Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-02-08Huntress LabsJoe Slowik, Matt Anderson
Investigating Intrusions From Intriguing Exploits
Silence
2023-02-08BroadcomThreat Hunter Team
Graphiron: New Russian Information Stealing Malware Deployed Against Ukraine
Graphiron SaintBear
2023-02-08Huntress LabsMichael Elford
AsyncRAT: Analysing the Three Stages of Execution
AsyncRAT
2023-02-03Huntress LabsChad Hudson
Ave Maria and the Chambers of Warzone RAT
Ave Maria
2023-01-05SymantecThreat Hunter Team
Bluebottle: Campaign Hits Banks in French-speaking Countries in Africa
CloudEyE Cobalt Strike MimiKatz NetWire RC POORTRY Quasar RAT BlueBottle
2022-12-13MandiantMandiant Intelligence
I Solemnly Swear My Driver Is Up to No Good: Hunting for Attestation Signed Malware
POORTRY
2022-11-29QianxinRed Raindrop Team
Job hunting trap: Analysis of Lazarus attack activities using recruitment information such as Mizuho Bank of Japan as bait
CageyChameleon Cur1Downloader
2022-11-23Stranded on Pylos BlogJoe Slowik
Detailing Daily Domain Hunting
2022-11-15SymantecThreat Hunter Team
Billbug: State-sponsored Actor Targets Cert Authority, Government Agencies in Multiple Asian Countries
Sagerunex LOTUS PANDA
2022-11-15SymantecThreat Hunter Team
Billbug: State-sponsored Actor Targets Cert Authority, Government Agencies in Multiple Asian Countries
Sagerunex
2022-10-24Youtube (Virus Bulletin)Axelle Apvrille
Hunting the AndroidBianLian botnet
BianLian
2022-10-21SymantecThreat Hunter Team
Exbyte: BlackByte Ransomware Attackers Deploy New Exfiltration Tool
ExByte
2022-10-18LogpointAnish Bogati, Nilaa Maharjan
Hunting Lockbit Variation
LockBit
2022-10-13MicrosoftMicrosoft Threat Hunting, MSRC Team
Hunting for Cobalt Strike: Mining and plotting for fun and profit
Cobalt Strike
2022-10-12Twitter (@embee_research)Embee_research, Huntress Labs
Tweets on detection of Brute Ratel via API Hashes
Brute Ratel C4
2022-10-11Twitter (@embee_research)Embee_research, Huntress Labs
Tweet on Havoc C2 - Static Detection Via Ntdll API Hashes
Havoc
2022-09-29SymantecThreat Hunter Team
Witchetty: Group Uses Updated Toolset in Attacks on Governments in Middle East
CHINACHOPPER Lookback MimiKatz PlugX Unidentified 096 (Keylogger) x4 Witchetty
2022-09-26Palo Alto Networks Unit 42Daniela Shalev, Itay Gamliel
Hunting for Unsigned DLLs to Find APTs
PlugX Raspberry Robin Roshtyak
2022-09-22BroadcomSymantec Threat Hunter Team
Noberus Ransomware: Darkside and BlackMatter Successor Continues to Evolve its Tactics
BlackCat BlackMatter DarkSide
2022-09-21MicrosoftMicrosoft Detection and Response Team (DART), Microsoft Security Experts
The art and science behind Microsoft threat hunting: Part 2