Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-03-02IntezerJoakim Kennedy
When Viruses Mutate: Did SunCrypt Ransomware Evolve from QNAPCrypt?
QNAPCrypt SunCrypt
2021-02-25JPCERT/CCKen Sajo
Emotet Disruption and Outreach to Affected Users
Emotet
2021-02-16SophosLabs UncutPeter Mackenzie, Tilly Travers
What to expect when you’ve been hit with Conti ransomware
Conti
2021-02-05Silent PushKen
Behavior Clustering just got easier using new characteristics.
2021-01-26SophosLabs UncutBill Kearney, David Anderson, Michael Heller, Peter Mackenzie, Sergio Bestulic
Nefilim Ransomware Attack Uses “Ghost” Credentials
Nefilim
2021-01-17Twitter (@AltShiftPrtScn)Peter Mackenzie
Tweet on Conti Ransomware group exploiting FortiGate VPNs to drop in CobaltStrike loaders
Cobalt Strike Conti
2021-01-04Cisco TalosAzim Khodjibaev, Dmytro Korzhevin, Kendall McKay
Interview with a LockBit ransomware operator
LockBit
2020-12-22PrevasioSergei Shevchenko
Sunburst Backdoor, Part III: DGA & Security Software (Broken Link)
SUNBURST
2020-12-21Silent PushKen
Investigating Crimeware Name Servers
2020-12-18Silent PushKen
High Value Malicious Domains.
2020-12-16RiskIQCory Kennedy, Jordan Herman, Mia Ihm
Skimming a Little Off the Top: Meyhod’s Skimming Methods Hit Hairloss Specialists
magecart
2020-12-15PrevasioSergei Shevchenko
Sunburst Backdoor: A Deeper Look Into The SolarWinds' Supply Chain Malware (Broken link)
SUNBURST
2020-12-09IntezerJoakim Kennedy
A Zebra in Gopher's Clothing: Russian APT Uses COVID-19 Lures to Deliver Zebrocy
Zebrocy
2020-12-08SophosAnand Aijan, Bill Kearney, Gabor Szappanos, Mark Loman, Peter Mackenzie, Sean Gallagher, Sergio Bestulic, Syed Shahram
Egregor ransomware: Maze’s heir apparent
Egregor Maze
2020-12-02RiskIQCorian Kennedy
Shadow Academy: Hiding in the shadows of Mabna Institute
Silent Librarian
2020-10-28SophosLabs UncutAnand Ajjan, Bill Kearny, Brett Cove, Elida Leite, Gabor Szappanos, Peter Mackenzie, Sean Gallagher, Syed Shahram
Hacks for sale: inside the Buer Loader malware-as-a-service
Buer Ryuk Zloader
2020-10-28FireEyeDouglas Bienstock, Jeremy Kennelly, Joshua Shilko, Kimberly Goody, Steve Elovitz
Unhappy Hour Special: KEGTAP and SINGLEMALT With a Ransomware Chaser
BazarBackdoor Cobalt Strike Ryuk UNC1878
2020-10-14Palo Alto Networks Unit 42Ken Hsu, Qi Deng, Vaibhav Singhal, Yue Guan
Two New IoT Vulnerabilities Identified with Mirai Payloads
Mirai
2020-10-06MalwarebytesHossein Jazi, Jérôme Segura
Release the Kraken: Fileless APT attack abuses Windows Error Reporting service
2020-09-29ProofpointProofpoint Threat Research Team
TA2552 Uses OAuth Access Token Phishing to Exploit Read-Only Risks
TA2552