Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-12-21Silent PushKen
Investigating Crimeware Name Servers
2020-12-18Silent PushKen
High Value Malicious Domains.
2020-12-16RiskIQCory Kennedy, Jordan Herman, Mia Ihm
Skimming a Little Off the Top: Meyhod’s Skimming Methods Hit Hairloss Specialists
magecart
2020-12-15PrevasioSergei Shevchenko
Sunburst Backdoor: A Deeper Look Into The SolarWinds' Supply Chain Malware (Broken link)
SUNBURST
2020-12-09IntezerJoakim Kennedy
A Zebra in Gopher's Clothing: Russian APT Uses COVID-19 Lures to Deliver Zebrocy
Zebrocy
2020-12-08SophosAnand Aijan, Bill Kearney, Gabor Szappanos, Mark Loman, Peter Mackenzie, Sean Gallagher, Sergio Bestulic, Syed Shahram
Egregor ransomware: Maze’s heir apparent
Egregor Maze
2020-12-02RiskIQCorian Kennedy
Shadow Academy: Hiding in the shadows of Mabna Institute
Silent Librarian
2020-10-28SophosLabs UncutAnand Ajjan, Bill Kearny, Brett Cove, Elida Leite, Gabor Szappanos, Peter Mackenzie, Sean Gallagher, Syed Shahram
Hacks for sale: inside the Buer Loader malware-as-a-service
Buer Ryuk Zloader
2020-10-28FireEyeDouglas Bienstock, Jeremy Kennelly, Joshua Shilko, Kimberly Goody, Steve Elovitz
Unhappy Hour Special: KEGTAP and SINGLEMALT With a Ransomware Chaser
BazarBackdoor Cobalt Strike Ryuk UNC1878
2020-10-14Palo Alto Networks Unit 42Ken Hsu, Qi Deng, Vaibhav Singhal, Yue Guan
Two New IoT Vulnerabilities Identified with Mirai Payloads
Mirai
2020-10-06MalwarebytesHossein Jazi, Jérôme Segura
Release the Kraken: Fileless APT attack abuses Windows Error Reporting service
2020-09-29ProofpointProofpoint Threat Research Team
TA2552 Uses OAuth Access Token Phishing to Exploit Read-Only Risks
TA2552
2020-09-22Heise SecurityOlivia von Westernhagen
Uniklinik Düsseldorf: Ransomware "DoppelPaymer" soll hinter dem Angriff stecken
DoppelPaymer
2020-09-17SophosLabs UncutAndrew Brandt, Peter Mackenzie
Maze attackers adopt Ragnar Locker virtual machine technique
Maze
2020-08-19RiskIQCory Kennedy, Jon Gross
RiskIQ Adventures in Cookie Land - Part 1
8.t Dropper Chinoxy
2020-08-10AnomaliJoakim Kennedy, Rory Gould
Anomali Threat Research Releases First Public Analysis of Smaug Ransomware as a Service
SMAUG
2020-07-20QuoIntelligence
Golden Chickens: Evolution Oof the MaaS
More_eggs TerraLoader TerraStealer VenomLNK
2020-07-15MandiantCorey Hildebrandt, Daniel Kapellmann Zafra, Keith Lunden, Ken Proska, Nathan Brubaker
Financially Motivated Actors Are Expanding Access Into OT: Analysis of Kill Lists That Include OT Processes Used With Seven Malware Families
Clop DoppelPaymer LockerGoga Maze MegaCortex Nefilim Snake
2020-07-11BleepingComputerLawrence Abrams
TrickBot malware mistakenly warns victims that they are infected
TrickBot
2020-06-24Twitter (@struppigel)Karsten Hahn
Tweet on DiscordTokenStealer