Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-05-04MandiantBrandan Schondorfer, Jennifer Brito, Nader Zaveri, Tyler McLellan
Old Services, New Tricks: Cloud Metadata Abuse by UNC2903
WSO
2022-05-03CiscoJAIME FILSON, Kendall McKay, Paul Eubanks.
Conti and Hive ransomware operations: Leveraging victim chats for insights
Conti Hive
2022-05-02Cisco TalosJAIME FILSON, Kendall McKay, Paul Eubanks
Conti and Hive ransomware operations: Leveraging victim chats for insights
Cobalt Strike Conti Hive
2022-05-02MandiantChris Gardner, Doug Bienstock, Josh Madeley, Melissa Derr, Tyler McLellan
UNC3524: Eye Spy on Your Email
QUIETEXIT UNC3524
2022-04-29MandiantAnders Vejlby, John Wolfram, Nick Simonian, Sarah Hawley, Tyler McLellan
Trello From the Other Side: Tracking APT29 Phishing Campaigns
BEATDROP VaporRage
2022-04-28MandiantAnders Vejlby, John Wolfram, Nick Simonian, Sarah Hawley, Tyler McLellan
Trello From the Other Side: Tracking APT29 Phishing Campaigns
Cobalt Strike
2022-04-19Blake's R&Dbmcder02
Extracting Cobalt Strike from Windows Error Reporting
Cobalt Strike
2022-04-06FortinetXiaopeng Zhang
The Latest Remcos RAT Driven By Phishing Campaign
Remcos
2022-04-04MandiantBrendan McKeague, Bryce Abdo, Ioana Teaca, Zander Work
FIN7 Power Hour: Adversary Archaeology and the Evolution of FIN7
Griffon BABYMETAL Carbanak Cobalt Strike JSSLoader Termite
2022-04-01McAfeeOliver Devane, Vallabh Chole
Scammers are Exploiting Ukraine Donations
2022-03-30MorphisecHido Cohen
New Wave Of Remcos RAT Phishing Campaign
Remcos
2022-03-29Cisco TalosAsheer Malhotra, Justin Thattil, Kendall McKay
Transparent Tribe campaign uses new bespoke malware to target Indian government officials
Crimson RAT
2022-03-25DragosConor McLaren, Dragos
How Dragos Activity Groups Obtain Initial Access into Industrial Environments
MimiKatz
2022-03-10Twitter (@teamcymru_S2)Team Cymru
Tweet on Crimson RAT infrastructure used by APT36
Crimson RAT
2022-03-07ASECASEC
Distribution of Remcos RAT Disguised as Tax Invoice
Remcos
2022-02-28ASECASEC
Remcos RAT malware disseminated by pretending to be tax invoices
Remcos
2022-02-24MandiantEmiel Haeghebaert, Ryan Tomcik, Tufail Ahmed
Left On Read: Telegram Malware Spotted in Latest Iranian Cyber Espionage Activity
STARWHALE GRAMDOOR
2022-02-23MandiantJoshua Shilko, Shambavi Sadayappan, Tyler McLellan
(Ex)Change of Pace: UNC2596 Observed Leveraging Vulnerabilities to Deploy Cuba Ransomware
Cuba KillAV
2022-02-18SANS ISCXavier Mertens
Remcos RAT Delivered Through Double Compressed Archive
Remcos
2022-02-16Check Point ResearchAliaksandr Trafimchuk, Raman Ladutska
A Modern Ninja: Evasive Trickbot Attacks Customers of 60 High-Profile Companies
TrickBot