Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-03-27ElasticRemco Sprooten
REF2924: how to maintain persistence as an (advanced?) threat
Godzilla Webshell Behinder NAPLISTENER SiestaGraph REF2924
2023-03-20ElasticRemco Sprooten
NAPLISTENER: more bad dreams from developers of SIESTAGRAPH
NAPLISTENER SiestaGraph
2023-03-17ElasticCyril François, Daniel Stepanic
Thawing the permafrost of ICEDID Summary
IcedID PhotoLoader
2023-03-14SecuiSTIC
[Threat Analysis] CHM malware targeting North Korea-related corporations
2023-03-10MrtiepoloGianluca Tiepolo
Sophisticated APT29 Campaign Abuses Notion API to Target the European Commission
BEATDROP EnvyScout GraphicalNeutrino tDiscoverer VaporRage
2023-02-02YouTube (SLEUTHCON)Christopher Glyer, Microsoft Threat Intelligence Center (MSTIC)
Lions, Tigers, and Infostealers - Oh my!
RecordBreaker RedLine Stealer Vidar
2023-02-02ElasticAndrew Pease, Cyril François, Devon Kerr, Remco Sprooten, Salim Bitam, Seth Goodwin
Update to the REF2924 intrusion set and related campaigns
DoorMe ShadowPad SiestaGraph
2023-02-02ThreatMonThreatMon
DoNot Team (APT-C-35) Analysis of Latest Campaign: Sophisticated Excel Macro Attack Targeting Pakistan
2023-01-26US Department of JusticeU.S. Attorney's Office Western District of Washington
Alleged French cybercriminal to appear in Seattle on indictment for conspiracy, computer intrusion, wire fraud and aggravated identity theft
ShinyHunters
2023-01-05AttackIQFrancis Guibernau, Ken Towne
Emulating the Highly Sophisticated North Korean Adversary Lazarus Group
MagicRAT Tiger RAT
2022-12-16ElasticAndrew Pease, Daniel Stepanic, Devon Kerr, Salim Bitam, Samir Bousseaden, Seth Goodwin
SiestaGraph: New implant uncovered in ASEAN member foreign ministry
DoorMe SiestaGraph
2022-10-31ElasticAndrew Pease, Daniel Stepanic, Derek Ditch, Seth Goodwin
ICEDIDs network infrastructure is alive and well
IcedID
2022-10-28Elastic@rsprooten, Elastic Security Intelligence & Analytics Team
EMOTET dynamic config extraction
Emotet
2022-10-25MicrosoftMicrosoft Security Threat Intelligence
DEV-0832 (Vice Society) opportunistic ransomware campaigns impacting US education sector
BlackCat Mount Locker PortStarter Zeppelin Vanilla Tempest
2022-10-25U.S. Department of Justice
Newly Unsealed Indictment Charges Ukrainian National with International Cybercrime Operation
Raccoon
2022-10-10RiskIQMicrosoft Threat Intelligence Center (MSTIC)
DEV-0832 Leverages Commodity Tools in Opportunistic Ransomware Campaigns
BlackCat Mount Locker SystemBC Zeppelin
2022-09-15DuskRiseCluster25 Threat Intel Team
Erbium InfoStealer Enters the Scene: Characteristics and Origins
Erbium Stealer
2022-09-09ElasticSalim Bitam
BUGHATCH Malware Analysis
BUGHATCH
2022-08-25MicrosoftMicrosoft 365 Defender Research Team, Microsoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations
MimiKatz
2022-08-24ElasticCyril François
QBOT Malware Analysis
QakBot