Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-03-22The Hacker NewsRavie Lakshmanan
Microsoft and Okta Confirm Breach by LAPSUS$ Extortion Group
RedLine Stealer
2022-03-21Github (trendmicro)Trend Micro Research
Python script to check a Cyclops Blink C&C
CyclopsBlink
2022-03-14Bleeping ComputerBill Toulas
Android malware Escobar steals your Google Authenticator MFA codes
Aberebot
2022-03-13Security AffairsPierluigi Paganini
The hidden C2: Lampion trojan release 212 is on the rise and using a C2 server for two years
lampion
2022-03-03LIFARSLIFARS
A Closer Look at the Russian Actors Targeting Organizations in Ukraine
HermeticWiper IsaacWiper Saint Bot WhisperGate
2022-03-01ProofpointMichael Raggi, Proofpoint Threat Research Team, Zydeca Cass
Asylum Ambuscade: State Actor Uses Compromised Private Ukrainian Military Emails to Target European Governments and Refugee Movement
SunSeed
2022-02-26Seguranca InformaticaPedro Tavares
The hidden C2: Lampion trojan release 212 is on the rise and using a C2 server for two years
lampion
2022-02-24nvisoMichel Coene
Threat Update – Ukraine & Russia conflict
EternalPetya GreyEnergy HermeticWiper Industroyer KillDisk WhisperGate
2022-02-17Twitter (@Honeymoon_IoC)Gi7w0rm
Tweets on win.prometei caught via Cowrie
Prometei
2022-02-14MorphisecArnold Osipov, Hido Cohen
Journey of a Crypto Scammer - NFT-001
AsyncRAT BitRAT Remcos
2022-02-09CiscoVanja Svajcer, Vitor Ventura
What’s with the shared VBA code between Transparent Tribe and other threat actors?
2022-02-08GuidePoint SecurityDrew Schmitt
Using Hindsight to Close a Cuba Cold Case
Cuba
2022-01-27BleepingComputerSergiu Gatlan
Taiwanese Apple and Tesla contractor hit by Conti ransomware
Conti
2022-01-25Palo Alto Networks Unit 42Yaron Samuel
Weaponization of Excel Add-Ins Part 1: Malicious XLL Files and Agent Tesla Case Studies
Agent Tesla
2022-01-24Trend MicroJunestherry Dela Cruz
Analysis and Impact of LockBit Ransomware’s First Linux and VMware ESXi Variant
LockBit LockBit
2022-01-24ProofpointProofpoint
DTPacker – a .NET Packer with a Curious Password
Agent Tesla TA2536
2022-01-18Trend MicroArianne Dela Cruz, Bren Matthew Ebriega, Don Ovid Ladores, Mary Yambao
New Ransomware Spotted: White Rabbit and Its Evasion Tactics
2022-01-17Trend MicroCedric Pernet, Daniel Lunghi, Gloria Chen, Jaromír Hořejší, Joseph Chen, Kenney Lu
Delving Deep: An Analysis of Earth Lusca’s Operations
BIOPASS Cobalt Strike FunnySwitch JuicyPotato ShadowPad Winnti Earth Lusca
2022-01-16forensicitguyTony Lambert
Analyzing a CACTUSTORCH HTA Leading to Cobalt Strike
CACTUSTORCH Cobalt Strike
2022-01-11Twitter (@cglyer)Christopher Glyer
Thread on DEV-0401, a china based ransomware operator exploiting VMware Horizon with log4shell and deploying NightSky ransomware
Cobalt Strike NightSky