Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-08-17VirusTotalAlexey Firsh, Vicente Diaz
Hunting Follina
2022-08-08Medium CSIS TechblogBenoît Ancel
An inside view of domain anonymization as-a-service — the BraZZZerSFF infrastructure
Riltok magecart Anubis Azorult BetaBot Buer CoalaBot CryptBot DiamondFox DreamBot GCleaner ISFB Loki Password Stealer (PWS) MedusaLocker MeguminTrojan Nemty PsiX RedLine Stealer SmokeLoader STOP TinyNuke Vidar Zloader
2022-08-04NetskopeGustavo Palazolo
Ousaban: LATAM Banking Malware Abusing Cloud Services
Ousaban
2022-08-03CyberScoopAJ Vicens
Environmental hacktivists publish 2 terabytes of mining company emails
Guacamaya
2022-08-03Palo Alto Networks Unit 42Brad Duncan
Flight of the Bumblebee: Email Lures and File Sharing Services Lead to Malware
BazarBackdoor BumbleBee Cobalt Strike Conti
2022-08-02ZscalerJagadeeswar Ramanukolanu, Sudeep Singh
Large-Scale AiTM Attack targeting enterprise users of Microsoft email services
2022-08-02ZscalerJagadeeswar Ramanukolanu, Sudeep Singh
Large-Scale AiTM Attack targeting enterprise users of Microsoft email services
2022-07-24Bleeping ComputerBill Toulas
QBot phishing uses Windows Calculator sideloading to infect devices
QakBot
2022-07-20FreebufQi Anxin Threat Intelligence Center
Abused Slack Service: Analysis of APT29's Attack on Italy
Unidentified 098 (APT29 Slack Downloader)
2022-07-19Cert-AgIDCert-AgID
Analysis and technical insights on the Coper malware used to attack mobile devices
Coper
2022-07-19Palo Alto Networks Unit 42Mike Harbison, Peter Renals
Russian APT29 Hackers Use Online Storage Services, DropBox and Google Drive
Cobalt Strike EnvyScout Gdrive
2022-07-19Palo Alto Networks Unit 42Mike Harbison, Peter Renals
Russian APT29 Hackers Use Online Storage Services, DropBox and Google Drive
Cobalt Strike EnvyScout Gdrive
2022-07-08Sekoiasekoia
Vice Society: a discreet but steady double extortion ransomware group
HelloKitty Zeppelin
2022-07-08SekoiaThreat & Detection Research Team
Vice Society: a discreet but steady double extortion ransomware group
HelloKitty
2022-07-08BluelivJose Miguel Esparza
Ransomware as a Service: Behind the Scenes
2022-07-07CybereasonLoïc Castel
THREAT ALERT: Raspberry Robin Worm Abuses Windows Installer and QNAP Devices
Raspberry Robin
2022-07-06Trend MicroBren Matthew Ebriega, Ivan Nicole Chavez, Joshua Paul Ignacio, Monte de Jesus, Nathaniel Morales
Brand-New HavanaCrypt Ransomware Poses as Google Software Update App, Uses Microsoft Hosting Service IP Address as C&C Server
HavanaCrypt
2022-07-06Trend MicroBren Matthew Ebriega, Ivan Nicole Chavez, Joshua Paul Ignacio, Monte de Jesus, Nathaniel Morales
Brand-New HavanaCrypt Ransomware Poses as Google Software Update App, Uses Microsoft Hosting Service IP Address as C&C Server
HavanaCrypt
2022-07-06Trend MicroBren Matthew Ebriega, Ivan Nicole Chavez, Joshua Paul Ignacio, Monte de Jesus, Nathaniel Morales
Brand-New HavanaCrypt Ransomware Poses as Google Software Update App, Uses Microsoft Hosting Service IP Address as C&C Server
HavanaCrypt
2022-07-06Trend MicroBren Matthew Ebriega, Ivan Nicole Chavez, Joshua Paul Ignacio, Monte de Jesus, Nathaniel Morales
Brand-New HavanaCrypt Ransomware Poses as Google Software Update App, Uses Microsoft Hosting Service IP Address as C&C Server
HavanaCrypt