytes Labs
Cybercrime tactics and techniques
Ave Maria Azorult DanaBot Loki Password Stealer (PWS) NetWire RC
2020-05-21BitdefenderBogdan Rusu, Liviu Arsene
Iranian Chafer APT Targeted Air Transportation and Government in Kuwait and Saudi Arabia
MimiKatz Remexi