Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-01-28Group-IBNikolay Kichatov, Pietro Albuquerque, Sharmine Low
Cat’s out of the bag: Lynx Ransomware-as-a-Service
Lynx
2025-01-28Hunt.ioHunt.io
SparkRAT: Server Detection, macOS Activity, and Malicious Connections
SparkRAT
2025-01-27SecurityScorecardSTRIKE Team
Operation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign
2025-01-26Youtube (greenplan)greenplan
[BINARY REFINERY] (Emmenhtal) - Deobfuscation stage JavaScript and PowerShell
Emmenhtal
2025-01-23Github (PaloAltoNetworks)Brad Duncan
Cluster of Infrastructure likely used by Affiliate of Dark Scorpius (Black Basta)
ReedBed
2025-01-23Hunt.ioHunt.io
Mapping Suspected KEYPLUG Infrastructure: TLS Certificates, GhostWolf, and RedGolf/APT41 Activity
KEYPLUG
2025-01-23AhnLabASEC
RID Hijacking Technique Utilized by Andariel Attack Group
CreateHiddenAccount JuicyPotato
2025-01-23ThreatMonAziz Kaplan, ThreatMon, ThreatMon Malware Research Team
Helldown Ransomware Malware Analysis Report
HellDown
2025-01-22VertexSavage
Categorizing Software with Code Families
WarmCookie
2025-01-21KrCertDongwook Kim, Seulgi Lee
Analysis of Attack Strategies Targeting Centralized Management Solutions
2025-01-21KnownsecKnownsec 404 Team
Love and hate under war: The GamaCopy organization, which imitates the Russian Gamaredon, uses military — related bait to launch attacks on Russia
GamaCopy
2025-01-21Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Twitter Thread describing spotting of ReedBed in a Storm-1811 campaign
ReedBed UNC4393
2025-01-21SeqriteSubhajeet Singha
Silent Lynx APT Targets Various Entities Across Kyrgyzstan & Neighbouring Nations
Unidentified PS 005 (Telegram Bot)
2025-01-20JPCERT/CCHayato Sasaki
APT actor classification “addiction” - Practical issues of attribution seen in Lazarus subgroup classification
2025-01-20Medium walmartglobaltechJason Reaves, Jonathan Mccay, Joshua Platt
Qbot is Back.Connect
ReedBed UNC4393
2025-01-19cocomelonccocomelonc
Malware development trick 44: Stealing data via legit GitHub API. Simple C example.
OceanLotus BitRAT RecordBreaker
2025-01-17Google Cloud SecurityOffice of the CISO
Threat Horizons - H1 2025 Threat Horizons Report
FAKEUPDATES Conti Hades LockBit Phoenix Locker RansomHub TRIPLESTRENGTH
2025-01-17Twitter (@Unit42_Intel)Unit 42
Tweet about affiliates of DarkScorpius using Social Engineering via MS Teams
UNC4393
2025-01-16MicrosoftMicrosoft Threat Intelligence
New Star Blizzard spear-phishing campaign targets WhatsApp accounts
2025-01-16eSentireeSentire Threat Response Unit (TRU)
MintsLoader: StealC and BOINC Delivery
MintsLoader Stealc