Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-12-01CitizenLabBill Marczak, John Scott-Railton, Ron Deibert, Siddharth Prakash Rao, Siena Anstis
Running in Circles Uncovering the Clients of Cyberespionage Firm Circles
2020-11-27Marco Ramilli's BlogMarco Ramilli
Threat Actor: Unkown
Unidentified JS 004
2020-10-28Malwarebyteshasherezade, Hossein Jazi, Jérôme Segura, Marcelo Rivero
Fake COVID-19 survey hides ransomware in Canadian university attack
Vaggen
2020-10-22Sentinel LABSMarco Figueroa
An Inside Look at How Ryuk Evolved Its Encryption and Evasion Techniques
Ryuk
2020-09-25Github (sisoma2)Marc
Turla Carbon System
Cobra Carbon System
2020-07-16ESET ResearchMarc-Etienne M.Léveillé
Mac cryptocurrency trading application rebranded, bundled with malware
Gmera
2020-06-24Marco Ramilli's BlogMarco Ramilli
Is upatre downloader coming back ?
Upatre
2020-06-22m.alvar.esMarcos Alvares
Comparative analysis between Bindiff and Diaphora - Patched Smokeloader Study Case
SmokeLoader
2020-06-10m.alvar.esMarcos Alvares
Unpacking Smokeloader and Reconstructing PE Programatically using LIEF
SmokeLoader
2020-06-09CitizenLabAdam Hulcoop, Bahr Abdul Razzak, Bill Marczak, John Scott-Railton, Ron Deibert, Siena Anstis
Dark Basin Uncovering a Massive Hack-For-Hire Operation
Dark Basin
2020-04-02McAfeeAlexandre Mundo, Marc Rivero López
Nemty Ransomware – Learning by Doing
Nemty
2020-03-20BitdefenderLiviu Arsene
5 Times More Coronavirus-themed Malware Reports during March
ostap HawkEye Keylogger Koadic Loki Password Stealer (PWS) Nanocore RAT Remcos
2020-03-19YoroiMarco Ramilli
Is APT 27 Abusing COVID-19 To Attack People ?!
2020-02-19YoroiMarco Ramilli
Uncovering New Magecart Implant Attacking eCommerce
magecart
2020-02-02ESET ResearchIgnacio Sanmillan, Marc-Etienne M.Léveillé
TLP: WHITE A WILD KOBALOS APPEARSTricksy Linux malware goes after HPCs
Kobalos
2020-01-28CitizenLabBill Marczak, John Scott-Railton, Masashi Crete-Nishihata, Ron Deibert, Siena Anstis
Stopping the Press: New York Times Journalist Targeted by Saudi-linked Pegasus Spyware Operator
Chrysaor
2020-01-15Marco Ramilli's BlogMarco Ramilli
Iranian Threat Actors: Preliminary Analysis
POWERSTATS
2019-12-05Marco Ramilli's BlogMarco Ramilli
APT28 Attacks Evolution
APT28
2019-11-05McAfeeAlexandre Mundo, Marc Rivero López
Buran Ransomware; the Evolution of VegaLocker
VegaLocker
2019-11-04Marco Ramilli's BlogMarco Ramilli
Is Lazarus/APT38 Targeting Critical Infrastructures?
Dtrack