Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-04-25Trend MicroNick Dai, Sunny Lu
Earth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectors
KRNRAT Moriya Earth Kurma
2025-04-25HiSolutionsMaik Würth, Mateo Mrvelj, Nicolas Sprenger
Rolling in the Deep(Web): Lazarus Tsunami
tsunami
2025-04-25CensysCensys
The Persistent Threat of Salt Typhoon: Tracking Exposures of Potentially Targeted Devices
MASOL
2025-04-25Twitter (@teamcymru_S2)TEAM CYMRU S2 THREAT RESEARCH
Tweet on North Korean Cyber Ops Leveraging Russian Infrastructure
2025-04-24MandiantMandiant
M-Trends 2025 Report
Akira Black Basta LockBit SystemBC GootLoader LockBit WIREFIRE Akira Black Basta Cobalt Strike LockBit RansomHub SystemBC Pink Sandstorm
2025-04-24Positive TechnologiesPT Expert Security Center
Crypters And Tools. Part 2: Different Paws — Same Tangle
2025-04-240xreverseUtku Çorbacı
Understanding Alcatraz ~ Obfuscator Analysis [EN]
2025-04-24Silent PushSilent Push
Contagious Interview (DPRK) Launches a New Campaign Creating Three Front Companies to Deliver a Trio of Malware: BeaverTail, InvisibleFerret, and OtterCookie
BeaverTail OtterCookie FrostyFerret GolangGhost InvisibleFerret GolangGhost
2025-04-23MicrosoftMicrosoft Threat Intelligence
Understanding the threat landscape for Kubernetes and containerized assets
Storm-1977
2025-04-23Trend MicroFeike Hacquebord, Stephen Hilt
Russian Infrastructure Plays Crucial Role in North Korean Cybercrime Operations
BeaverTail FrostyFerret GolangGhost InvisibleFerret GolangGhost WageMole
2025-04-23Medium b.magnezi0xMrMagnezi
AsyncRAT Malware Analysis
AsyncRAT
2025-04-22FortinetXiaopeng Zhang
Infostealer Malware FormBook Spread via Phishing Campaign – Part I
Formbook
2025-04-22AhnLabASEC
Distribution of PebbleDash Malware in March 2025
AsyncRAT PEBBLEDASH
2025-04-22SentinelOneSentinelOne
What Is Fog Ransomware?
Fog
2025-04-22Kaspersky LabsAlexander Demidov, Georgy Kucherin, Igor Kuznetsov
Russian organizations targeted by backdoor masquerading as secure networking software updates
2025-04-22VolexityCharlie Gardner, Josh Duke, Matthew Meltzer, Sean Koessel, Steven Adair, Tom Lancaster
Phishing for Codes: Russian Threat Actors Target Microsoft 365 OAuth Workflows
UTA0352 UTA0355
2025-04-21TrellixMohideen Abdul Khader
Unmasking the Evolving Threat: A Deep Dive into the Latest Version of Lumma InfoStealer with Code Flow Obfuscation
Lumma Stealer
2025-04-21Twitter (@browsercookies)Cookie Connoisseur
Tweet on public Google Drive potentially connected to DPRK activity.
2025-04-17Trail of BitsTrail of Bits
Mitigating ELUSIVE COMET Zoom remote control attacks
ELUSIVE COMET
2025-04-17PorthasHassan Faraz, Mohamed Talaat
Breaking the B0 ransomware: Investigation & Decryption
B0