Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-06-17SentinelOneMichael Myngerbayev
A Click from the Backyard | Analysis of CVE-2020-9332, a Vulnerable USB Redirection Software
2020-06-17Youtube (Red Canary)Red Canary
Threat Detection: Blue Mockingbird
2020-06-17Youtube (Red Canary)Adam Pennington, David Kaplan, Erika Noerenberg, Matt Graeber
ATT&CK® Deep Dive: Process Injection
ISFB Ramnit TrickBot
2020-06-17Twitter (@Timele9527)Timele12138
Tweet on MoriAgent uesd by MuddyWater (incl YARA rule)
MoriAgent
2020-06-17Kaspersky LabsKaspersky Lab ICS CERT
Targeted attacks on industrial companies using Snake ransomware
Snake
2020-06-17Der SpiegelPatrick Beuth
Die erste Cyberwaffe und ihre Folgen
Stuxnet
2020-06-17Nettitude LabsRob Bone
Detecting PoshC2 – Indicators of Compromise
PoshC2
2020-06-17CognizantCognizant
Notice of Data Breach
Maze
2020-06-17Twitter (@MsftSecIntel)Microsoft Security Intelligence
A tweet thread on TA505 using CAPTCHA to avoid detection and infecting victims with FlawedGrace
FlawedGrace
2020-06-17Twitter (@VK_intel)malwrhunterteam, Vitali Kremez
Tweet on signed Tinymet payload (V.02) used by TA505
TinyMet
2020-06-17Github (f0wl)Marius Genheimer
deICEr: A Go tool for extracting config from IcedID second stage Loaders
IcedID
2020-06-17paloalto Networks Unit 42Dominik Reichel, Esmid Idrizovic
AcidBox: Rare Malware Repurposing Turla Group Exploit Targeted Russian Organizations
AcidBox
2020-06-17ESET ResearchDominik Breitenbacher, Kaspars Osis
Operation In(ter)ception: Targeted Attacks against European Aerospace and Military Companies
Interception
2020-06-16HornetsecuritySecurity Lab
QakBot malspam leading to ProLock: Nothing personal just business
PwndLocker QakBot
2020-06-16New Zealand CERTNew Zealand CERT
Active ransomware campaign leveraging remote access technologies
Nefilim
2020-06-16TelekomThomas Barabosch
TA505 returns with a new bag of tricks
Clop Get2 SDBbot TA505
2020-06-16GraphikaBen Nimmo, C. Shawn Eib, Camille François, Chris Hernon, Lea Ronzaud, Rodrigo Ferreira, Tim Kostelancik
Secondary Infektion
2020-06-16MicrosoftMicrosoft Threat Protection Intelligence Team
Exploiting a crisis: How cybercriminals behaved during the outbreak
2020-06-16BleepingComputerSergiu Gatlan
Chipmaker MaxLinear reports data breach after Maze Ransomware attack
Maze
2020-06-16IBMIBM Security X-Force® Incident Responseand Intelligence Services (IRIS)
Cloud ThreatLandscape Report 2020
QNAPCrypt RokRAT