Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-10-20Medium ThreatMinerThreatMiner
TM Follow-Up (TAG_APT35_14/10/21)
2021-10-12Twitter (@_CPResearch_)Check Point Research
Tweet of re-emergence phorpiex with a new "Twizt" module
Phorpiex
2021-09-28NetlabAlex.Turing, Hui Wang, YANG XU
Mirai_ptea_Rimasuta variant is exploiting a new RUIJIE router 0 day to spread
Mirai
2021-09-28Twitter (@Max_Mal_)Max Malyutin
Tweet on how to debug SquirrelWaffle
Squirrelwaffle
2021-09-14Twitter (@siri_urz)S!Ri
Tweet on ATOMSILO ransomware
ATOMSILO
2021-09-13Twitter (@GoSecure_Inc)GoSecure
Tweet on BlueStealer
BluStealer
2021-09-02Twitter (@th3_protoCOL)Colin, GaborSzappanos
Tweet on Confluence Server exploitation (CVE-2021-26084) in the wild and cobaltsrike activity (mentioned in replies by GaborSzappanos)
Cobalt Strike
2021-08-30Twitter (@Arkbird_SOLG)Arkbird
Tweet on MercurialGrabber
MercurialGrabber
2021-08-05Twitter (@VK_intel)Vitali Kremez
Tweet on Linux variant of BlackMatter
BlackMatter
2021-07-30Twitter (@Unit42_Intel)Unit 42
Tweet on BazarLoader infection leading to cobaltstrike and Powershell script file for PrintNightmare vulnerability
BazarBackdoor Cobalt Strike
2021-07-26Twitter (@alex_lanstein)Alex Lanstein
Tweet on BITTER group widely targeting diplomats in Yangon
2021-07-17Twitter (@_icebre4ker_)_icebre4ker_
Tweet: new version of Teabot targeting also Portugal banks
Anatsa
2021-07-16Twitter (@benkow_)Benoît Ancel
Tweet on DeepRAT
DeepRAT
2021-07-16Twitter (@alex_lanstein)Alex Lanstein
Tweet on attacks from UNC2652/NOBELIUM
2021-07-07Twitter (@resecurity_com)Resecurity
Tweet REvil attack chain used against Kaseya
REvil
2021-07-07Twitter (@C0rk1_H)hyabcd
Tweet on purplefox exploiting PrintNightmare (CVE-2021-34527) vulnerability in cryptocurrency mining campaign
PurpleFox
2021-07-06Twitter (@_alex_il_)Alex Ilgayev
Tweet on REvil ransomware actor using vulnerable defender executable in its infection flow in early may before Kaseya attack
REvil
2021-07-060ffset Blog0verfl0w_, Daniel Bunce
New TA402/MOLERATS Malware – Decrypting .NET Reactor Strings
SharpStage
2021-07-02Twitter (@VK_intel)Vitali Kremez
Tweet on Revil ransomware analysis used in Kaseya attack
REvil
2021-07-01360 netlabAlex.Turing, Chai Linyuan, houliuyang, Hui Wang, Jinye
Mirai_ptea Botnet is Exploiting Undisclosed KGUARD DVR Vulnerability
Mirai