Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-06-08Trend MicroDavid Sancho, Feike Hacquebord, Fernando Mercês, Ian Kenefick, Mayra Fuentes, Robert McArdle, Stephen Hilt, Vladimir Kropotov
Modern Ransomware’s Double Extortion Tactics and How to Protect Enterprises Against Them
Nefilim
2021-06-03TalosCaitlin Huey, Kendall McKay, Vanja Svajcer
Necro Python bot adds new exploits and Tezos mining to its bag of tricks
N3Cr0m0rPh
2021-05-18SophosGreg Iddon, John Shier, Mat Gangwer, Peter Mackenzie
The Active Adversary Playbook 2021
Cobalt Strike MimiKatz
2021-05-17DragosKent Backman
Investigating the Watering Hole Linked to the Oldsmar Water Treatment Facility Breach
Tofsee
2021-05-13TalosAsheer Malhotra, Justin Thattil, Kendall McKay
Transparent Tribe APT expands its Windows malware arsenal
Crimson RAT Oblique RAT
2021-05-12McAfeeMcAfee ATR
Technical Analysis of Access Token Theft and Manipulation
2021-05-11MandiantAlyssa Rahman, Andrew Moore, Brendan McKeague, Jared Wilson, Jeremy Kennelly, Jordan Nuce, Kimberly Goody, Matt Williams
Shining a Light on DARKSIDE Ransomware Operations
DarkSide DarkSide UNC2465
2021-05-11FireEyeAlyssa Rahman, Andrew Moore, Brendan McKeague, Jared Wilson, Jeremy Kennelly, Jordan Nuce, Kimberly Goody
Shining a Light on DARKSIDE Ransomware Operations
Cobalt Strike DarkSide
2021-05-11SophosFerenc László Nagy, Gabor Szappanos, Mark Loman, Peter Mackenzie, Sean Gallagher, Suriya Natarajan, Szabolcs Lévai, Yusuf Arslan Polat
A defender’s view inside a DarkSide ransomware attack
DarkSide
2021-05-06Sophos LabsBill Kearney, Kyle Link, Matthew Sharf, Peter Mackenzie, Tilly Travers
MTR in Real Time: Pirates pave way for Ryuk ransomware
Ryuk
2021-05-05SophosLabs UncutAndrew Brandt, Gabor Szappanos, Peter Mackenzie, Vikas Singh
Intervention halts a ProxyLogon-enabled attack
Cobalt Strike
2021-04-22Twitter (@AltShiftPrtScn)Peter Mackenzie
Twwet On TTPs seen in IR used by DOPPEL SPIDER
Cobalt Strike DoppelPaymer
2021-04-20ElasticWill Burgess
How attackers abuse Access Token Manipulation (ATT&CK T1134)
2021-04-20IntezerJoakim Kennedy
HabitsRAT Used to Target Linux and Windows Servers
HabitsRAT
2021-04-20IntezerJoakim Kennedy
HabitsRAT Used to Target Linux and Windows Servers
HabitsRAT
2021-04-15U.S. Department of StateAntony J. Blinken
Holding Russia To Account
2021-04-09Trend MicroDaniel Lunghi, Kenney Lu
Iron Tiger APT Updates Toolkit With Evolved SysUpdate Malware
HyperBro HyperSSL APT27
2021-04-08Palo Alto Networks Unit 42Ashutosh Chitwadgi, Ken Hsu, Vaibhav Singhal
Attackers Conducting Cryptojacking Operation Against U.S. Education Organizations
2021-04-01Medium mikko-kenttalaMikko Kenttälä
Zero click vulnerability in Apple’s macOS Mail
2021-03-10IntezerAvigayil Mechtinger, Joakim Kennedy
New Linux Backdoor RedXOR Likely Operated by Chinese Nation-State Actor
RedXOR XOR DDoS