Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-12-21FortinetPei Han Liao
Bandook - A Persistent Threat That Keeps Evolving
Bandook
2023-12-19SymantecSymantec Threat Hunter Team
Seedworm: Iranian Hackers Target Telecoms Orgs in North and East Africa
MuddyC2Go
2023-12-18Rewterz Information SecurityRewterz Information Security
Rewterz Threat Update – Microsoft Warns of Emerging Threat by Storm-0539 Behind Gift Card Frauds
Storm-0539 Storm-1152
2023-12-18SeqriteRumana Siddiqui
Decoding BATLOADER 2.X: Unmasking the Threat of Stealthy Malware Tactics
BATLOADER
2023-12-12MicrosoftMicrosoft Threat Intelligence
Threat actors misuse OAuth applications to automate financially driven attacks
Storm-1283 Storm-1286
2023-12-07MicrosoftMicrosoft Threat Intelligence
Star Blizzard increases sophistication and evasion in ongoing attacks
Callisto
2023-12-06splunkSplunk Threat Research Team
Unmasking the Enigma: A Historical Dive into the World of PlugX Malware
PlugX
2023-12-05PWCPwC Threat Intelligence
The Tortoise and The Malwahare
SnappyTCP
2023-12-05ProofpointCrista Giering, Greg Lesnewich, Proofpoint Threat Research Team
TA422’s Dedicated Exploitation Loop—the Same Week After Week
2023-12-02openhunting.ioopenhunting.io
Threat Hunting Malware Infrastructure
VBREVSHELL AsyncRAT
2023-12-01Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet about Storm-1044 and Storm-0216, Danabot leading to Cactus ransomware
Cactus DanaBot TA2101
2023-12-01Twitter (@MsftSecIntel)Microsoft Threat Intelligence
Tweet on Danabot leading to cactus ransomware
Cactus DanaBot Storm-1044
2023-11-30Twitter (@embee_research)Embee_research
Advanced Threat Intel Queries - Catching 83 Qakbot Servers with Regex, Censys and TLS Certificates
QakBot
2023-11-27Twitter (@embee_research)Embee_research
Building Threat Intel Queries Utilising Regex and TLS Certificates - (BianLian)
BianLian
2023-11-22MicrosoftMicrosoft Threat Intelligence
Diamond Sleet supply chain compromise distributes a modified CyberLink installer
LambLoad
2023-11-21Palo Alto Networks Unit 42Unit 42
Hacking Employers and Seeking Employment: Two Job-Related Campaigns Bear Hallmarks of North Korean Threat Actors
BeaverTail InvisibleFerret WageMole
2023-11-21adluminadlumin
PlayCrypt Ransomware-as-a-Service Expands Threat from Script Kiddies and Sophisticated Attackers
PLAY
2023-11-16YouTube (Swiss Cyber Storm)Angelo Violetti
Resilience Rising: Countering the Threat Actors Behind Black Basta Ransomware
Black Basta
2023-11-09MicrosoftMicrosoft Threat Intelligence
Microsoft shares threat intelligence at CYBERWARCON 2023
Blue Tsunami
2023-11-08Deep instinctDeep Instinct Threat Lab, Simon Kenin
MuddyC2Go – Latest C2 Framework Used by Iranian APT MuddyWater Spotted in Israel
PhonyC2 MuddyC2Go