Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-01-30Bleeping ComputerLawrence Abrams
Backdoor found in two healthcare patient monitors, linked to IP in China
2025-01-30CISACISA
Contec CMS8000 Contains a Backdoor
CMS8000 Backdoor
2025-01-30Department of JusticeU.S. Attorney's Office Southern District of Texas
Cybercrime websites selling hacking tools to transnational organized crime groups seized
2025-01-30RevEng.AIRevEng.AI
One ClickFix and LummaStealer reCAPTCHA’s Our Attention - Part 1
Lumma Stealer
2025-01-30IntrinsecCTI Intrinsec
Telegram Stories: voice spoofers, tools and operating modes
2025-01-29SecurityScorecardSecurityScorecard STRIKE Team
Operation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign
BeaverTail InvisibleFerret
2025-01-29SocketKirill Boychenko, Peter van der Zee
North Korean APT Lazarus Targets Developers with Malicious npm Package
BeaverTail InvisibleFerret
2025-01-29GoogleConor Quigley, Luke Jenkins, Nino Isakovic
ScatterBrain: Unmasking the Shadow of PoisonPlug's Obfuscator
POISONPLUG ShadowPad SNAPPYBEE
2025-01-28Group-IBNikolay Kichatov, Pietro Albuquerque, Sharmine Low
Cat’s out of the bag: Lynx Ransomware-as-a-Service
Lynx
2025-01-28Twitter (@anyrun_app)ANY.RUN
Tweet on Linux version of SystemBC
SystemBC
2025-01-28Hunt.ioHunt.io
SparkRAT: Server Detection, macOS Activity, and Malicious Connections
SparkRAT
2025-01-27The DFIR ReportMittenSec, MyDFIR, r3nzsec
Cobalt Strike and a Pair of SOCKS Lead to LockBit Ransomware
GhostSocks LockBit SystemBC
2025-01-27SecurityScorecardSTRIKE Team
Operation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign
2025-01-27Youtube (MalwareAnalysisForHedgehogs)Karsten Hahn
Malware Analysis - Binary Refinery URL extraction of Multi-Layered PoshLoader for LummaStealer
Lumma Stealer
2025-01-25SophosAnthony Bradshaw, Colin Cowie, Daniel Souter, Hunter Neal, Mark Parsons, Sean Baird, Sean Gallagher
Sophos MDR tracks two ransomware campaigns using “email bombing,” Microsoft Teams “vishing”
ReedBed STAC5143 UNC4393
2025-01-24IntrinsecCTI Intrinsec
"Premium panel": phishing tool used in longstanding campaigns worldwide
2025-01-23Github (PaloAltoNetworks)Brad Duncan
Cluster of Infrastructure likely used by Affiliate of Dark Scorpius (Black Basta)
ReedBed
2025-01-23NetskopeLeandro Froes
Lumma Stealer: Fake CAPTCHAs & New Techniques to Evade Detection
Lumma Stealer
2025-01-23Hunt.ioHunt.io
Mapping Suspected KEYPLUG Infrastructure: TLS Certificates, GhostWolf, and RedGolf/APT41 Activity
KEYPLUG
2025-01-23AhnLabASEC
RID Hijacking Technique Utilized by Andariel Attack Group
CreateHiddenAccount JuicyPotato