Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-02-27ChannelLifeTom Ragnel
The increasing presence of pro-Russia hacktivists
Zarya
2023-02-020x0d4y0x0d4y
[Zero2Automated] Complete Custom Sample Challenge Analysis
CruLoader
2023-01-29Dark VortexParanoid Ninja
Hiding In PlainSight - Indirect Syscall is Dead! Long Live Custom Call Stacks
Brute Ratel C4
2023-01-24TrellixDaksh Kapur, John Fokker, Robert Venal, Tomer Shloman
Cyberattacks Targeting Ukraine Increase 20-fold at End of 2022 Fueled by Russia-linked Gamaredon Activity
Andromeda Formbook Houdini Remcos
2023-01-12Sentinel LABSAleksandar Milenkoski, Tom Hegel
NoName057(16) – The Pro-Russian Hacktivist Group Targeting NATO
Bobik Dosia NoName057(16)
2023-01-09TrendmicroFe Cureg, Hitomi Kimura, Ryan Maglaque, Trent Bessell
Gootkit Loader Actively Targets Australian Healthcare Industry
GootLoader GootKit
2023-01-01ThreatMonSeyit Sigirci (@h3xecute), ThreatMon Malware Research Team
The Anatomy of a Sidecopy Attack: From RAR Exploits to AllaKore RAT
AllaKore
2023-01-01ThreatMonSeyit Sigirci (@h3xecute), ThreatMon Malware Research Team
The Anatomy of a Sidecopy Attack: From RAR Exploits to AllaKore RAT
AllaKore
2022-12-22Recorded FutureInsikt Group
RedDelta Targets European Government Organizations and Continues to Iterate Custom PlugX Variant
PlugX RedDelta
2022-12-22Sentinel LABSAntonio Cocomazzi
Custom-Branded Ransomware: The Vice Society Group and the Threat of Outsourced Development
Curator PolyVice
2022-11-28MandiantGeoff Ackerman, John Wolfram, Ryan Tomcik, Tommy Dacanay
Always Another Secret: Lifting the Haze on China-nexus Espionage in Southeast Asia
BLUEHAZE DARKDEW MISTCLOAK UNC4191
2022-11-28MandiantGeoff Ackerman, John Wolfram, Ryan Tomcik, Tommy Dacanay
Always Another Secret: Lifting the Haze on China-nexus Espionage in Southeast Asia
BLUEHAZE DARKDEW MISTCLOAK UNC4191
2022-11-03Sentinel LABSAntonio Cocomazzi
Black Basta Ransomware | Attacks Deploy Custom EDR Evasion Tools Tied to FIN7 Threat Actor
Black Basta
2022-11-03SentinelOneSentinelLabs
Black Basta Ransomware | Attacks deploy Custom EDR Evasion Tools tied to FIN7 Threat Actor
Black Basta QakBot SocksBot
2022-09-26CrowdStrikeIoan Iacob, Iulian Madalin Ionita
The Anatomy of Wiper Malware, Part 3: Input/Output Controls
CaddyWiper DEADWOOD DistTrack DoubleZero DUSTMAN HermeticWiper IsaacWiper Meteor Petya Sierra(Alfa,Bravo, ...) StoneDrill WhisperGate ZeroCleare
2022-09-26CrowdStrikeIoan Iacob, Iulian Madalin Ionita
The Anatomy of Wiper Malware, Part 3: Input/Output Controls
CaddyWiper DEADWOOD DistTrack DoubleZero DUSTMAN HermeticWiper IsaacWiper Meteor Petya Sierra(Alfa,Bravo, ...) StoneDrill WhisperGate ZeroCleare
2022-09-22Seriously Risky BusinessTom Uren
Recent Cyber Chaos is a Structural Shift
Guacamaya
2022-09-22Sentinel LABSTom Hegel
Void Balaur | The Sprawling Infrastructure of a Careless Mercenary
Void Balaur
2022-09-15SentinelOneJim Walter
From the Front Lines | Slam! Anatomy of a Publicly-Available Ransomware Builder
Slam
2022-09-15JPCERT/CCShusei Tomonaga
F5 BIG-IP Vulnerability (CVE-2022-1388) Exploited by BlackTech
Hipid