Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-06-01MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
New sophisticated email-based attack from NOBELIUM
Cobalt Strike
2021-05-20MicrosoftMicrosoft 365 Defender Threat Intelligence Team
Phorpiex morphs: How a longstanding botnet persists and thrives in the current threat environment
Phorpiex
2021-05-18BlackberryBlackBerry Threat Research and Intelligence Team
Strong ARMing with MacOS: Adventures in Cross-Platform Emulation
2021-05-13BlackberryBlackBerry Threat Research and Intelligence Team
Threat Thursday: SombRAT — Always Leave Yourself a Backdoor
SombRAT
2021-05-06BlackberryBlackBerry Research and Intelligence team
Threat Thursday: Dr. REvil Ransomware Strikes Again, Employs Double Extortion Tactics
REvil
2021-04-22xorl %eax, %eaxAnastasios Pingios
A gentle introduction to building a threat intelligence team
2021-04-09MicrosoftEmily Hacker, Justin Carroll, Microsoft 365 Defender Threat Intelligence Team
Investigating a unique “form” of email delivery for IcedID malware
IcedID
2021-04-06MalwarebytesThreat Intelligence Team
A deep dive into Saint Bot, a new downloader
Saint Bot
2021-03-25MicrosoftMicrosoft 365 Defender Threat Intelligence Team
Analyzing attacks taking advantage of the Exchange Server vulnerabilities
CHINACHOPPER
2021-03-24MalwarebytesThreat Intelligence Team
Software renewal scammers unmasked
2021-03-04MicrosoftAndrea Lelli, Microsoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC), Ramin Nafisi
GoldMax, GoldFinder, and Sibot: Analyzing NOBELIUM’s layered persistence
SUNBURST TEARDROP UNC2452
2021-03-04WMC GlobalWMC Global Threat Intelligence Team
The Compact Campaign
2021-03-02MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft 365 Security, Microsoft Threat Intelligence Center (MSTIC)
HAFNIUM targeting Exchange Servers with 0-day exploits
CHINACHOPPER HAFNIUM
2021-02-12MalwarebytesThreat Intelligence Team
Malvertising campaign on PornHub and other top adult brands exposes users to tech support scams
2021-02-01MicrosoftMicrosoft 365 Defender Threat Intelligence Team
What tracking an attacker email infrastructure tells us about persistent cybercriminal operations
Dridex Emotet Makop Ransomware SmokeLoader TrickBot
2021-01-29MalwarebytesThreat Intelligence Team
Cleaning up after Emotet: the law enforcement file
Emotet
2021-01-28MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
ZINC attacks against security researchers
ComeBacker Klackring
2021-01-11CrowdStrikeCrowdStrike Intelligence Team
SUNSPOT: An Implant in the Build Process
SUNBURST
2021-01-08ReaqtaReaQta Threat Intelligence Team
Leonardo S.p.A. Data Breach Analysis
2020-12-11BlackberryBlackBerry Research and Intelligence team
MountLocker Ransomware-as-a-Service Offers Double Extortion Capabilities to Affiliates
Cobalt Strike Mount Locker